Changeset 282
- Timestamp:
- 06/02/07 12:37:47
- Files:
Legend:
- Unmodified
- Added
- Removed
- Modified
- Copied
- Moved
FreakAuth/trunk/www/system/application/libraries/Freakauth_light.php
r273 r282 2 2 /** 3 3 * FreakAuth_light Class 4 * Security handler that provides functionality to handle login, logout, registration,5 * and reset password requests.4 * Security handler that provides functionality to handle login, logout, 5 * registration, and reset password requests. 6 6 * It also can verify the logged in status of 3 user classes 7 * 7 * 8 8 * => superadmin (has permissions on everything and can also create other admin) 9 * => admin 10 * => user (it is a registered user, and you can decide to give in rights to access11 * 9 * => admin (you can choose what to let him manage) 10 * => user (it is a registered user, and you can decide to give in rights 11 * to access some specific areas (controllers) of your application 12 12 * 13 13 * The class requires the use of 14 * 14 * 15 15 * => Database CI official library 16 16 * => Db_session, FAL_validation and the FAL_front library (included in the download) 17 17 * => URL, FORM and FreakAuth_light (included in the download) helpers 18 * 18 * 19 19 * The FreakAuth_light library should be auto loaded in the core classes section 20 20 * of the autoloader. 21 * 21 * 22 22 * Passwords are encripted with md5 algorithm by the method _encode($password) 23 * 24 * ----------------------------------------------------------------------------- ----23 * 24 * ----------------------------------------------------------------------------- 25 25 * Copyright (C) 2007 Daniel Vecchiato (4webby.com) 26 * ----------------------------------------------------------------------------- ----26 * ----------------------------------------------------------------------------- 27 27 *This library is free software; you can redistribute it and/or 28 28 *modify it under the terms of the GNU Lesser General Public … … 38 38 *License along with this library; if not, write to the Free Software 39 39 *Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA 40 *------------------------------------------------------------------------------ -----40 *------------------------------------------------------------------------------ 41 41 * @package FreakAuth_light 42 42 * @subpackage Libraries … … 59 59 * library. The Auth library should be auto loaded in the core classes section 60 60 * of the autoloader. 61 * 61 * 62 62 * Passwords are encripted with md5 algorithm. 63 63 */ 64 64 class Freakauth_light 65 { 66 // -------------------------------------------------------------------- 67 68 /** 69 * Function FreakAuth inizialises the class loading the right libraries, helpers and models 70 * 71 * @uses libraries (encrypt, db_session), helpers (form, url, FreakAuth), modules (usermodel) 72 * */ 65 { 66 // -------------------------------------------------------------------- 67 68 /** 69 * Function FreakAuth inizialises the class loading the right libraries, 70 * helpers and models 71 * 72 * @uses libraries (encrypt, db_session) 73 * @uses helpers (form, url, FreakAuth) 74 * @uses modules (usermodel) 75 */ 73 76 function Freakauth_light() 74 77 { … … 88 91 $this->_init(); 89 92 } 90 93 91 94 // -------------------------------------------------------------------- 92 95 … … 98 101 function _init() 99 102 { 100 // checks if the Freakauth system is turned on103 // checks if the Freakauth system is turned on 101 104 if (!$this->CI->config->item('FAL')) 102 105 { … … 119 122 120 123 /** 121 * Method used to restrict acess to controllers or methods of controllers to the specified category of users 122 * it requires 2 optional parameters 123 * The first parameterspecifies the user group i.e. ('admin') 124 * The second parameter specifies whether the area is reserved ONLY to that group (true) or if it is accessible by groups higher in the hierarchy 125 * 124 * Method used to restrict acess to controllers or methods of controllers 125 * to the specified category of users. 126 * It requires 2 optional parameters: 127 * - the first parameterspecifies the user group i.e. ('admin') 128 * - the second parameter specifies whether the area is reserved ONLY to 129 * that group (true) or if it is accessible by groups higher in the 130 * hierarchy 131 * 126 132 * example usage in a controller 127 * 128 * 1) $this->freakauth_light->check() //this restricts acess to registered users and user-groups higher in the hierarchy (i.e. admin, superadmin) 129 * 2) $this->freakauth_light->check('admin') //this restricts acess to 'admin' and user-groups higher in the hierarchy (i.e. superadmin) 130 * 3) $this->freakauth_light->check('admin', true) //this restricts acess to 'admin' ONLY 131 * 132 * @param string (to specify the role to whom the area is restricted to) $lock_to_role 133 * 134 * 1) $this->freakauth_light->check() 135 * this restricts access to registered users and user-groups higher in 136 * the hierarchy (i.e. admin, superadmin) 137 * 2) $this->freakauth_light->check('admin') 138 * this restricts access to 'admin' users and users who belong to roles 139 * higher in the hierarchy (i.e. 'superadmin') 140 * 3) $this->freakauth_light->check('admin', true) 141 * this restricts access to 'admin' users ONLY 142 * 143 * @param string (the role to whom the area is restricted to) $lock_to_role 133 144 * @param boolean (true/false) $only 134 145 */ … … 136 147 { 137 148 138 // check who did the request and build role hierarchy149 // check who did the request and build role hierarchy 139 150 $_who_is = $this->CI->db_session->userdata('role'); 140 151 141 // if we have a role stored in DB session for this user152 // if we have a role stored in DB session for this user 142 153 if ($this->CI->db_session AND $this->CI->config->item('FAL') AND !empty($_who_is)) 143 { 154 { 144 155 145 // gets the locked role hierarchy value156 // gets the locked role hierarchy value 146 157 $_hierarchy = $this->CI->config->item('FAL_roles'); 147 158 148 // if we didn't specify to who we will reserve the action149 //let's restrict it to registered users159 // if we didn't specify to who we will reserve the action 160 // let's restrict it to registered users 150 161 if ($_lock_to_role==null){$_lock_to_role='user';} 151 162 152 // let's see who did we reserve the area to163 // let's see who did we reserve the area to 153 164 $_lock_hierarchy = $_hierarchy[$_lock_to_role]; 154 // let's see who requested to access this area165 // let's see who requested to access this area 155 166 $_request_hierarchy = $_hierarchy[$_who_is]; 156 157 //let's see if we decided to restrict access ONLY to a given category167 168 // let's see if we decided to restrict access ONLY to a given category 158 169 switch ($_only) 159 170 { … … 162 173 break; 163 174 164 // only false or not specified175 // only false or not specified 165 176 default: 166 177 $_request_hierarchy <= $_lock_hierarchy ? $_condition = true : $_condition = false; … … 169 180 } 170 181 171 // if who did the request doesn't have enough credentials182 // if who did the request doesn't have enough credentials 172 183 if ($_condition==false) 173 184 { … … 175 186 } 176 187 } 177 // it means it is a guest because it has no role stored in DB_session188 // it means it is a guest because it has no role stored in DB_session 178 189 else 179 190 { … … 196 207 * ------------------------------- 197 208 * $this->freakauth_light->denyAccess('user') 198 * 209 * 199 210 * @param string the role of the one we are denying the access 200 211 */ … … 263 274 * Returns false if FreakAuth system is not activated 264 275 * Returns true if admin or superadmin, otherwise false 265 * 276 * 266 277 * @return true if admin/superadmin or false otherwise 267 278 */ … … 280 291 } 281 292 282 // if user_id not activated or not existent293 // if user_id not activated or not existent 283 294 return false; 284 } 295 } 285 296 286 297 // -------------------------------------------------------------------- … … 291 302 * Returns false if FreakAuth system is not activated 292 303 * Returns true if superadmin, otherwise false 293 * 304 * 294 305 * @return boolean 295 306 */ … … 306 317 return true; 307 318 } 308 319 309 320 return false; 310 } 321 } 311 322 // -------------------------------------------------------------------- 312 323 … … 315 326 * Returns false if FreakAuth system is not activated 316 327 * Returns true if a valid user is logged, false otherwise 317 * 328 * 318 329 * @return boolean 319 330 */ … … 326 337 return true; 327 338 } 328 329 // if user not activated or not existent339 340 // if user not activated or not existent 330 341 return false; 331 } 332 333 // -------------------------------------------------------------------- 334 335 /** 336 * Method used to used to check if a logged in members belongs to the custom role (group) specified in the first parameter 337 * it requires 2 optional parameters 338 * The first parameter specifies the user groups as a comma separated string (NB: just comma separated WITHOUT SPACES->'user,admin'<--RIGHT 'user,admin'<--WRONG) 339 * The second parameter specifies whether we want to check to the specified groups ONLY or for AT LEAST those group membership in the hierarchy 340 * (returns true also if the logged user belongs to a group higher in the hierarchy) 341 * 342 * example usage in a controller (see the relative helper belongsToGroup() to use it in views) 343 * 344 * 1) $this->freakauth_light->belongsToGroup() //returns true if the visitor is logged in and he is AT LEAST an user 345 * 2) $this->freakauth_light->belongsToGroup('user,editor') //returns true if the visitor is logged in and he is AT LEAST an user or an editor (therefore it returns true also if he belongs to user-groups higher in the hierarchy (i.e. superadmin) 346 * 3) $this->freakauth_light->belongsToGroup('admin', true) //this true if the visitor is logged in and is an 'admin' ONLY 347 * 348 * @param string containing comma separated user groups i.e. "user,editor,moderator" 342 } 343 344 // -------------------------------------------------------------------- 345 346 /** 347 * Method used to used to check if a logged in members belongs to the custom 348 * role (group) specified in the first parameter. 349 * It requires 2 optional parameters: 350 * - the first specifies the user roles as a comma separated string 351 * - the second specifies whether we want to check to the specified roles 352 * ONLY or for AT LEAST those group membership in the hierarchy 353 * (returns true also if the logged user belongs to a group higher 354 * in the hierarchy) 355 * 356 * example usage in a controller 357 * (see the relative helper belongsToGroup() to use it in views) 358 * 359 * 1) $this->freakauth_light->belongsToGroup() 360 * returns true if the visitor is logged in and he is AT LEAST an user 361 * 2) $this->freakauth_light->belongsToGroup('user,editor') 362 * returns true if the visitor is logged in and he is AT LEAST an user 363 * or an editor (therefore it returns true also if he belongs to 364 * user-groups higher in the hierarchy (i.e. superadmin) 365 * 3) $this->freakauth_light->belongsToGroup('admin', true) 366 * this true if the visitor is logged in and is an 'admin' ONLY 367 * 368 * @param string with comma separated user roles: "user,editor,moderator" $_group 349 369 * @param boolean $_only 350 370 * @return true/false … … 359 379 if ($_username != false AND $_who_is != false) 360 380 { 361 //if we didn't specify who we are looking for 362 //let's look if the request comes from an 'user'381 // if we didn't specify who we are looking for 382 // let's look if the request comes from an 'user' 363 383 if ($_group==null){$_group='user';} 364 384 365 385 $_groups = explode(",", $_group); 366 386 367 387 $_group = array(); 368 //eliminate possible whitespaces at the beginning and end of groups names 369 //passed as parameters to this function388 // eliminate possible whitespaces at the beginning and end 389 // of groups names passed as parameters to this function 370 390 foreach($_groups as $_grp) 371 391 { 372 392 $_group[] = trim($_grp); 373 393 } 374 375 //let's see if we decided to check if it belongs ONLY to a given group 394 395 // let's see if we decided to check if 396 // it belongs ONLY to a given group 376 397 switch ($_only) 377 398 { 378 // $_only = true399 // $_only = true 379 400 case true: //we decided to check if it belongs ONLY to a given group 380 401 in_array($_who_is, $_group) ? $_condition = true : $_condition = false; 381 402 break; 382 403 383 // $_only false or not specified384 // we decided to check if it belongs AT LEAST to a given group404 // $_only false or not specified 405 // we decided to check if it belongs AT LEAST to a given group 385 406 default: 386 // gets the locked role hierarchy value407 // gets the locked role hierarchy value 387 408 $_hierarchy = $this->CI->config->item('FAL_roles'); 388 // let's see who we are looking for409 // let's see who we are looking for 389 410 390 411 … … 396 417 $_group_hierarchy = max($_group_hierarchy); 397 418 398 //let's see who accessed 399 $_who_hierarchy = $_hierarchy[$_who_is];//gets the role-hierarchy-value of the subject that did the request 419 // let's see who accessed. we need to get the 420 // role-hierarchy-value of the visitor that did the request 421 $_who_hierarchy = $_hierarchy[$_who_is]; 400 422 401 423 $_who_hierarchy <= $_group_hierarchy ? $_condition = true : $_condition = false; … … 404 426 } 405 427 406 // if who did the request doesn't have enough credentials428 // if who did the request doesn't have enough credentials 407 429 if ($_condition==true) 408 430 { … … 411 433 } 412 434 } 413 // if condition==false, db_session turner off or user not found (namely not logged in) in ci_session414 return false; 415 } 435 // if condition==false, db_session turner off or user not found (namely not logged in) in ci_session 436 return false; 437 } 416 438 417 418 419 420 421 422 423 424 439 // -------------------------------------------------------------------- 440 441 /** 442 * Performs the login procedure both for user login 443 * and form administrators login 444 * 445 * @return unknown 446 */ 425 447 function login() 426 { 448 { 427 449 if (!$this->CI->config->item('FAL')) 428 450 { … … 442 464 $password = $this->_encode($password); 443 465 444 // Use the input username and password and check against 'user' table445 //to check if user banned466 // Use the input username and password and check against 467 // 'user' table to check if user banned 446 468 $query = $this->CI->usermodel->getUserForLogin($username, $password); 447 469 … … 454 476 foreach($fields as $field) $userdata[$field] = $row->{$field}; 455 477 456 //verifies if an user has not been banned from the site (i.e. user table, banned=1) 478 // verifies if a user has not been banned from the site 479 // (i.e. user table, banned=1) 457 480 if ($row->{'banned'} == 0) 458 481 { … … 486 509 function logout() 487 510 { 488 // checks if a session exists511 // checks if a session exists 489 512 if ($this->CI->db_session) 490 513 { … … 492 515 493 516 if ($_username != false) 494 // deletes the userdata stored in DB for the user that logged out517 // deletes the userdata stored in DB for the user that logged out 495 518 $this->_unset_user($_username); 496 519 } 497 520 498 // set FLASH MESSAGE521 // set FLASH MESSAGE 499 522 $msg = $this->CI->lang->line('FAL_logout_message'); 500 523 flashMsg($msg); … … 503 526 } 504 527 505 // -------------------------------------------------------------------- 528 // -------------------------------------------------------------------- 506 529 /** 507 530 * Performs the registration procedure 508 531 * Returns true if successful registration, false if unsucessful 509 * 532 * 510 533 * @return boolean 511 534 */ 512 535 function register() 513 536 { 514 // let's clean the user_temp table515 // if we use registration with e-mail verification537 // let's clean the user_temp table 538 // if we use registration with e-mail verification 516 539 if (!$this->CI->config->item('FAL_register_direct')) 517 540 { … … 519 542 } 520 543 521 // let's check if the system is turned on and if we allow users to register544 // let's check if the system is turned on and if we allow users to register 522 545 if (!$this->CI->config->item('FAL') OR $this->CI->config->item('FAL_allow_user_registration')!=TRUE) 523 546 return false; … … 536 559 $password = $this->_encode($password); 537 560 538 // reassignement to the encoded password561 // reassignement to the encoded password 539 562 $values['password'] = $password; 540 563 541 // if we go for standard activation with e-mail verification542 // namely i.e. $config['FAL_register_direct'] = FALSE564 // if we go for standard activation with e-mail verification 565 // namely i.e. $config['FAL_register_direct'] = FALSE 543 566 if (!