public function checkTokenAction(Request $request)
{
$translator = $this->container->get('translator');
$preferencesService = $this->container->get('system_preferences_service');
$email = $request->get('email');
$token = $request->get('token');
$noPassword = false;
$success = false;
$error = '';
$form = $this->container->get('form.factory')->create(new PasswordCheckType(), array(), array());
if ($preferencesService->get("PasswordRecovery") == 'N') {
$noPassword = false;
$error = $translator->trans('Password recovery is disabled.', array(), 'home');
} elseif (!stristr($email, "@") == false && strlen($token) > 4) {
$noPassword = true;
$user = $this->container->get('user')->findOneBy(array('email' => $email, 'is_admin' => true));
if ($user != null) {
$tokenGenerated = (int) substr($token, -10);
// valid for 48 hours
if ($user->getResetToken() == $token && time() - $tokenGenerated < 48 * 3600) {
if ($request->isMethod('POST')) {
$form->handleRequest($request);
if ($form->isValid()) {
$data = $form->getData();
$newPassword = $data['password'];
if (strlen($newPassword) >= 6) {
$this->setPassword($user, $newPassword);
$success = true;
$noPassword = false;
} else {
$error = $translator->trans('Your new password must have at least 6 characters.', array(), 'home');
}
}
}
} else {
$noPassword = false;
$error = $translator->trans('This link is not valid.', array(), 'home');
}
} else {
$noPassword = false;
$error = $translator->trans('Bad input parameters.', array(), 'home');
}
} else {
$noPassword = false;
$error = $translator->trans('Bad input parameters.', array(), 'home');
}
return array('form' => $form->createView(), 'error' => $error, 'success' => $success, 'noPassword' => $noPassword, 'email' => $email, 'token' => $token);
}