##// END OF EJS Templates
jro_apps » pbase
RSS
modificaciones del componente usuarios. Reduccion de codigo
modificaciones del componente usuarios. Reduccion de codigo
arturo - - Load All Authors

File last commit:

r0:1
r4:5
Show More
UsersController.php
704 lines | 30.5 KiB | text/x-php | PhpLexer
/ trunk / components / com_users / UsersController.php
History | Annotation | Raw |Copy content |Copy permalink
<?php
class UsersController extends ControllerBase{
public function ingresar(){
if(isset($_SESSION['usersession']['iduser'])){
require 'models/UsersModel.php';
$user = new UsersModel();
$session = new SessionsModel();
$datos_validados = $user->obtenerUsuarioxId($_SESSION['usersession']['iduser']);
$datos_session_validados = $session->validarSession($_SESSION['usersession']['iduser']);
$datos_usuario = $datos_validados->fetch();
$datos_session = $datos_session_validados->fetch();
if(is_array($datos_usuario) && is_array($datos_session) && ($datos_usuario['usertype'] == 2) ){
//$resultado_log = $items->registrarLogIngreso($datos_usuario["id_usu"]); ///???
require 'components'.DS.'com_messages'.DS.'models'.DS.'MailBoxesModel.php';
//creamos una clase del tipo Datetime para registrar la hora de ingreso.
$date_last_activity = new DateTime(date("Y-m-d H:i:s"));
$mailbox = new MailBoxesModel();
$rs_boxes = $mailbox->getMailBoxesSystem($datos_usuario['iduser']);
$idtypemb = 1;
$rsMailBox = $mailbox->getMailBoxType($datos_usuario['iduser'], $idtypemb);
$datosMailBox = $rsMailBox->fetch();
$lista_mensajes = $mailbox->getMessagesNoRead($datosMailBox['idmailbox']);
$idmailbox = $datosMailBox['idmailbox'];
$_SESSION['usersession']['attempt'] = 0;
$_SESSION['usersession']['iduser'] = $datos_usuario['iduser'];
$_SESSION['usersession']['date_last_activity'] = $date_last_activity->format("Y-m-d H:i:s") ;
$_SESSION['usersession']['idsession'] = $datos_session['idsession'];
$datos['idsession'] = $datos_session['idsession'];
$datos['date_last_activity'] = $date_last_activity->format("Y-m-d H:i:s") ;
if($datos_usuario['state'] == 1){
$data['datos_usuario'] = $datos_usuario;
$data['inicio'] = 0;
$data['rs_boxes'] = $rs_boxes;
$data['lista_mensajes'] = $lista_mensajes;
$data['idmailbox'] = $idmailbox;
$data['title'] = "Welcome";
$data['content'] = "components".DS."com_users".DS."views".DS."home.php";
$this->view->show("template.php", $data);
}else{
$data = array();
$data['xin'] = '';
$data['forget'] = 'no';
$data['force'] = 'yes';
$this->view->show("usersNewPasswordForm.php", $data);
}
}else{
$data = array();
$data['title'] = "Welcome";
//$this->view->show("login.php", $data);
$this->view->show("template.php", $data);
}
}else{
$data = array();
$data['title'] = "Welcome";
$data['content'] = "components".DS."com_users".DS."views".DS."home.php";
//$this->view->show("login.php", $data);
$this->view->show("template.php", $data);
}
}
public function validarUsuario(){
//obtener el tiempo de bloqueo del navegador :: intervalo de bloqueo
$valor_intervalo = 1;
$intervalo = 'PT'.$valor_intervalo.'M';
$tiempo_bloqueo = new DateInterval($intervalo); //minutos
if(isset($_SESSION['usersession']['timebadlogin'])){
$valor_timebadlogin = $_SESSION['usersession']['timebadlogin'];
$timebadlogin = new DateTime($valor_timebadlogin);
date_add($timebadlogin, $tiempo_bloqueo);
$timeactual = new DateTime(date("Y-m-d H:i:s"));
if($timeactual > $timebadlogin){
$_SESSION['usersession']['disabled'] = false;
$_SESSION['usersession']['attempt'] = 0;
unset($_SESSION['usersession']['timebadlogin']);
}
}
require 'models/UsersModel.php';
$user = new UsersModel();
$session = new SessionsModel();
$username = $_REQUEST["usuario"];
$password = $_REQUEST["passwd"];
if( (@$_SESSION['usersession']['attempt'] < 3) && ( @!$_SESSION['usersession']['disabled'] ) ){
//echo "no estamos bloqueados";
//Evaluamos el estado del usuario (ACTIVO , BLOQUEADO, ELIMINADO)
$estado_usuario = $user->obtenerEstadoUsuario($username);
$datos_usuario = "";
if(($estado_usuario == "ACTIVE") || ($estado_usuario == "FLOGIN") || ($estado_usuario == "RESET") ){
$flag_activo = true;
$rs_usuario = $user->validarAdministrador($username,$password);
$datos_usuario = $rs_usuario->fetch();
}else{
$flag_activo = false;
}
if(@is_array($datos_usuario)){
$_SESSION["usersession"]["firstname"] = $datos_usuario['firstname'];
$_SESSION["usersession"]["lastname"] = $datos_usuario['lastname'];
$_SESSION["usersession"]["photo"] = $datos_usuario['photo'];
require 'components'.DS.'com_messages'.DS.'models'.DS.'MailBoxesModel.php';
$date_session = new DateTime(date('Y-m-d H:i:s'));
$date_last_activity = new DateTime(date("Y-m-d H:i:s"));
//$resultado_log = $items->registrarLogIngreso($datos_usuario["id_usu"]);
$mailbox = new MailBoxesModel();
$rs_boxes = $mailbox->getMailBoxesSystem($datos_usuario['iduser']);
//Coloca los idmailbox dentro de variables de session
$rs_mnuboxes = $mailbox->getIDMailBoxesSystem($datos_usuario['iduser']);
$mnuBoxes = $rs_mnuboxes->fetchAll();
$idtypemb = 1;
$rsMailBox = $mailbox->getMailBoxType($datos_usuario['iduser'], $idtypemb);
$datosMailBox = $rsMailBox->fetch();
$lista_mensajes = $mailbox->getMessagesNoRead($datosMailBox['idmailbox']);
$idmailbox = $datosMailBox['idmailbox'];
$_SESSION['usersession']['attempt'] = 0;
$_SESSION['usersession']['iduser'] = $datos_usuario['iduser'];
$_SESSION['usersession']['client_ip'] = $_SERVER['REMOTE_ADDR'];
$_SESSION['usersession']['date_session'] = $date_session->format('Y-m-d H:i:s');
$_SESSION['usersession']['date_last_activity'] = $date_last_activity->format("Y-m-d H:i:s");
$_SESSION['usersession']['state'] = 1;
//coloca los idmailbox dentro de la variable de session
$_SESSION['usersession']['inbox'] = $mnuBoxes[0]['idmailbox'];//Inbox
$_SESSION['usersession']['sent'] = $mnuBoxes[1]['idmailbox'];//Sent
$_SESSION['usersession']['trash'] = $mnuBoxes[2]['idmailbox'];//Trash
//Se guarda la informacion en la BD
$datos['idsession'] = "";
$datos['iduser'] = $datos_usuario['iduser'];
$datos['client_ip'] = $_SERVER['REMOTE_ADDR'];
$datos['date_session'] = $date_session->format('Y-m-d H:i:s');
$datos["date_last_activity"] = $date_last_activity->format("Y-m-d H:i:s") ;
$datos['state'] = 1;
//insertamos la sesion
$rs_session = $session->setUserSession($datos);
//tomando id session
$rs_session = $session->validarSession($datos_usuario['iduser']);
$datos_session = $rs_session->fetch();
$_SESSION['usersession']['idsession'] = $datos_session['idsession'];
//Se evalua el estado del usuario. segun este se determina si necesita actualizar password ::05MAY2010::20100505
if($datos_usuario['state'] == 1){
$data['datos_usuario'] = $datos_usuario;
$data['inicio'] = 0;
$data['rs_boxes'] = $rs_boxes; //NOE MEDINA ARCE 11MAY2010
$data['lista_mensajes'] = $lista_mensajes; //NOE MEDINA ARCE 11MAY2010
$data['idmailbox'] = $idmailbox; //NOE MEDINA ARCE 11MAY2010
$data['content'] = "components".DS."com_users".DS."views".DS."home.php";
$this->view->show("template.php", $data);
}else{
$data = array();
$data['xin'] = '';
$data['forget'] = 'no';
$data['force'] = 'yes';
$this->view->show("usersNewPasswordForm.php", $data);
}
}else{
if($flag_activo){
if (!isset($_SESSION['usersession'])) {
$_SESSION['usersession'] = array();
$_SESSION['usersession']['attempt'] = 1;
}else{
if (!isset($_SESSION['usersession']['attempt'])) {
$_SESSION['usersession']['attempt'] = 1;
}else{
$_SESSION['usersession']['attempt']++;
}
}
