CC-3951: Password Reset: You can still reset password even after system email for Password Reset disabled
-fixed
This commit is contained in:
denise
parent
e6336044ed
commit
7d4851573f
1 changed files with 28 additions and 23 deletions
|
|
@ -14,7 +14,7 @@ class LoginController extends Zend_Controller_Action
|
||||||
|
|
||||||
if (Zend_Auth::getInstance()->hasIdentity())
|
if (Zend_Auth::getInstance()->hasIdentity())
|
||||||
{
|
{
|
||||||
$this->_redirect('Showbuilder');
|
$this->_redirect('Showbuilder');
|
||||||
}
|
}
|
||||||
|
|
||||||
//uses separate layout without a navigation.
|
//uses separate layout without a navigation.
|
||||||
|
|
@ -99,30 +99,35 @@ class LoginController extends Zend_Controller_Action
|
||||||
}
|
}
|
||||||
|
|
||||||
public function passwordRestoreAction()
|
public function passwordRestoreAction()
|
||||||
{
|
{
|
||||||
//uses separate layout without a navigation.
|
if (!Application_Model_Preference::GetEnableSystemEmail()) {
|
||||||
$this->_helper->layout->setLayout('login');
|
$this->_redirect('login');
|
||||||
|
|
||||||
$form = new Application_Form_PasswordRestore();
|
|
||||||
|
|
||||||
$request = $this->getRequest();
|
|
||||||
if ($request->isPost() && $form->isValid($request->getPost())) {
|
|
||||||
$user = CcSubjsQuery::create()
|
|
||||||
->filterByDbEmail($form->email->getValue())
|
|
||||||
->findOne();
|
|
||||||
|
|
||||||
if (!empty($user)) {
|
|
||||||
$auth = new Application_Model_Auth();
|
|
||||||
|
|
||||||
$auth->sendPasswordRestoreLink($user, $this->view);
|
|
||||||
$this->_helper->redirector('password-restore-after', 'login');
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
$form->email->addError($this->view->translate("Given email not found."));
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
else {
|
||||||
|
//uses separate layout without a navigation.
|
||||||
|
$this->_helper->layout->setLayout('login');
|
||||||
|
|
||||||
|
$form = new Application_Form_PasswordRestore();
|
||||||
|
|
||||||
$this->view->form = $form;
|
$request = $this->getRequest();
|
||||||
|
if ($request->isPost() && $form->isValid($request->getPost())) {
|
||||||
|
$user = CcSubjsQuery::create()
|
||||||
|
->filterByDbEmail($form->email->getValue())
|
||||||
|
->findOne();
|
||||||
|
|
||||||
|
if (!empty($user)) {
|
||||||
|
$auth = new Application_Model_Auth();
|
||||||
|
|
||||||
|
$auth->sendPasswordRestoreLink($user, $this->view);
|
||||||
|
$this->_helper->redirector('password-restore-after', 'login');
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
$form->email->addError($this->view->translate("Given email not found."));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
$this->view->form = $form;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
public function passwordRestoreAfterAction()
|
public function passwordRestoreAfterAction()
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue