From e9e241011e2c390b0e2d88e330ed5fa770369a8d Mon Sep 17 00:00:00 2001
From: Tristan Zur <tzur@ccwn.org>
Date: Sun, 20 May 2012 15:11:36 +0200
Subject: =?UTF-8?q?Benutzer:=20Basisimplementierung=20um=20neues=20Passwor?=
 =?UTF-8?q?t=20zu=20generieren=20=09aktuell=20ohne=20eMail-Versand=20und?=
 =?UTF-8?q?=20direkte=20Anzeige=20des=20Passworts=20in=20der=20Oberfl?=
 =?UTF-8?q?=C3=A4che?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 protected/components/UserIdentity.php    |  17 ++--
 protected/config/test.php                |   2 +-
 protected/controllers/UserController.php | 131 ++++++++++++++++++-------------
 protected/models/User.php                |  36 ++++++++-
 protected/runtime/application.log        | 123 +++++++++++++++++++++++++++++
 protected/views/layouts/main.php         |  54 +++++++++----
 protected/views/user/admin.php           |  37 +++++++++
 7 files changed, 316 insertions(+), 84 deletions(-)

diff --git a/protected/components/UserIdentity.php b/protected/components/UserIdentity.php
index e506ef8..280515c 100644
--- a/protected/components/UserIdentity.php
+++ b/protected/components/UserIdentity.php
@@ -5,18 +5,15 @@
  * It contains the authentication method that checks if the provided
  * data can identity the user.
  */
-class UserIdentity extends CUserIdentity
-{
+class UserIdentity extends CUserIdentity {
 	public $id;
-	public $isAdmin;
 	/**
 	 * Authenticates a user.
 	 * 
 	 * @return boolean whether authentication succeeds.
 	 */
-	public function authenticate()
-	{
-		$user = User::model()->find('LOWER(username)=?',array(strtolower($this->username)));
+	public function authenticate() {
+		$user = User::model()->find('LOWER(username)=?', array(strtolower($this->username)));
 		if ($user === null){
 			$this->errorCode = self::ERROR_USERNAME_INVALID;
 		} else if (!$user->checkPassword($this->password)) {
@@ -25,12 +22,18 @@ class UserIdentity extends CUserIdentity
 			$this->id = $user->id;
 			$this->username = $user->username;
 			$this->setState("isAdmin", $user->is_super_admin);
-			$verein = Verein::model()->find('LOWER(slug)=?',array(strtolower($this->username)));
+			$verein = Verein::model()->find('LOWER(slug)=?', array(strtolower($this->username)));
 			if (null !== $verein) {
 				$this->setState("vereinId", $verein->id);
+				$this->setState("hasToChangePW", $user->admin_pw_reset);
 			} else {
 				$this->setState("vereinId", 0);
+				$this->setState("hasToChangePW", false);
 			}
+			
+			$user->last_login = new CDbExpression('NOW()');
+			$user->save();
+			
 			$this->errorCode = self::ERROR_NONE;
 		}
 		return $this->errorCode == self::ERROR_NONE;
diff --git a/protected/config/test.php b/protected/config/test.php
index fd7085a..bdb4ad9 100644
--- a/protected/config/test.php
+++ b/protected/config/test.php
@@ -1,7 +1,7 @@
 <?php
 
 return CMap::mergeArray(
-	require(dirname(__FILE__).'/main.php'),
+	require(dirname(__FILE__).'/maincfg.php'),
 	array(
 		'components'=>array(
 			'fixture'=>array(
diff --git a/protected/controllers/UserController.php b/protected/controllers/UserController.php
index 79fc7e8..b061795 100644
--- a/protected/controllers/UserController.php
+++ b/protected/controllers/UserController.php
@@ -1,18 +1,16 @@
 <?php
 
-class UserController extends Controller
-{
+class UserController extends Controller {
 	/**
 	 * @var string the default layout for the views. Defaults to '//layouts/column2', meaning
 	 * using two-column layout. See 'protected/views/layouts/column2.php'.
 	 */
-	public $layout='//layouts/column2';
+	public $layout = '//layouts/column2';
 
 	/**
 	 * @return array action filters
 	 */
-	public function filters()
-	{
+	public function filters() {
 		return array(
 			'accessControl', // perform access control for CRUD operations
 		);
@@ -23,11 +21,10 @@ class UserController extends Controller
 	 * This method is used by the 'accessControl' filter.
 	 * @return array access control rules
 	 */
-	public function accessRules()
-	{
+	public function accessRules() {
 		return array(
 			array('allow', // allow admin user to perform 'admin' and 'delete' actions
-				'actions'=>array('create','update','index','view','admin','delete'),
+				'actions'=>array('create', 'update', 'index', 'view', 'admin', 'delete', 'newPassword'),
 				'users'=>array('admin'),
 			),
 			array('deny',  // deny all users
@@ -40,9 +37,8 @@ class UserController extends Controller
 	 * Displays a particular model.
 	 * @param integer $id the ID of the model to be displayed
 	 */
-	public function actionView($id)
-	{
-		$this->render('view',array(
+	public function actionView($id) {
+		$this->render('view', array(
 			'model'=>$this->loadModel($id),
 		));
 	}
@@ -51,21 +47,20 @@ class UserController extends Controller
 	 * Creates a new model.
 	 * If creation is successful, the browser will be redirected to the 'view' page.
 	 */
-	public function actionCreate()
-	{
-		$model=new User;
+	public function actionCreate() {
+		$model = new User;
 
 		// Uncomment the following line if AJAX validation is needed
 		// $this->performAjaxValidation($model);
 
-		if(isset($_POST['User']))
-		{
-			$model->attributes=$_POST['User'];
-			if($model->save())
-				$this->redirect(array('view','id'=>$model->id));
+		if (isset($_POST['User'])) {
+			$model->attributes = $_POST['User'];
+			if ($model->save()) {
+				$this->redirect(array('view', 'id'=>$model->id));
+			}
 		}
 
-		$this->render('create',array(
+		$this->render('create', array(
 			'model'=>$model,
 		));
 	}
@@ -75,21 +70,20 @@ class UserController extends Controller
 	 * If update is successful, the browser will be redirected to the 'view' page.
 	 * @param integer $id the ID of the model to be updated
 	 */
-	public function actionUpdate($id)
-	{
-		$model=$this->loadModel($id);
+	public function actionUpdate($id) {
+		$model = $this->loadModel($id);
 
 		// Uncomment the following line if AJAX validation is needed
 		// $this->performAjaxValidation($model);
 
-		if(isset($_POST['User']))
-		{
-			$model->attributes=$_POST['User'];
-			if($model->save())
-				$this->redirect(array('view','id'=>$model->id));
+		if (isset($_POST['User'])) {
+			$model->attributes = $_POST['User'];
+			if ($model->save()) {
+				$this->redirect(array('view', 'id'=>$model->id));
+			}
 		}
 
-		$this->render('update',array(
+		$this->render('update', array(
 			'model'=>$model,
 		));
 	}
@@ -99,28 +93,26 @@ class UserController extends Controller
 	 * If deletion is successful, the browser will be redirected to the 'admin' page.
 	 * @param integer $id the ID of the model to be deleted
 	 */
-	public function actionDelete($id)
-	{
-		if(Yii::app()->request->isPostRequest)
-		{
+	public function actionDelete($id) {
+		if (Yii::app()->request->isPostRequest) {
 			// we only allow deletion via POST request
 			$this->loadModel($id)->delete();
 
 			// if AJAX request (triggered by deletion via admin grid view), we should not redirect the browser
-			if(!isset($_GET['ajax']))
+			if (!isset($_GET['ajax'])) {
 				$this->redirect(isset($_POST['returnUrl']) ? $_POST['returnUrl'] : array('admin'));
+			}
+		} else {
+			throw new CHttpException(400, 'Invalid request. Please do not repeat this request again.');
 		}
-		else
-			throw new CHttpException(400,'Invalid request. Please do not repeat this request again.');
 	}
 
 	/**
 	 * Lists all models.
 	 */
-	public function actionIndex()
-	{
-		$dataProvider=new CActiveDataProvider('User');
-		$this->render('index',array(
+	public function actionIndex() {
+		$dataProvider = new CActiveDataProvider('User');
+		$this->render('index', array(
 			'dataProvider'=>$dataProvider,
 		));
 	}
@@ -128,28 +120,59 @@ class UserController extends Controller
 	/**
 	 * Manages all models.
 	 */
-	public function actionAdmin()
-	{
-		$model=new User('search');
+	public function actionAdmin() {
+		$model = new User('search');
 		$model->unsetAttributes();  // clear any default values
-		if(isset($_GET['User']))
-			$model->attributes=$_GET['User'];
+		if (isset($_GET['User'])) {
+			$model->attributes = $_GET['User'];
+		}
 