//Pasamos a la vista toda la informacion que se desea representar
$data['titulo'] = "Error user login / password";
$data['mensaje'] = "Error user login / password";
}else{
if($estado_usuario == "BLOQUEADO"){
$data['titulo'] = "Error:: User ".strtolower($estado_usuario);
$data['mensaje'] = "Login is disabled by excesses of failed attempts. Contact your 'System Administrator' to solve the problem";
}else{
if (!isset($_SESSION['usersession'])) {
$_SESSION['usersession'] = array();
$_SESSION['usersession']['attempt'] = 1;
}else{
if (!isset($_SESSION['usersession']['attempt'])) {
$_SESSION['usersession']['attempt'] = 1;
}else{
$_SESSION['usersession']['attempt']++;
}
}
$data['titulo'] = "Error user login / password";
$data['mensaje'] = "Error user login / password";
}
}
//Finalmente presentamos nuestra plantilla
$this->view->show("login.php", $data);
}
}else{
//EXCESO DE INTENTOS
$timebadlogin = new DateTime(date('Y-m-d H:i:s'));
$rs_usuario = $user->obtenerUsuarioxUsername($username);
$datos_usuario = $rs_usuario->fetch();
if(is_array($datos_usuario) && @!$_SESSION['usersession']['disabled']){
$rs_bloqueo = $user->bloquearUsuario($datos_usuario['iduser']);
$data['titulo'] = "Failed attempts excess";
$data['mensaje'] = "You have exceeded the number of attempts. <br /> User blocked";
$_SESSION['usersession']['attempt'] = 0;
}else{
//deshabilitar logueo por determinado tiempo
$data['titulo'] = "Failed attempts excess";
$data['mensaje'] = "You have exceeded the number of attempts.<br />Try again in".$valor_intervalo." minutes";
//establecemos la variable que maneje el tiempo de espera
$_SESSION['usersession']['disabled'] = true;
if(!isset($_SESSION['usersession']['timebadlogin'])){
$_SESSION['usersession']['timebadlogin'] = $timebadlogin->format('Y-m-d H:i:s');
}
}
$this->view->show("errorLogin.php", $data);
}
}
public function logout(){
//@print_r($_SESSION['usersession']);
$session = new SessionsModel();
$rs_datos_session = $session->validarSession(@$_SESSION['usersession']['iduser']);
//print_r($rs_datos_session);
$datos_session = $rs_datos_session->fetch();
$date_last_activity = new DateTime(date("Y-m-d H:i:s"));
//establecemos el arreglo datos.
$datos['date_last_activity'] = $date_last_activity->format('Y-m-d H:i:s');
$datos['idsession'] = $datos_session['idsession'];
$rs = $session->setInactive($datos);
unset($_SESSION['usersession']);
session_destroy();
$data = array();
$this->view->show("logout.php", $data);
}
public function getRememberPasswordForm(){
$data = array();
$this->view->show("password.php", $data);
}
public function sendPasswordLink(){
require 'models/UsersModel.php';
$user = new UsersModel();
$username = $_REQUEST["usuario"];
$rs_usuario = $user->obtenerUsuarioxUsername($username);
$datos_usuario = $rs_usuario->fetch();
if(is_array($datos_usuario)){
$servername = $_SERVER['SERVER_NAME'];
$usernamemd5 = md5($datos_usuario['username']);
$link = 'http://'.$servername.'/?controller=Users&action=getNewPasswordForm&xin='.$usernamemd5.'&forget=yes';
$contenido = '';
$destinatario = "nmedina79@gmail.com";
$asunto = "Este mensaje es de prueba";
$cuerpo = '
<html>
<head>
<title>Prueba de correo</title>
</head>
<body>
<h1>Hola amigos!</h1>
<p>
<b>Bienvenidos a mi correo electronico de prueba</b>. Estoy encantado de tener tantos lectores. Este cuerpo del mensaje es del articulo de envio de mails por PHP. Habria que cambiarlo para poner tu propio cuerpo. Por cierto, cambia tambien las cabeceras del mensaje.<br/>
enlace : <a href="'.$link.'" target="_parent">'.$link.'</a>
</p>
</body>
</html>
';
//para el envio en formato HTML
$headers = "MIME-Version: 1.0\r\n";
$headers .= "Content-type: text/html; charset=iso-8859-1\r\n";
//direccion del remitente