$this->CI->config->item('FAL_register_direct')) 544 567 { 545 // generates the activation code568 // generates the activation code 546 569 $activation_code = $this->_generateRandomString(); 547 570 $values['activation_code'] = $activation_code; 548 571 $query = $this->CI->UserTemp->insertUserForRegistration($values); 549 572 550 // Use the input username and password and check against 'user_temp' table551 // needed to find the user_temp ID for the activation link573 // Use the input username and password and check against 'user_temp' table 574 // needed to find the user_temp ID for the activation link 552 575 $query = $this->CI->UserTemp->getUserLoginData($username, $password); 553 576 … … 563 586 } 564 587 } 565 //do we skipp e-mail verification? 566 //namely if we go for direct activation i.e. $config['FAL_register_direct'] = TRUE 567 else 588 // do we skipp e-mail verification? 589 // namely if we go for direct activation 590 // i.e. $config['FAL_register_direct'] = TRUE 591 else 568 592 { 569 // let's insert the values in the user table593 // let's insert the values in the user table 570 594 $query = $this->CI->usermodel->insertUser($values); 571 595 572 // if affected rows ==1 set a flash message and redirect to login596 // if affected rows ==1 set a flash message and redirect to login 573 597 if ($this->CI->db->affected_rows() == 1) 574 598 { 575 // if we want the user profile as well599 // if we want the user profile as well 576 600 if($this->CI->config->item('FAL_create_user_profile')) 577 601 { 578 // let's get the last insert id602 // let's get the last insert id 579 603 $data_profile['id'] = $this->CI->db->insert_id(); 580 604 $this->CI->userprofile->insertUserProfile($data_profile); … … 582 606 583 607 flashMsg( $this->CI->lang->line('FAL_activation_success_message') ); 584 return true; 608 return true; 585 609 } 586 610 … … 588 612 } 589 613 } 590 else 614 else 591 615 { 592 // set FLASH MESSAGE616 // set FLASH MESSAGE 593 617 flashMsg( $this->CI->lang->line('FAL_invalid_register_message') ); 594 618 // FIXME : if false is returned, no redirection is done in FAL_front … … 610 634 function activation($id, $activation_code) 611 635 { 612 // let's clean the user_temp table613 // if we use registration with e-mail verification636 // let's clean the user_temp table 637 // if we use registration with e-mail verification 614 638 if (!$this->CI->config->item('FAL_register_direct')) 615 639 { … … 619 643 if (($id > 0) && ($activation_code != '')) 620 644 { 621 // gets userdata from USER_TEMP table645 // gets userdata from USER_TEMP table 622 646 $query = $this->CI->UserTemp->getUserForActivation($id, $activation_code); 623 647 624 //deletes the record from USER_TEMP648 // deletes the record from USER_TEMP 625 649 $this->CI->UserTemp->deleteUserAfterActivation($id); 626 650 … … 635 659 } 636 660 637 //let's insert the new data638 //inserts the new user data in USER table661 // let's insert the new data 662 // inserts the new user data in USER table 639 663 $this->CI->usermodel->insertUser($data); 640 664 641 // if we want the user profile as well665 // if we want the user profile as well 642 666 if($this->CI->config->item('FAL_create_user_profile')) 643 667 { … … 667 691 $email = $this->CI->input->post('email'); 668 692 669 //if $email not false checks the relative password for that user querying the DB 693 // if $email not false 694 // checks the relative password for that user querying the DB 670 695 if (($email != false)) 671 696 { … … 702 727 703 728 /** 704 * Handles the user forgotten password reset requests, when the user clicks on the e-mail link 729 * Handles the user forgotten password reset requests, 730 * when the user clicks on the e-mail link. 705 731 * Returns true if the process has been successful, false otherwise 706 732 * … … 711 737 function forgotten_password_reset($id, $activation_code) 712 738 { 713 // checks if $id>0 and if $activation_code not null739 // checks if $id>0 and if $activation_code not null 714 740 if (($id > 0) && ($activation_code != '')) 715 741 { 716 717 718 719 720 742 /** 743 * recalls the function getUserForForgottenPasswordReset($id, $activation_code) 744 * from the class usermodel 745 * it queries the