-		$this->render('admin',array(
+		$this->render('admin', array(
 			'model'=>$model,
 		));
 	}
+	
+	public function actionNewPassword() {
+	    if (Yii::app()->request->isAjaxRequest) {
+	        if (isset($_POST['id'])) {
+	            $model = $this->loadModel($_POST['id']);
+	            
+	            $pw = $model->generateNewPassword();
+	            
+	            $model->password = $pw;
+	            $model->admin_pw_reset = true;
+	            
+	            if ($model->save()) {
+	                // TODO Send email
+	                 echo CJSON::encode(array(
+                        'status'=>'success',
+                        'message'=>'Das neue Passwort wurde erfolgreich generiert: '.$pw
+    	            ));
+	                Yii::app()->end();
+	            } else {
+	                echo CJSON::encode(array(
+                        'status'=>'failure',
+                        'message'=>'Fehler bei der Generierung des neuen Passworts.'
+	                ));
+	            }
+	        } else {
+	            throw new CHttpException(400);
+	        }
+	    } else {
+	        throw new CHttpException(400);
+	    }
+	}
 
 	/**
 	 * Returns the data model based on the primary key given in the GET variable.
 	 * If the data model is not found, an HTTP exception will be raised.
 	 * @param integer the ID of the model to be loaded
 	 */
-	public function loadModel($id)
-	{
-		$model=User::model()->findByPk($id);
-		if($model===null)
-			throw new CHttpException(404,'The requested page does not exist.');
+	public function loadModel($id) {
+		$model = User::model()->findByPk($id);
+		if ($model === null) {
+			throw new CHttpException(404, 'The requested user does not exist.');
+		}
 		return $model;
 	}
 
@@ -157,10 +180,8 @@ class UserController extends Controller
 	 * Performs the AJAX validation.
 	 * @param CModel the model to be validated
 	 */
-	protected function performAjaxValidation($model)
-	{
-		if(isset($_POST['ajax']) && $_POST['ajax']==='user-form')
-		{
+	protected function performAjaxValidation($model) {
+		if(isset($_POST['ajax']) && $_POST['ajax'] === 'user-form') {
 			echo CActiveForm::validate($model);
 			Yii::app()->end();
 		}
diff --git a/protected/models/User.php b/protected/models/User.php
index e0a5eeb..c432afe 100644
--- a/protected/models/User.php
+++ b/protected/models/User.php
@@ -1,9 +1,9 @@
 <?php
 
 /**
- * This is the model class for table "astaf_user".
+ * This is the model class for table "benutzer".
  *
- * The followings are the available columns in table 'astaf_user':
+ * The followings are the available columns in table 'benutzer':
  * @property integer $id
  * @property string $username
  * @property string $algorithm
@@ -13,6 +13,11 @@
  * @property string $last_login
  * @property integer $is_active
  * @property integer $is_super_admin
+ * @property integer $admin_pw_reset
+ * @property integer $user_pw_reset
+ *
+ * The followings are the available model relations:
+ * @property Vereine[] $vereine
  */
 class User extends CActiveRecord
 {
@@ -43,9 +48,9 @@ class User extends CActiveRecord
 		// will receive user inputs.
 		return array(
 			array('username, password', 'required'),
-			array('is_active, is_super_admin', 'numerical', 'integerOnly'=>true),
+			array('is_active, is_super_admin, admin_pw_reset, user_pw_reset', 'numerical', 'integerOnly'=>true),
 			array('username, password', 'length', 'max'=>128),
-			array('created_at', 'safe'),
+			array('created_at, last_login', 'safe'),
 			// The following rule is used by search().
 			// Please remove those attributes that should not be searched.
 			array('id, username, created_at, last_login, is_active, is_super_admin', 'safe', 'on'=>'search'),
@@ -60,6 +65,7 @@ class User extends CActiveRecord
 		// NOTE: you may need to adjust the relation name and the related
 		// class name for the relations automatically generated below.
 		return array(
+                'vereine' => array(self::HAS_MANY, 'Vereine', 'slug'),
 		);
 	}
 