$headers .= "From: Administrador <admin@epimed.com>\r\n";
//direccion de respuesta, si queremos que sea distinta que la del remitente
$headers .= "Reply-To: deployment@epimed.com\r\n";
//ruta del mensaje desde origen a destino
$headers .= "Return-path: nmedina79@gmail.com\r\n";
//direcciones que recibion copia
$headers .= "Cc: deployment@epimed.com\r\n";
//direcciones que recibiron copia oculta
$headers .= "Bcc: jsalyrosas@poweruptechs.com,hleon@poweruptechs.com\r\n";
if(mail($destinatario,$asunto,$cuerpo,$headers)){
$mensaje = 'An email with a link to update has been sent to your email.';
}else{
$mensaje = 'Failed to send link. Try again in a few minutes or contact your system administrator';
}
try{
mail($destinatario,$asunto,$cuerpo,$headers);
}catch (Exception $e){
echo 'Caught exception: ', $e->getMessage(), "\n";
}
/*
require("class.phpmailer.php");
$mail = new PHPMailer();
$mail->IsSMTP(); // set mailer to use SMTP
$mail->Host = "smtp.innovaciencia.com;smtp.innovaciencia.com"; // specify main and backup server
$mail->SMTPAuth = true; // turn on SMTP authentication
$mail->Username = "jsalyrosas"; // SMTP username
$mail->Password = "j05e4nt0n10"; // SMTP password
$mail->From = "Admin@epimed.com";
$mail->FromName = "Admin";
$mail->AddAddress("nmedina79@gmail.com", "Josh Adams");
$mail->AddAddress("nmedina79@gmail.com"); // name is optional
$mail->AddReplyTo("nmedina79@hotmail.com", "Information");
$mail->WordWrap = 50; // set word wrap to 50 characters
//$mail->AddAttachment("/var/tmp/file.tar.gz"); // add attachments
//$mail->AddAttachment("/tmp/image.jpg", "new.jpg"); // optional name
$mail->IsHTML(true); // set email format to HTML
$mail->Subject = "Here is the subject";
//$mail->Body = "This is the HTML message body <b>in bold!</b>".$cuerpo;
$mail->Body = $cuerpo;
$mail->AltBody = "This is the body in plain text for non-HTML mail clients";
if(!$mail->Send()){
echo "Message could not be sent. <p>";
echo "Mailer Error: " . $mail->ErrorInfo;
exit;
}
echo "Message has been sent";
*/
}else{
$mensaje = " User doesn't exist.";
}
$data = array();
$data['mensaje'] = $mensaje;
$data['link'] = $link;
$this->view->show("password.php", $data);
}
public function getNewPasswordForm(){
(!empty($_REQUEST['forget']))?$forget = $_REQUEST['forget']:$forget='no';
(!empty($_REQUEST['xin']))?$xin = $_REQUEST['xin']:$xin='';
(!empty($_REQUEST['force']))?$force = $_REQUEST['force']:$force='yes';
//@$forget = $_REQUEST['forget'];
//@$xin = $_REQUEST['xin'];
$data = array();
$data['forget'] = $forget;
$data['force'] = $force;
$data['xin'] = $xin;
//echo $data['force'];
$this->view->show("usersNewPasswordForm.php", $data);
}
public function passwordUpdate(){
$datos = $_REQUEST['datos'];
(!empty($_REQUEST['forget']))?$forget = $_REQUEST['forget']:$forget='no';
(!empty($_REQUEST['usernamemd5']))?$usernamemd5 = $_REQUEST['xin']:$usernamemd5='';
(!empty($_REQUEST['force']))?$force = $_REQUEST['force']:$force='';
//@$forget = $_REQUEST['forget'];
//@$usernamemd5 = $_REQUEST['xin'];
//@$force = $_REQUEST['force'];
//print_r($datos);
require 'models/UsersModel.php';
$user = new UsersModel();
if( $datos['new_password'] == $datos['new_password_again']){
if($forget == 'yes'){
//echo $usernamemd5;
$rs_usuario = $user->obtenerUsuarioxUsernameMD5($usernamemd5);
//print_r($rs_usuario);
$datos_usuario = $rs_usuario->fetch();
$iduser = $datos_usuario['iduser'];
$password = $datos['new_password'];
$rs_updatePassword = $user->setNewPassword($iduser,$password);
//print_r($rs_updatePassword);
$data['xin'] = $usernamemd5;
$data['forget'] = $forget;
$data['force'] = $force;
$data['mensaje'] = ' your password has been updated<br/><a href="?controller=Users&action=ingresar">next</a>';