database looking for the user's $id and $activation_code 746 */ 721 747 $query = $this->CI->usermodel->getUserForForgottenPasswordReset($id, $activation_code); 722 748 723 // if the query returns at least a result namely num_rows() > 0749 // if the query returns at least a result namely num_rows() > 0 724 750 if ($query->num_rows() > 0) 725 751 { … … 728 754 $user = $row->{'user_name'}; 729 755 $email = $row->{'email'}; 730 731 // generates a random password756 757 // generates a random password 732 758 $password = $this->_generateRandomString($this->CI->config->item('FAL_user_password_min'), $this->CI->config->item('FAL_user_password_max')); 733 759 734 // encrypts the random password using the md5 encryption760 // encrypts the random password using the md5 encryption 735 761 $encrypted_password = $this->_encode($password); 736 737 // sends the new generated password to the user762 763 // sends the new generated password to the user 738 764 $this->_sendForgottenPasswordResetEmail($user_id, $user, $email, $password); 739 740 // updates the password in the database765 766 // updates the password in the database 741 767 $this->CI->usermodel->updateUserForForgottenPasswordReset($user_id, $encrypted_password); 742 768 … … 763 789 $new_password = $this->CI->input->post('password'); 764 790 765 // if $email not false checks the relative password for that user querying the DB791 // if $email not false checks the relative password for that user querying the DB 766 792 if ($username != false AND $old_password != false AND $new_password != false) 767 793 { … … 774 800 $user = $row->{'user_name'}; 775 801 $email = $row->{'email'}; 776 777 // clear text password for e-mail802 803 // clear text password for e-mail 778 804 $password_email = $new_password; 779 805 780 // encrypts the password for DB update806 // encrypts the password for DB update 781 807 $new_password = $this->_encode($new_password); 782 808 783 // updates the user table809 // updates the user table 784 810 $this->CI->usermodel->updateUserForForgottenPasswordReset($user_id, $new_password); 785 786 // sends e-mail to user811 812 // sends e-mail to user 787 813 $this->_sendChangePasswordEmail($user_id, $user, $email, $password_email); 788 814 … … 791 817 } 792 818 793 // set unsuccess FLASH MESSAGE819 // set unsuccess FLASH MESSAGE 794 820 $msg = $this->CI->lang->line('FAL_change_password_failed_message'); 795 821 flashMsg($msg); … … 797 823 redirect($this->CI->config->item('FAL_changePassword_uri'), 'location'); 798 824 } 799 } 825 } 800 826 801 827 // -------------------------------------------------------------------- … … 808 834 */ 809 835 function _set_logindata($userdata) 810 { 836 { 811 837 //updates the Last_visit field in the user table 812 838 $this->CI->usermodel->updateUserForLogin($userdata['id']); 813 $this->CI->db_session->set_userdata($userdata); 814 } 815 816 839 $this->CI->db_session->set_userdata($userdata); 840 } 841 842 817 843 // -------------------------------------------------------------------- 818 844 … … 829 855 { 830 856 unset($users); 831 // is better to do a 1 call to unset_userdata passing an array?857 // is better to do a 1 call to unset_userdata passing an array? 832 858 $this->CI->db_session->unset_userdata('id'); 833 859 $this->CI->db_session->unset_userdata('user_name'); … … 837 863 } 838 864 839 865 840 866 // -------------------------------------------------------------------- 841 867 /** 842 868 * Needed to clean the UserTemp table from not completed registration 843 * The records get removed if older than what you set in the configuration file844 * $config['FreakAuthL_temporary_users_expiration']869 * The records get removed if older than what you set in the configuration 870 * file $config['FreakAuthL_temporary_users_expiration'] 845 871 * Cleaning get performed after activation and on new registrations 846 872 * … … 870 896 * Returns an empty string if no user is logged in 871 897 * uses Class db_session method "userdata". 