Reset pass
This commit is contained in:
@@ -384,10 +384,11 @@ enum { PARTNER_STRIPE };
|
||||
|
||||
#define WRENCHBOARD_ADD_MONEYRECIPIENT 600
|
||||
|
||||
#define WRENCHBOARD_CREATE_USER_ACCOUNT 700
|
||||
#define WRENCHBOARD_USER_ACCOUNT_LOGIN 710
|
||||
#define WRENCHBOARD_START_PASSWORDRESET 720
|
||||
#define WRENCHBOARD_COMPLETE_PASSWORDRESET 730
|
||||
#define WRENCHBOARD_CREATE_USER_ACCOUNT 700
|
||||
#define WRENCHBOARD_USER_ACCOUNT_LOGIN 710
|
||||
#define WRENCHBOARD_START_PASSWORDRESET 720
|
||||
#define WRENCHBOARD_VERIFY_PASSWD_RESETLINK 725
|
||||
#define WRENCHBOARD_COMPLETE_PASSWORDRESET 730
|
||||
|
||||
#define WRENCHBOARD_START_ADDMONEY 770
|
||||
#define WRENCHBOARD_COMPLETE_ADDMONEY 775
|
||||
|
||||
@@ -1127,6 +1127,8 @@ long WrenchResetMemberPass(CVars in, CVars &out) {
|
||||
xx["loc"].set_valid(true);
|
||||
xx["reset_pin"] = reset_pin;
|
||||
xx["reset_pin"].set_valid(true);
|
||||
xx["reset_pin"] = xx["reset_pin"].substr(xx["reset_pin"].length() - 6, 6);
|
||||
// v["digits"] = in["cardnumber"].substr(in["cardnumber"].length() - 4, 4);
|
||||
|
||||
out["password_reset_id"] = insert_db_record(DBS_VALID, "password_reset", "password_reset_id_seq", xx);
|
||||
|
||||
|
||||
@@ -396,6 +396,44 @@ long wrenchboard_api_main(CVars in, CVars &out) {
|
||||
|
||||
break;
|
||||
|
||||
case WRENCHBOARD_VERIFY_PASSWD_RESETLINK:
|
||||
OPTIONAL(in, "channel") REQ_STRING(in, "channel", 3, 15, "(.*)");
|
||||
|
||||
|
||||
if ( in["channel"]=="MOBILE"){
|
||||
REQ_STRING(in, "reset_uid", 1, 100, "(.*)");
|
||||
REQ_STRING(in, "m_uid", 1, 100, "(.*)");
|
||||
REQ_STRING(in, "reset_pin", 1, 15, "(.*)");
|
||||
|
||||
CVars xx;
|
||||
if (load_db_record(xx, "SELECT p.id AS lostpass_id,p.member_id, p.uid AS pending_uid "
|
||||
" FROM password_reset p LEFT JOIN members m ON m.id = p.member_id "
|
||||
" WHERE p.uid ='%s' AND p.reset_pin='%s' AND p.status IN (0,1) AND m.uid='%s'", in["reset_uid"].c_str(), in["reset_pin"].c_str(), in["m_uid"].c_str())) {
|
||||
in["reset_link"] = xx["pass_link"]; in["reset_link"] .set_valid( true );
|
||||
|
||||
}
|
||||
else{
|
||||
out["status"] = "Invalid";
|
||||
out["status_msg"] = "invalid_password_link_verification";
|
||||
return -1;
|
||||
}
|
||||
}
|
||||
|
||||
REQ_STRING(in, "reset_link", 1, 100, "(.*)");
|
||||
if (load_db_record(out, "SELECT p.id AS lostpass_id,p.member_id, p.uid AS pending_uid FROM password_reset p LEFT JOIN members m ON m.id = p.member_id WHERE p.pass_link ='%s' AND p.status IN (0,1)", in["reset_link"].c_str())) {
|
||||
if (out["lostpass_id"].Long() > 0){
|
||||
pgsql_exec("UPDATE password_reset SET status = 3 WHERE status IN (0, 1) AND member_id=%lu AND id = %lu ", out["member_id"].Long(), out["lostpass_id"].Long());
|
||||
CompletePassResetEmail(out);
|
||||
}else{
|
||||
out["status_message"] = "Invalid Request";
|
||||
}
|
||||
|
||||
} else {
|
||||
out["status_message"] = "Pass Reset Failed";
|
||||
return -1;
|
||||
}
|
||||
break;
|
||||
|
||||
|
||||
|
||||
case WRENCHBOARD_COMPLETE_PASSWORDRESET:
|
||||
@@ -403,7 +441,7 @@ long wrenchboard_api_main(CVars in, CVars &out) {
|
||||
REQ_STRING(in, "newpass", 5, 20, "(.*)");
|
||||
if (load_db_record(out, "SELECT p.id AS lostpass_id,p.member_id, m.* FROM password_reset p LEFT JOIN members m ON m.id = p.member_id WHERE p.pass_link ='%s' AND p.status IN (0,1)", in["reset_link"].c_str())) {
|
||||
if (out["lostpass_id"].Long() > 0){
|
||||
pgsql_exec("UPDATE password_reset SET status = 5 WHERE status IN (0, 1,3) AND member_id=%lu AND id = %lu ", out["member_id"].Long(), out["lostpass_id"].Long());
|
||||
pgsql_exec("UPDATE password_reset SET status = 5 WHERE status IN (3) AND member_id=%lu AND id = %lu ", out["member_id"].Long(), out["lostpass_id"].Long());
|
||||
pgsql_exec("UPDATE members SET password =md5('%s') WHERE id = %lu ", in["newpass"].c_str(), out["member_id"].Long());
|
||||
CompletePassResetEmail(out);
|
||||
}else{
|
||||
|
||||
@@ -362,8 +362,10 @@ define('WRENCHBOARD_ADD_MONEYRECIPIENT', 600);
|
||||
|
||||
define('WRENCHBOARD_CREATE_USER_ACCOUNT', 700);
|
||||
define('WRENCHBOARD_USER_ACCOUNT_LOGIN', 710);
|
||||
define('WRENCHBOARD_START_PASSWORDRESET', 720);
|
||||
define('WRENCHBOARD_COMPLETE_PASSWORDRESET', 730);
|
||||
|
||||
const WRENCHBOARD_START_PASSWORDRESET = 720;
|
||||
const WRENCHBOARD_VERIFY_PASSWD_RESETLINK = 725;
|
||||
const WRENCHBOARD_COMPLETE_PASSWORDRESET = 730;
|
||||
|
||||
//#define WRENCHBOARD_START_ADDMONEY', 770 );
|
||||
//#define WRENCHBOARD_COMPLETE_ADDMONEY' 775 );
|
||||
|
||||
@@ -136,6 +136,9 @@ class WrenchApi extends BaseController
|
||||
if($in['step']==300){
|
||||
$in["action"] = WRENCHBOARD_COMPLETE_PASSWORDRESET;
|
||||
}
|
||||
if($in['step']==200){
|
||||
$in["action"] = WRENCHBOARD_VERIFY_PASSWD_RESETLINK;
|
||||
}
|
||||
break;
|
||||
case 'starttopup':
|
||||
$in["action"] = WRENCHBOARD_ACCOUNT_PREPARE_TOPUP;
|
||||
|
||||
Reference in New Issue
Block a user