unset($_SESSION['sessionuser']);
$this->view->show("usersNewPasswordForm.php", $data);
}else{
if(!empty($datos['current_password'])){
//validarAdministrador($username,$password)
if(!empty($_SESSION['usersession']['iduser'])){
$iduser = $_SESSION['usersession']['iduser'];
$password = $datos['new_password'];
$rs_usuario = $user->obtenerUsuarioxId($iduser);
$datos_usuario = $rs_usuario->fetch();
//validamos la existencia del usuario
$username = $datos_usuario['username'];
$current_password = $datos['current_password'];//
$rs_validado = $user->validarAdministrador($username,$current_password);
$datos_validado = $rs_validado->fetch();
if(is_array($datos_validado)){
//actualizamos el nuevo password
$rs_updatePassword = $user->setNewPassword($iduser,$password);
//cambiar el estado del usuario
$rs_updatePassword = $user->setActive($iduser);
unset($_SESSION['usersession']);
$data = array();
$data['forget'] = $forget;
$data['mensaje'] = ' your password has been updated<br/><a href="send.php?controller=Users&action=logout" target="enviar">continuar</a>';
$this->view->show("usersNewPasswordForm.php", $data);
}else{
$data['mensaje'] = ' your current password is invalid ';
$this->view->show("usersNewPasswordForm.php", $data);
}
}else{
$data['mensaje'] = ' you have not started your user session.<br/> ';
$this->view->show("login.php", $data);
}
}else{
//$data['xin'] = $usernamemd5;
//$data['forget'] = $forget;
$data['mensaje'] = ' did not enter the current password ';
$this->view->show("usersNewPasswordForm.php", $data);
}
}
}else{
$data['xin'] = $usernamemd5;
$data['forget'] = $forget;
$data['mensaje'] = 'the new password entered does not match';
$this->view->show("usersNewPasswordForm.php", $data);
}
}
//JASYRC 06MAY2010
public function getUsers(){
require 'models/UsersModel.php';
$users = new UsersModel();
if(!empty($_REQUEST['inicio'])){
$inicio = $_REQUEST['inicio'];
}else{
$inicio = 0;
}
$tamanio = 15;
$parametros = array("inicio" => $inicio, "tamanio" => $tamanio);
list($list_users, $paginas, $navegador) = $users->getUsers($parametros);
$data['listUsers'] = $list_users;
$data['paginas'] = $paginas;
$data['navegador'] = $navegador;
$data['inicio'] = $inicio;
$data['content'] = "components".DS."com_users".DS."views".DS."listUsers.php";
$this->view->show("template.php", $data);
}
//JASYRC 06MAY2010
public function newUser(){
if(!empty($_REQUEST['message'])){
$message = $_REQUEST['message'];
}else{
$message = "";
}
$data['message'] = $message;
$data['content'] = "components".DS."com_users".DS."views".DS."newUser.php";
$this->view->show("template.php", $data);
}
//JASYRC 07MAY2010 - FECHA DE DESARROLLO
//JASYRC 11MAY2010 - FECHA DE ACTUALIZACION
public function addUser(){
require 'models/UsersModel.php';
//Creamos una instancia de nuestro "modelo"
$user = new UsersModel();
//tomamos las variables usuario y password
$data_user = $_REQUEST["data_user"];
$data_user['username'] = $_REQUEST["newusername"];
$data_user['password'] = md5($_REQUEST["newpasswd"]);
$data_user['email'] = $_REQUEST["txt_email"];
$data_user['usertype'] = 1;
$data_user['state'] = 4;
$urlphoto = "avatar.jpg";
$url = explode(DS, trim(dirname(__DIR__)));
array_pop($url);
array_pop($url);
array_pop($url);
array_pop($url);
$path = implode(DS, $url);
$flag = FALSE;
$result = $user->getAllUsers();
$data_list = $result->fetchAll();
foreach($data_list as $userdata){
if(strtolower($data_user['username']) == strtolower($userdata['username'])){$flag = TRUE; break;}
}
if($flag === FALSE){
if($_FILES['fphoto']['tmp_name'] != ""){
if (is_uploaded_file($_FILES['fphoto']['tmp_name'])){
$psize = $_FILES ['fphoto']['size'];
$pname = $_FILES ['fphoto']['name'];
$type = substr( $pname, strlen($pname)-4);
