From 3a4d58f6b9d866a54e0c45c5ecc91c8633ef1510 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Martin=20M=C3=BCller?= Date: Sun, 11 May 2014 15:17:15 +0200 Subject: [PATCH] password --- app/Config/routes.php | 2 + app/Controller/RegistrationController.php | 340 ++++++++++++--------- app/Locale/default.pot | 33 ++ app/Model/User.php | 34 +++ app/View/Emails/html/password_reset.ctp | 4 + app/View/Emails/text/password_reset.ctp | 4 + app/View/Registration/password_replace.ctp | 15 + app/View/Registration/password_reset.ctp | 14 + 8 files changed, 303 insertions(+), 143 deletions(-) create mode 100644 app/View/Emails/html/password_reset.ctp create mode 100644 app/View/Emails/text/password_reset.ctp create mode 100644 app/View/Registration/password_replace.ctp create mode 100644 app/View/Registration/password_reset.ctp diff --git a/app/Config/routes.php b/app/Config/routes.php index 9dff834..4f7d9a6 100755 --- a/app/Config/routes.php +++ b/app/Config/routes.php @@ -36,6 +36,8 @@ Router::connect('/company/registration', array('controller' => 'registration', 'action' => 'company')); //Router::connect('/registration', array('controller' => 'registration', 'action' => 'main')); Router::connect('/registration', array('controller' => 'registration', 'action' => 'worker')); + Router::connect('/password/reset', array('controller' => 'registration', 'action' => 'password_reset')); + Router::connect('/password/replace/:code', array('controller' => 'registration', 'action' => 'password_replace'),array("code" => ".+")); Router::connect('/registration/active/:code', array('controller' => 'registration', 'action' => 'active'),array("code" => ".+")); Router::connect('/profil', array('controller' => 'user', 'action' => 'profil')); diff --git a/app/Controller/RegistrationController.php b/app/Controller/RegistrationController.php index 7aee68c..35dd56c 100644 --- a/app/Controller/RegistrationController.php +++ b/app/Controller/RegistrationController.php @@ -4,150 +4,204 @@ App::uses('AppController', 'Controller'); class RegistrationController extends AppController { - /** - * This controller use User Model - * - * @var array - */ - public $componens = array('MiconwareSession'); - public $uses = array('Mannerofaddress','DreamjobListGraducation','DreamjobListBranch','DreamjobWorker','DreamjobCompany','User','DreamjobListCity'); - - - public function main() { - $this->MiconwareSession->init($this); - $this->MiconwareSession->initWeb($this); - if(!$this->MiconwareSession->isLoggedin()){ - $this->render('/Registration/main'); - }else{ - $this->set('error', 'dreamjob.error.loggedin'); - $this->render('/Home/error'); - } - } - - public function company() { - $this->MiconwareSession->init($this); - $this->MiconwareSession->initWeb($this); - if(!$this->MiconwareSession->isLoggedin()){ - $regResult = false; - if ($this->request->is('post')){ - if($this->request->data['DreamjobCompany']['agb']) { - unset($this->request->data['DreamjobCompany']['agb']); - if($this->request->data['User']['password1'] == $this->request->data['User']['password2']) { - $data = array(); - $data['User']['password'] = $this->MiconwareSession->create_hash($this->request->data['User']['password1']); - $data['User']['mail'] = $this->request->data['User']['mail']; - $data['DreamjobUser']['city_id'] = $this->request->data['DreamjobUser']['city_id']; - $data['DreamjobUser']['street'] = $this->request->data['DreamjobUser']['street']; - $data['DreamjobUser']['postcode'] = $this->request->data['DreamjobUser']['postcode']; - $data['AppUser']['nickname'] = $this->request->data['AppUser']['nickname']; - $data['AppUser']['take_systemwide'] = true; - - $data['DreamjobCompany']['corporateform'] = $this->request->data['DreamjobCompany']['corporateform']; - $data['DreamjobCompany']['owner'] = $this->request->data['DreamjobCompany']['owner']; - $data['DreamjobCompany']['branch_id'] = $this->request->data['DreamjobCompany']['branch_id']; - $data['DreamjobCompany']['headcount'] = $this->request->data['DreamjobCompany']['headcount']; - $data['DreamjobCompany']['bank_details'] = ''; - //$data['DreamjobCompany']['bank_details'] = $this->request->data['DreamjobCompany']['bank_details']; - $data['DreamjobCompany']['website'] = $this->request->data['DreamjobCompany']['website']; - $key = $this->MiconwareSession->generateKey(); - $data['User']['code'] = "a:".