Welcome Guest, Not a member yet? Register   Sign In
Forgotten Password Logic

I'm just trying to see if anyone disagrees with the way I'm handling my logic for this. Something doesn't feel right with it but I don't quite know what it is.

Just wanted to add that the new_password_key is NOT a password for the user to log in with. As of right now I was going to have them directed to a page from a link in an email where they can enter a new password.

function forgot_password_submit()
        $this->form_validation->set_rules('username', 'Username', 'trim|required|xss_clean');
        if (!$this->form_validation->run())
            echo json_encode(array('error' => 'yes', 'message' => 'There was a problem submitting the form! Please refresh the window and try again!'));    
            if (!is_null($user_data = $this->users->get_user_by_username($this->input->post('username'))))
                if (!isset($user_data->new_password_key) && (!isset($user_data->new_password_requested)))
                    if(!strtotime($user_data->new_password_requested) >= (time() - 172800))
                        echo json_encode(array('error' => 'yes', 'message' => 'You have to wait 2 days before a new temp password can be emailed!'));
                        if ($this->kow_auth->forgot_password($this->input->post('username')))
                            $this->kow_auth->send_email('forgot_password', 'KOW Manager Forgot Password Email', $user_data);
                            echo json_encode(array('success' => 'yes', 'message' => 'A temporary password has been emailed to you!'));
                            echo json_encode(array('error' => 'yes', 'message' => 'A !'));
                    echo json_encode(array('success' => 'yes', 'message' => 'Check your email for your temporary password!'));
                echo json_encode(array('error' => 'yes', 'message' => 'User does not exist in the database!'));


This is what Im going to use for the controller. There just seems to be some logic issues I have with it because what if it gets down to the if statement if ($already_sent_password) and for some reason they didn't get it. Then what? Or what if itt gets down to if (!strtotime($user_data->new_password_requested) <= (time() - 172800)) which is starting to sounds stupid to me because why make them have to wait two days to get a new password key.

function forgot_password_submit()
    $this->form_validation->set_rules('username', 'Username', 'trim|required|xss_clean');

    if (!$this->form_validation->run())
        $this->kow_auth->output('There was a problem submitting the form! Please refresh the window and try again!', FALSE);

    $user_data = $this->users->get_user_by_username($this->input->post('username'));
    if ($user_data === NULL)
        $this->kow_auth->output('User does not exist in the database!', FALSE);

    $already_sent_password = (isset($user_data->new_password_key) && isset($user_data->new_password_requested));
    if ($already_sent_password)
        $this->kow_auth->output('Check your email for your temporary password!');

    if (!strtotime($user_data->new_password_requested) <= (time() - 172800))
        $this->kow_auth->output('You have to wait 2 days before a new temp password can be emailed!', FALSE);
        if ($this->kow_auth->forgot_password($this->input->post('username')))
            $this->kow_auth->send_email('forgot_password', 'KOW Manager Forgot Password Email', $user_data);
            $this->kow_auth->output('A temporary password has been emailed to you!');
            $this->kow_auth->output('A temporary password could not be created for you!', FALSE);

Messages In This Thread
Forgotten Password Logic - by El Forum - 02-15-2012, 02:28 PM

Theme © iAndrew 2016 - Forum software by © MyBB