if($type==".jpg" || $type==".gif" || $type==".png" || $type==".JPG" || $type==".GIF" || $type==".PNG"){
copy($_FILES['fphoto']['tmp_name'], $path.DS."files".DS."photos".DS.$username.$type);
$urlphoto = "photos".DS.$username.$type;
}else{
$mensaje_upload = ". Uploaded failed: No image file.";// error por tipo
}
}else{
$mensaje_upload = ". Uploaded failed.";// error por tamanio
}
}else{
$mensaje_upload = "Error: Uploaded failed.";
}
$data_user['photo'] = $urlphoto;
list($result, $id, $message) = $user->addItem($data_user);
$url = 'index.php?option=com_users&controller=Users&action=getUsers';
}else{
$message = "Error::: Username unavailable.";
$url = 'index.php?option=com_users&controller=Users&action=newUser&message='.$message;
}
header("location: ".$url);
exit();
}
//JASYRC 06MAY2010
public function editUser(){
require 'models/UsersModel.php';
$user = new UsersModel();
$iduser = $_REQUEST['user'];
$newuser = $user->editUser($iduser);
$method = "edit";
$data['usuario'] = $newuser->fetch();
$data['edit'] = true;
$data['method'] = $method;
$data['iduser'] = $iduser;
$data['content'] = "components".DS."com_users".DS."views".DS."editUser.php";
$this->view->show("template.php", $data);
}
//JASYRC 10NOV2010
public function view(){
require 'models/UsersModel.php';
$user = new UsersModel();
$iduser = $_REQUEST['user'];
$newuser = $user->editUser($iduser);
$method = "view";
$data['usuario'] = $newuser->fetch();
$data['edit'] = false;
$data['method'] = $method;
$data['iduser'] = $iduser;
$data['content'] = "components".DS."com_users".DS."views".DS."editUser.php";
$this->view->show("template.php", $data);
}
//JASYRC 07MAY2010
public function updateUser(){
require 'models/UsersModel.php';
$user = new UsersModel();
$iduser = $_REQUEST['iduser'];
$firstname = $_REQUEST['firstname'];
$lastname = $_REQUEST['lastname'];
$state = $_REQUEST['state'];
$edituser = $user->updateUser($iduser, $firstname, $lastname, $state);
$data['url'] = '?controller=Users&action=getUsers';
$this->view->show("actualizar.php", $data);
}
//JASYRC 07MAY2010
public function remove(){
require 'models/UsersModel.php';
$user = new UsersModel();
$iduser = $_REQUEST['user'];
$data_user['state'] = 3;
$user->setIdValue($iduser);
//list($result, $message) = $user->DeleteItem();
list($result, $message) = $user->UpdateItem($data_user);
$url = 'index.php?option=com_users&controller=Users&action=getUsers';
header("location: ".$url);
exit();
}
//JASYRC 07MAY2010 - FECHA DE DESARROLLO
//JASYRC 10MAY2010 - FECHA DE ACTUALIZACION
public function searchUser(){
require 'models/UsersModel.php';
//Creamos una instancia de nuestro "modelo"
$user = new UsersModel();
$username = $_REQUEST['value'];
$newuser = $user->searchUserbyUName($username);
$usuario = $newuser->fetch();
if(!is_array($usuario)){
$generatePassword = substr(md5($username.time('YmdHis')),0,5);
}
$data['username'] = $username;
$data['usuario'] = $usuario;
@$data['key'] = $generatePassword;
$this->view->show("searchUser.php", $data);
}
public function changePasswd(){
require 'models/UsersModel.php';
$iduser = $_REQUEST['iduser'];
$datos['oldpasswd'] = $_REQUEST['oldpasswd'];
$datos['newpasswd'] = $_REQUEST['newpasswd'];
$datos['check_password'] = $_REQUEST['retypepasswd'];
$user = new UsersModel();
$result = $user->getPasswd($iduser);
$data_model = $result->fetch();
$db_old_passwd = $data_model[0];
if($db_old_passwd == md5($datos['oldpasswd'])){
$rsUpdPasswd = $user->setNewPassword($iduser, $datos['newpasswd']);
if($rsUpdPasswd) $message = "Password updated...";
else $message = "Error updating password...";
}
$url = 'index.php?controller=Users&action=editUser&user='.$iduser.'&message='.$message;
header("location: ".$url);
exit();
}
}
?>