$key; - $data['User']['is_active'] = false; - - $result = $this->DreamjobCompany->registration($data); - if ($result) { - $regResult = true; - $this->MiconwareSession->setFlash(__('dreamjob.registration.done'),'flash',array('alert'=>'success')); - }else{ - $this->MiconwareSession->setFlash(__('dreamjob.registration.error'),'flash',array('alert'=>'danger')); - } - }else if($this->request->data['User']['password1']!='' or $this->request->data['User']['password2']!=''){ - $this->MiconwareSession->setFlash(__('dreamjob.error.password.notEqual'),'flash',array('alert'=>'danger')); - } - }else{ - $this->MiconwareSession->setFlash(__('dreamjob.agb.error.notAccept'),'flash',array('alert'=>'danger')); - } - }else - if(empty($this->request->data['DreamjobCompany']['website'])) - $this->request->data['DreamjobCompany']['website'] ='http://'; - $this->set('result',$regResult); - $this->set('cities',$this->DreamjobListCity->find('list')); - $this->set('branches',$this->DreamjobListBranch->find('list')); - $this->render('/Registration/company'); - }else{ - $this->set('error', 'dreamjob.error.loggedin'); - $this->render('/Home/error'); - } - } - - public function worker() { - $this->MiconwareSession->init($this); - $this->MiconwareSession->initWeb($this); - if(!$this->MiconwareSession->isLoggedin()){ - $regResult = false; - if ($this->request->is('post')){ - if($this->request->data['DreamjobWorker']['agb']) { - unset($this->request->data['DreamjobWorker']['agb']); - if($this->request->data['User']['password1'] == $this->request->data['User']['password2']) { - $data = array(); - $data['User']['password'] = $this->MiconwareSession->create_hash($this->request->data['User']['password1']); - $data['User']['mail'] = $this->request->data['User']['mail']; - $data['DreamjobUser']['city_id'] = $this->request->data['DreamjobUser']['city_id']; - $data['DreamjobUser']['street'] = $this->request->data['DreamjobUser']['street']; - $data['DreamjobUser']['postcode'] = $this->request->data['DreamjobUser']['postcode']; - $data['AppUser']['bday'] = $this->request->data['AppUser']['bday']; - $data['AppUser']['first_name'] = $this->request->data['AppUser']['first_name']; - $data['AppUser']['last_name'] = $this->request->data['AppUser']['last_name']; - $data['AppUser']['take_systemwide'] = true; + /** + * This controller use User Model + * + * @var array + */ + public $componens = array('MiconwareSession'); + public $uses = array('Mannerofaddress', 'DreamjobListGraducation', 'DreamjobListBranch', 'DreamjobWorker', 'DreamjobCompany', 'User', 'DreamjobListCity'); - //WORKER - $data['AppUser']['mannerofaddress_id'] = $this->request->data['AppUser']['mannerofaddress_id']; - $data['DreamjobWorker']['country'] = $this->request->data['DreamjobWorker']['country']; - $data['DreamjobWorker']['iam'] = $this->request->data['DreamjobWorker']['iam']; - $data['DreamjobWorker']['graducation_id'] = $this->request->data['DreamjobWorker']['graducation_id']; - $data['DreamjobWorker']['searchhidden'] = true; - $data['DreamjobWorker']['workexperience'] = $this->request->data['DreamjobWorker']['workexperience']; - - $key = $this->MiconwareSession->generateKey(); - $data['User']['code'] = "a:".