[eluser]xtremer360[/eluser]
I'm just trying to see if anyone disagrees with the way I'm handling my logic for this. Something doesn't feel right with it but I don't quite know what it is.
Just wanted to add that the new_password_key is NOT a password for the user to log in with. As of right now I was going to have them directed to a page from a link in an email where they can enter a new password.
Code:
function forgot_password_submit()
{
$this->form_validation->set_rules('username', 'Username', 'trim|required|xss_clean');
if (!$this->form_validation->run())
{
echo json_encode(array('error' => 'yes', 'message' => 'There was a problem submitting the form! Please refresh the window and try again!'));
}
else
{
if (!is_null($user_data = $this->users->get_user_by_username($this->input->post('username'))))
{
if (!isset($user_data->new_password_key) && (!isset($user_data->new_password_requested)))
{
if(!strtotime($user_data->new_password_requested) >= (time() - 172800))
{
echo json_encode(array('error' => 'yes', 'message' => 'You have to wait 2 days before a new temp password can be emailed!'));
}
else
{
if ($this->kow_auth->forgot_password($this->input->post('username')))
{
$this->kow_auth->send_email('forgot_password', 'KOW Manager Forgot Password Email', $user_data);
echo json_encode(array('success' => 'yes', 'message' => 'A temporary password has been emailed to you!'));
}
else
{
echo json_encode(array('error' => 'yes', 'message' => 'A !'));
}
}
}
else
{
echo json_encode(array('success' => 'yes', 'message' => 'Check your email for your temporary password!'));
}
}
else
{
echo json_encode(array('error' => 'yes', 'message' => 'User does not exist in the database!'));
}
}
}
This is what Im going to use for the controller. There just seems to be some logic issues I have with it because what if it gets down to the if statement if ($already_sent_password) and for some reason they didn't get it. Then what? Or what if itt gets down to if (!strtotime($user_data->new_password_requested) <= (time() - 172800)) which is starting to sounds stupid to me because why make them have to wait two days to get a new password key.
Code:
function forgot_password_submit()
{
$this->form_validation->set_rules('username', 'Username', 'trim|required|xss_clean');
if (!$this->form_validation->run())
{
$this->kow_auth->output('There was a problem submitting the form! Please refresh the window and try again!', FALSE);
return;
}
$user_data = $this->users->get_user_by_username($this->input->post('username'));
if ($user_data === NULL)
{
$this->kow_auth->output('User does not exist in the database!', FALSE);
return;
}
$already_sent_password = (isset($user_data->new_password_key) && isset($user_data->new_password_requested));
if ($already_sent_password)
{
$this->kow_auth->output('Check your email for your temporary password!');
return;
}
if (!strtotime($user_data->new_password_requested) <= (time() - 172800))
{
$this->kow_auth->output('You have to wait 2 days before a new temp password can be emailed!', FALSE);
}
else
{
if ($this->kow_auth->forgot_password($this->input->post('username')))
{
$this->kow_auth->send_email('forgot_password', 'KOW Manager Forgot Password Email', $user_data);
$this->kow_auth->output('A temporary password has been emailed to you!');
}
else
{
$this->kow_auth->output('A temporary password could not be created for you!', FALSE);
}
}
}