872 * 898 * 873 899 * @return username string of currently logged in user 874 900 * @return empty string if user not logged in … … 954 980 return; 955 981 956 //ELSE unsets userdata from session table 982 //ELSE unsets userdata from session table 957 983 $this->CI->db_session->unset_userdata('FreakAuth_captcha'); 958 984 … … 972 998 /** 973 999 * Deletes the captcha images generated 974 * it deletes them if they "expired". The "expiration" (in seconds) signifies how long an image will 975 * remain in the root/tmp folder before it will be deleted. The default is 10 minutes. Change the value of $expiration 976 * if you want them to be deleted more or less often 1000 * it deletes them if they "expired". The "expiration" (in seconds) 1001 * signifies how long an image will remain in the root/tmp folder before it 1002 * will be deleted. The default is 10 minutes. Change the value 1003 * of $expiration if you want them to be deleted more or less often 977 1004 * 978 1005 * @param float $now … … 983 1010 list($usec, $sec) = explode(" ", microtime()); 984 1011 985 // sets the expiration time of the captcha image1012 // sets the expiration time of the captcha image 986 1013 $expiration=60*10; //10 min 987 1014 … … 1128 1155 1129 1156 /** 1130 * Sends an email from the system to the user that has forgotten the password1131 * the e-mail contains the link to make the reset password start1132 * 1157 * Sends an email from the system to the user that has forgotten the 1158 * password the e-mail contains the link to make the reset password start. 1159 * 1133 1160 * @access private 1134 1161 * @param unknown_type $id … … 1170 1197 1171 1198 1172 // displays message to the user on screen1199 // displays message to the user on screen 1173 1200 $message = $this->CI->load->view($this->CI->config->item('FAL_forgotten_password_reset_email'), $data, true); 1174 1201 1175 1202 $subject= '['.$this->CI->config->item('FAL_website_name').'] '.$this->CI->lang->line('FAL_forgotten_password_email_reset_subject'); 1176 // sends e-mail to the user to reset password1203 // sends e-mail to the user to reset password 1177 1204 $this->_sendEmail($email, $subject, $message); 1178 1205 } … … 1182 1209 /** 1183 1210 * Sends an email from the system to the user that has changed the password 1184 * the e-mail has the newly generated password 1211 * the e-mail has the newly generated password. 1185 1212 * @access private 1186 1213 * @param unknown_type $id … … 1249 1276 $majorsalt=null; 1250 1277 1251 // if you set your encryption key let's use it1278 // if you set your encryption key let's use it 1252 1279 if ($this->CI->config->item('encryption_key')!='') 1253 1280 { 1254 // conctenates the encryption key and the password1281 // conctenates the encryption key and the password 1255 1282 $_password = $this->CI->config->item('encryption_key').$password; 1256 1283 } 1257 1284 else {$_password=$password;} 1258 1285 1259 // if PHP51286 // if PHP5 1260 1287 if (function_exists('str_split')) 1261 1288 { 1262 1289 $_pass = str_split($_password); 1263 1290 } 1264 // if PHP41291 // if PHP4 1265 1292 else 1266 1293 { … … 1275 1302 } 1276 1303 1277 // encrypts every single letter of the password1304 // encrypts every single letter of the password 1278 1305 foreach ($_pass as $_hashpass) 1279 1306 { … … 1281 1308 } 1282 1309 1283 //encrypts the string combinations of every single encrypted letter1284 //and finally returns the encrypted password 1310 // encrypts the string combinations of every single encrypted letter 1311 // and finally returns the encrypted password 1285 1312 return $password=md5($majorsalt); 1286 1313 … … 1354 1381 1355 1382 /** 1356 * Needed to dynamically build rules and fields from config array for add and edit custom user profile 1383 * Needed to dynamically build rules and fields from config array for add 1384 * and edit custom user profile. 1357 1385 * 1358 1386 * @return array of data['rules'] and data['fields'] … … 1360 1388 function _buildUserProfileFieldsRules() 1361 1389 { 1362 // lets get fields names from config1390 // lets get fields names from config 1363 1391 $field_name=$this->CI->config->item('FAL_user_profile_fields_names'); 1364 1392 1365 // lets get fields validation rules from config1393 // lets get fields validation rules from config 1366 1394 $field_rule=$this->CI->config->item('FAL_user_profile_fields_validation_rules'); 1367 1395 1368 1396 1369 // array of fields1397 // array of fields 1370 1398 &