$key; - $data['User']['is_active'] = false; - - $result = $this->DreamjobWorker->registration($data); - - if ($result) { - $regResult = true; - $this->MiconwareSession->setFlash(__('dreamjob.registration.done'),'flash',array('alert'=>'success')); - }else{ - $this->MiconwareSession->setFlash(__('dreamjob.registration.error'),'flash',array('alert'=>'danger')); - } - }else if($this->request->data['User']['password1']!='' or $this->request->data['User']['password2']!=''){ - $this->MiconwareSession->setFlash(__('dreamjob.error.password.notEqual'),'flash',array('alert'=>'danger')); - } - }else{ - $this->MiconwareSession->setFlash(__('dreamjob.agb.error.notAccept'),'flash',array('alert'=>'danger')); - } - } - $this->set('result',$regResult); - $this->set('cities',$this->DreamjobListCity->find('list')); - $this->set('mannerofaddresses',$this->Mannerofaddress->find('list')); - $this->set('graducations',$this->DreamjobListGraducation->find('list')); - $this->render('/Registration/worker'); - }else{ - $this->set('error', 'dreamjob.error.loggedin'); - $this->render('/Home/error'); - } - } - public function active(){ - $this->MiconwareSession->init($this); - $this->MiconwareSession->initWeb($this); - if(!$this->MiconwareSession->isLoggedin() and !empty($this->request->params['code']) and !empty($this->request->query['mail']) ){ - $result = $this->User->activeLinkUser($this->request->query['mail'],$this->request->params['code']); - $this->set("result",$result); - $this->render('/Registration/active'); - }else{ - $this->set('error', 'dreamjob.error.loggedin'); - $this->render('/Home/error'); - } - } + public function main() { + $this->MiconwareSession->init($this); + $this->MiconwareSession->initWeb($this); + if (!$this->MiconwareSession->isLoggedin()) { + $this->render('/Registration/main'); + } else { + $this->set('error', 'dreamjob.error.loggedin'); + $this->render('/Home/error'); + } + } + + public function company() { + $this->MiconwareSession->init($this); + $this->MiconwareSession->initWeb($this); + if (!$this->MiconwareSession->isLoggedin()) { + $regResult = false; + if ($this->request->is('post')) { + if ($this->request->data['DreamjobCompany']['agb']) { + unset($this->request->data['DreamjobCompany']['agb']); + if ($this->request->data['User']['password1'] == $this->request->data['User']['password2']) { + $data = array(); + $data['User']['password'] = $this->MiconwareSession->create_hash($this->request->data['User']['password1']); + $data['User']['mail'] = $this->request->data['User']['mail']; + $data['DreamjobUser']['city_id'] = $this->request->data['DreamjobUser']['city_id']; + $data['DreamjobUser']['street'] = $this->request->data['DreamjobUser']['street']; + $data['DreamjobUser']['postcode'] = $this->request->data['DreamjobUser']['postcode']; + $data['AppUser']['nickname'] = $this->request->data['AppUser']['nickname']; + $data['AppUser']['take_systemwide'] = true; + + $data['DreamjobCompany']['corporateform'] = $this->request->data['DreamjobCompany']['corporateform']; + $data['DreamjobCompany']['owner'] = $this->request->data['DreamjobCompany']['owner']; + $data['DreamjobCompany']['branch_id'] = $this->request->data['DreamjobCompany']['branch_id']; + $data['DreamjobCompany']['headcount'] = $this->request->data['DreamjobCompany']['headcount']; + $data['DreamjobCompany']['bank_details'] = ''; + //$data['DreamjobCompany']['bank_details'] = $this->request->data['DreamjobCompany']['bank_details']; + $data['DreamjobCompany']['website'] = $this->request->data['DreamjobCompany']['website']; + $key = $this->MiconwareSession->generateKey(); + $data['User']['code'] = "a:" . $key; + $data['User']['is_active'] = false; + + $result = $this->DreamjobCompany->registration($data); + if ($result) { + $regResult = true; + $this->MiconwareSession->setFlash(__('dreamjob.registration.done'), 