Remove find account by question

2026-05-01 00:02:21 +09:00 · 2017-10-12 16:28:59 +09:00 · 2017-10-12 16:28:59 +09:00 · f02b70afb5
commit f02b70afb5
parent d47aea0aba
15 changed files with 13 additions and 328 deletions
--- a/modules/member/member.controller.php
+++ b/modules/member/member.controller.php
@ -1410,82 +1410,7 @@ class memberController extends member
 	 */
 	function procMemberFindAccountByQuestion()
 	{
-		$oMemberModel = getModel('member');
-		$config = $oMemberModel->getMemberConfig();
-		if($config->enable_find_account_question != 'Y')
-		{
-			return new Object(-1, 'msg_question_not_allowed');
-		}
-		
-		$email_address = Context::get('email_address');
-		$user_id = Context::get('user_id');
-		$find_account_question = trim(Context::get('find_account_question'));
-		$find_account_answer = trim(Context::get('find_account_answer'));
-		if(($config->identifier == 'user_id' && !$user_id) || !$email_address || !$find_account_question || !$find_account_answer)
-		{
-			return new Object(-1, 'msg_invalid_request');
-		}
-		
-		$oModuleModel = getModel('module');
-		// Check if a member having the same email address exists
-		$member_srl = $oMemberModel->getMemberSrlByEmailAddress($email_address);
-		if(!$member_srl) return new Object(-1, 'msg_email_not_exists');
-		
-		// Get information of the member
-		$columnList = array('member_srl', 'find_account_question', 'find_account_answer');
-		$member_info = $oMemberModel->getMemberInfoByMemberSrl($member_srl, 0, $columnList);
-		
-		// Display a message if no answer is entered
-		if(!$member_info->find_account_question || !$member_info->find_account_answer)
-		{
-			return new Object(-1, 'msg_question_not_exists');
-		}
-		
-		// Check question
-		if(trim($member_info->find_account_question) != $find_account_question)
-		{
-			return new Object(-1, 'msg_answer_not_matches');
-		}
-		
-		// Check answer
-		if(Rhymix\Framework\Password::checkAlgorithm($member_info->find_account_answer))
-		{
-			if(!Rhymix\Framework\Password::checkPassword($find_account_answer, $member_info->find_account_answer))
-			{
-				return new Object(-1, 'msg_answer_not_matches');
-			}
-		}
-		else
-		{
-			if($member_info->find_account_answer != $find_account_answer)
-			{
-				return new Object(-1, 'msg_answer_not_matches');
-			}
-			
-			// update to encrypted answer
-			$this->updateFindAccountAnswer($member_srl, $find_account_answer);
-		}
-		
-		if($config->identifier == 'email_address')
-		{
-			$user_id = $email_address;
-		}
-		
-		// Update to a temporary password and set change_password_date to 1
-		$temp_password = Rhymix\Framework\Password::getRandomPassword(8);
-		
-		$args = new stdClass();
-		$args->member_srl = $member_srl;
-		$args->password = $temp_password;
-		$args->change_password_date = '1';
-		$output = $this->updateMemberPassword($args);
-		if(!$output->toBool()) return $output;
-		
-		$_SESSION['xe_temp_password_' . $user_id] = $temp_password;
-		$this->add('user_id', $user_id);
-		
-		$returnUrl = Context::get('success_return_url') ? Context::get('success_return_url') : getNotEncodedUrl('', 'mid', Context::get('mid'), 'act', '');
-		$this->setRedirectUrl($returnUrl.'&user_id='.$user_id);
+		return new Object(-1, 'msg_question_not_allowed');
 	}

 	/**