[eluser]balboa_1990[/eluser]
I am using the Ion auth library with codeigniter and have created a login, register, remember me and forgot password features (so far).
For the forgot password feature, the user types in their email address, they are then sent an email with a link to reset the password.
A page opens with them to type in the new password and confirmation password and when i click submit i get this error in my php log:
Code:
PHP Fatal error: Call to undefined method Auth::_valid_csrf_nonce() in /Applications/MAMP/htdocs/Auth/application/controllers/auth.php on line 273
I have not changed anything when downloading this library so wondering where i'm going wrong?
Thanks
Here is my code to support this:
Auth Controller:
Code:
function _get_csrf_nonce()
{
$this->load->helper('string');
$key = random_string('alnum', 8);
$value = random_string('alnum', 20);
$this->session->set_flashdata('csrfkey', $key);
$this->session->set_flashdata('csrfvalue', $value);
return array($key => $value);
}
//reset password - final step for forgotten password
public function reset_password($code = NULL)
{
if (!$code)
{
show_404();
}
$user = $this->ion_auth->forgotten_password_check($code);
if ($user)
{
//if the code is valid then display the password reset form
$this->form_validation->set_rules('new', 'New Password', 'required|min_length[' . $this->config->item('min_password_length', 'ion_auth') . ']|max_length[' . $this->config->item('max_password_length', 'ion_auth') . ']|matches[new_confirm]');
$this->form_validation->set_rules('new_confirm', 'Confirm New Password', 'required');
if ($this->form_validation->run() == false)
{
//display the form
//set the flash data error message if there is one
$this->data['message'] = (validation_errors()) ? validation_errors() : $this->session->flashdata('message');
$this->data['min_password_length'] = $this->config->item('min_password_length', 'ion_auth');
$this->data['new_password'] = array(
'name' => 'new',
'id' => 'new',
'type' => 'password',
'pattern' => '^.{'.$this->data['min_password_length'].'}.*$'
);
$this->data['new_password_confirm'] = array(
'name' => 'new_confirm',
'id' => 'new_confirm',
'type' => 'password',
'pattern' => '^.{'.$this->data['min_password_length'].'}.*$'
);
$this->data['user_id'] = array(
'name' => 'user_id',
'id' => 'user_id',
'type' => 'hidden',
'value' => $user->id
);
$this->data['csrf'] = $this->_get_csrf_nonce();
$this->data['code'] = $code;
//render
$this->_render_page('reset_password', $this->data);
}
else
{
// do we have a valid request?
if ($this->_valid_csrf_nonce() === FALSE || $user->id != $this->input->post('user_id'))
{
//something fishy might be up
$this->ion_auth->clear_forgotten_password_code($code);
show_error('This form post did not pass our security checks.');
}else{
// finally change the password
$identity = $user->{$this->config->item('identity', 'ion_auth')};
$change = $this->ion_auth->reset_password($identity, $this->input->post('new'));
if ($change)
{
//if the password was successfully changed
$this->session->set_flashdata('message', $this->ion_auth->messages());
$this->logout();
}else{
$this->session->set_flashdata('message', $this->ion_auth->errors());
redirect('reset_password/' . $code, 'refresh');
}
}
}
}
else
{
//if the code is invalid then send them back to the forgot password page
$this->session->set_flashdata('message', $this->ion_auth->errors());
redirect("forgot_password", 'refresh');
}
}