'flash', array('alert' => 'success')); + } else { + $this->MiconwareSession->setFlash(__('dreamjob.registration.error'), 'flash', array('alert' => 'danger')); + } + } else if ($this->request->data['User']['password1'] != '' or $this->request->data['User']['password2'] != '') { + $this->MiconwareSession->setFlash(__('dreamjob.error.password.notEqual'), 'flash', array('alert' => 'danger')); + } + } else { + $this->MiconwareSession->setFlash(__('dreamjob.agb.error.notAccept'), 'flash', array('alert' => 'danger')); + } + } else + if (empty($this->request->data['DreamjobCompany']['website'])) + $this->request->data['DreamjobCompany']['website'] = 'http://'; + $this->set('result', $regResult); + $this->set('cities', $this->DreamjobListCity->find('list')); + $this->set('branches', $this->DreamjobListBranch->find('list')); + $this->render('/Registration/company'); + }else { + $this->set('error', 'dreamjob.error.loggedin'); + $this->render('/Home/error'); + } + } + + public function worker() { + $this->MiconwareSession->init($this); + $this->MiconwareSession->initWeb($this); + if (!$this->MiconwareSession->isLoggedin()) { + $regResult = false; + if ($this->request->is('post')) { + if ($this->request->data['DreamjobWorker']['agb']) { + unset($this->request->data['DreamjobWorker']['agb']); + if ($this->request->data['User']['password1'] == $this->request->data['User']['password2']) { + $data = array(); + $data['User']['password'] = $this->MiconwareSession->create_hash($this->request->data['User']['password1']); + $data['User']['mail'] = $this->request->data['User']['mail']; + $data['DreamjobUser']['city_id'] = $this->request->data['DreamjobUser']['city_id']; + $data['DreamjobUser']['street'] = $this->request->data['DreamjobUser']['street']; + $data['DreamjobUser']['postcode'] = $this->request->data['DreamjobUser']['postcode']; + $data['AppUser']['bday'] = $this->request->data['AppUser']['bday']; + $data['AppUser']['first_name'] = $this->request->data['AppUser']['first_name']; + $data['AppUser']['last_name'] = $this->request->data['AppUser']['last_name']; + $data['AppUser']['take_systemwide'] = true; + + //WORKER + $data['AppUser']['mannerofaddress_id'] = $this->request->data['AppUser']['mannerofaddress_id']; + $data['DreamjobWorker']['country'] = $this->request->data['DreamjobWorker']['country']; + $data['DreamjobWorker']['iam'] = $this->request->data['DreamjobWorker']['iam']; + $data['DreamjobWorker']['graducation_id'] = $this->request->data['DreamjobWorker']['graducation_id']; + $data['DreamjobWorker']['searchhidden'] = true; + $data['DreamjobWorker']['workexperience'] = $this->request->data['DreamjobWorker']['workexperience']; + + $key = $this->MiconwareSession->generateKey(); + $data['User']['code'] = "a:" . $key; + $data['User']['is_active'] = false; + + $result = $this->DreamjobWorker->registration($data); + + if ($result) { + $regResult = true; + $this->MiconwareSession->setFlash(__('dreamjob.registration.done'), 'flash', array('alert' => 'success')); + } else { + $this->MiconwareSession->setFlash(__('dreamjob.registration.error'), 'flash', array('alert' => 'danger')); + } + } else if ($this->request->data['User']['password1'] != '' or $this->request->data['User']['password2'] != '') { + $this->MiconwareSession->setFlash(__('dreamjob.error.password.notEqual'), 'flash', array('alert' => 'danger')); + } + } else { + $this->MiconwareSession->setFlash(__('dreamjob.agb.error.notAccept'), 'flash', array('alert' => 'danger')); + } + } + $this->set('result', $regResult); + $this->set('cities', $this->DreamjobListCity->find('list')); + $this->set('mannerofaddresses', $this->Mannerofaddress->find('list')); + $this->set('graducations', $this->DreamjobListGraducation->find('list')); + $this->render('/Registration/worker'); + } else { + $this->set('error', 'dreamjob.error.loggedin'); + $this->render('/Home/error'); + } + } + + public function active() { + $this->MiconwareSession->init($this); + $this->MiconwareSession->initWeb($this); + if (!$this->MiconwareSession->isLoggedin() and ! empty($this->request->params['code']) and ! empty($this->request->query['mail'])) { + $result = $this->User->activeLinkUser($this->request->query['mail'], $this->request->params['code']); + $this->set("result", $result); + $this->render('/Registration/active'); + } else { + $this->set('error', 'dreamjob.error.loggedin'); + $this->render('/Home/error'); + } + } + + public function password_reset() { + $this->MiconwareSession->init($this); + $this->MiconwareSession->initWeb($this); + if (!$this->MiconwareSession->isLoggedin()) { + if ($this->request->is('post')) { + $key = $this->MiconwareSession->generateKey(); + $profil['User']['mail'] = $this->request->data['User']['mail']; + $profil['User']['code'] = "f:" . $key; + $result = $this->User->sendPasswortReset($profil); + + if ($result) { + $this->MiconwareSession->setFlash(__('dreamjob.password_reset.send'), 'flash', array('alert' => 'success')); + } else { + $this->MiconwareSession->setFlash(__('dreamjob.password_reset.send.error'), 'flash', array('alert' => 'danger')); + } + } + $this->render('/Registration/password_reset'); + } else { + $this->set('error', 'dreamjob.error.loggedin'); + $this->render('/Home/error'); + } + } + + public function password_replace() { + $this->MiconwareSession->init($this); + $this->MiconwareSession->initWeb($this); + if (!$this->MiconwareSession->isLoggedin() and ! empty($this->request->params['code']) and ! empty($this->request->query['mail'])) { + $send = false; + $try = $this->User->find('first',array('conditions'=>array('User.code LIKE'=>'_:'.$this->request->params['code'],'User.mail'=>$this->request->query['mail']))); + if (count($try)<2) { + $this->MiconwareSession->setFlash(__('dreamjob.password_replace.notFound'), 'flash', array('alert' => 'danger')); + $send = true; + } + if (!$send and $this->request->is('post')) { + if ($this->request->data['User']['password1'] == $this->request->data['User']['password2']) { + $profil['User']['password'] = $this->MiconwareSession->create_hash($this->request->data['User']['password1']); + $this->User->id=$try['User']['id']; + $result = $this->User->saveField('password',$profil['User']['password']); + if ($result) { + $this->MiconwareSession->setFlash(__('dreamjob.password_replace.done'), 'flash', array('alert' => 'success')); + } else { + $this->MiconwareSession->setFlash(__('dreamjob.password_replace.error'), 'flash', array('alert' => 'danger')); + } + }else + $this->MiconwareSession->setFlash(__('dreamjob.error.password.notEqual'), 'flash', array('alert' => 'danger')); + } + $this->render('/Registration/password_replace'); + } else { + $this->set('error', 'dreamjob.error.link'); + $this->render('/Home/error'); + } + } } + ?> diff --git a/app/Locale/default.pot b/app/Locale/default.pot index 01dfdc9..8f1065d 100644 --- a/app/Locale/default.pot +++ b/app/Locale/default.pot @@ -1142,6 +1142,32 @@ msgstr "" +msgid "dreamjob.password.reset" +msgstr "" + +msgid "dreamjob.password.replace" +msgstr "" + +msgid "dreamjob.password.send" +msgstr "" + +msgid "dreamjob.password_reset.send" +msgstr "" + +msgid "dreamjob.password_reset.send.error" +msgstr "" + +msgid "dreamjob.password_replace.error" +msgstr "" + +msgid "dreamjob.password_replace.done" +msgstr "" + +msgid "dreamjob.password_replace.notFound" +msgstr "" + + + # # Generierte Fehlermeldungen eigenarbeit! @@ -1182,3 +1208,10 @@ msgstr "" msgid "dreamjob.error.opening.notFound.text" msgstr "" +# - +msgid "dreamjob.error.link.title" +msgstr "" + +msgid "dreamjob.error.link.text" +msgstr "" + diff --git a/app/Model/User.php b/app/Model/User.php index 4850be8..041e083 100755 --- a/app/Model/User.php +++ b/app/Model/User.php @@ -1,5 +1,6 @@ template('delete_order'); $key = substr($data['User']['code'],2); $Email->viewVars(array('data'=>$data,'key'=>$key)); + return $Email->send(); + } + public static function sendPasswortResetMail($data){ + $Email = new CakeEmail('dreamjobMain'); + $Email->to($data['User']['mail']); + $Email->subject('Welcome to our really cool thing'); + $Email->template('password_reset'); + $key = substr($data['User']['code'],2); + $Email->viewVars(array('data'=>$data,'key'=>$key)); return $Email->send(); } public function sendDelete($data){ @@ -60,6 +70,27 @@ class User extends AppModel { } return false; } + public function sendPasswortReset($data){ + $dataSource = $this->getDataSource(); + $dataSource->begin(); + $result = $this->findByMail($data['User']['mail']); + if($result) + $this->id = $result['User']['id']; + if($result) + $result = $this->saveField('code',$data['User']['code']); + if($result) + $result = $this->saveField('is_active',false); + if($result) + $result=self::sendPasswortResetMail($data); + + if($result) { + $dataSource->commit(); + return true; + } else { + $dataSource->rollback(); + } + return false; + } public function activeLinkUser($mail,$key){ $dataSource = $this->getDataSource(); @@ -192,6 +223,9 @@ class User extends AppModel { //'on' => 'create', // Limit validation to 'create' or 'update' operations ), ), + /* + * Legend: a=aktivierungscode, d=deaktivier zur Löschund, f=password vergessen + */ 'code' => array( 'notEmpty' => array( 'rule' => array('notEmpty'), diff --git a/app/View/Emails/html/password_reset.ctp b/app/View/Emails/html/password_reset.ctp new file mode 100644 index 0000000..2333a5d --- /dev/null +++ b/app/View/Emails/html/password_reset.ctp @@ -0,0 +1,4 @@ +Html->link(__('dreamjob.password.reset.link'),array('controller' => 'registration', 'action' => 'password_replace','code'=>$key, + '?'=>array('mail'=>$data['User']['mail']),'full_base' => true) ); +?> diff --git a/app/View/Emails/text/password_reset.ctp b/app/View/Emails/text/password_reset.ctp new file mode 100644 index 0000000..41f88d0 --- /dev/null +++ b/app/View/Emails/text/password_reset.ctp @@ -0,0 +1,4 @@ +Html->url(array('controller'=>'registration','action'=>'password_replace','code'=>$key, + '?'=>array('mail'=>$data['User']['mail'])),true); +?> diff --git a/app/View/Registration/password_replace.ctp b/app/View/Registration/password_replace.ctp new file mode 100644 index 0000000..ea2572b --- /dev/null +++ b/app/View/Registration/password_replace.ctp @@ -0,0 +1,15 @@ + +
+

+ Form->create(false,$default_Form); + echo $this->Form->input('User.password1',array('label'=>array('text'=>__("dreamjob.password"),"class"=>$default_Form['inputDefaults']['label']['class']),'type'=>'password')); + echo $this->Form->input('User.password2',array('label'=>array('text'=>__("dreamjob.password2"),"class"=>$default_Form['inputDefaults']['label']['class']),'type'=>'password')); + ?> +
+ Form->button(__('dreamjob.save'),array('div' => false,'class'=>"btn btn-primary ",'type' => 'submit'));?> +
+ Form->end(); ?> +
\ No newline at end of file diff --git a/app/View/Registration/password_reset.ctp b/app/View/Registration/password_reset.ctp new file mode 100644 index 0000000..dfa00a6 --- /dev/null +++ b/app/View/Registration/password_reset.ctp @@ -0,0 +1,14 @@ + +
+

+ Form->create(false,$default_Form); + echo $this->Form->input('User.mail',array('label'=>array('text'=>__("dreamjob.mail"),"class"=>$default_Form['inputDefaults']['label']['class']))); + ?> +
+ Form->button(__('dreamjob.password.send'),array('div' => false,'class'=>"btn btn-primary ",'type' => 'submit'));?> +
+ Form->end(); ?> +
\ No newline at end of file