@@ -83,6 +89,7 @@ class User extends CActiveRecord
 		if ($this->isNewRecord) {
 			$this->created_at = new CDbExpression("NOW()");
 			$this->salt = $this->generateRandomKey();
+			$this->admin_pw_reset = true;
 		}
 		
 		if (!$this->checkPassword($this->password)) {
@@ -120,6 +127,27 @@ class User extends CActiveRecord
 		return $this->encryptPassword($password) == $this->password;
 	}
 	
+	public function generateNewPassword() {
+	    $hashes = array();
+	    $hashes[0] = hash("sha256", "aSTaF2012");
+	    $hashes[1] = hash("sha256", $this->username);
+	    $hashes[2] = hash("sha256", $this->id);
+	     
+	    $r1 = mt_rand();
+	    $r1 = $r1 % 3;
+	     
+	    $r2 = mt_rand();
+	    $r2 = $r2 % 3;
+	     
+	    $r3 = mt_rand();
+	    $r3 = $r3 % 3;
+	     
+	    $hash = hash("sha256", $hashes[$r2].$hashes[$r1].$hashes[$r3]);
+	    $pw = substr($hash, mt_rand(0, 58), mt_rand(7, 10));
+	    
+	    return $pw;
+	}
+	
 	protected function encryptPassword($password) {
 		return sha1($this->salt.$password);
 	}
diff --git a/protected/runtime/application.log b/protected/runtime/application.log
index 11a2fc4..80c7626 100644
--- a/protected/runtime/application.log
+++ b/protected/runtime/application.log
@@ -6686,3 +6686,126 @@ Stack trace:
 REQUEST_URI=/admin.astaf.de/index.php?r=myAngebot/createAngebot
 HTTP_REFERER=http://dev.astaf.de:90/admin.astaf.de/index.php?r=myAngebot/create
 ---
+2012/05/20 12:19:31 [error] [exception.CException] exception 'CException' with message 'CAssetManager.basePath "D:\Projects\Astaf\workspace\admin.astaf.de\protected\tests\functional\assets" ist ungültig. Bitte stellen Sie sicher, dass das Verzeichnis existiert und der Webserver-Prozess Schreibrechte dafür besitzt.' in D:\Projects\Astaf\workspace\yii\framework\web\CAssetManager.php:116
+Stack trace:
+#0 D:\Projects\Astaf\workspace\yii\framework\web\CAssetManager.php(101): CAssetManager->setBasePath('D:\Projects\Ast...')
+#1 D:\Projects\Astaf\workspace\yii\framework\web\CAssetManager.php(219): CAssetManager->getBasePath()
+#2 D:\Projects\Astaf\workspace\yii\framework\web\CClientScript.php(449): CAssetManager->publish('D:\Projects\Ast...')
+#3 D:\Projects\Astaf\workspace\yii\framework\web\CClientScript.php(486): CClientScript->getCoreScriptUrl()
+#4 D:\Projects\Astaf\workspace\yii\framework\web\CClientScript.php(302): CClientScript->getPackageBaseUrl('jquery')
+#5 D:\Projects\Astaf\workspace\yii\framework\web\CClientScript.php(195): CClientScript->renderCoreScripts()
+#6 D:\Projects\Astaf\workspace\yii\framework\web\CController.php(352): CClientScript->render('<!DOCTYPE html>...')
+#7 D:\Projects\Astaf\workspace\yii\framework\web\CController.php(789): CController->processOutput('<!DOCTYPE html>...')
+#8 D:\Projects\Astaf\workspace\admin.astaf.de\protected\controllers\SiteController.php(93): CController->render('login', Array)
+#9 D:\Projects\Astaf\workspace\yii\framework\web\actions\CInlineAction.php(50): SiteController->actionLogin()
+#10 D:\Projects\Astaf\workspace\yii\framework\web\CController.php(309): CInlineAction->runWithParams(Array)
+#11 D:\Projects\Astaf\workspace\yii\framework\web\CController.php(287): CController->runAction(Object(CInlineAction))
+#12 D:\Projects\Astaf\workspace\yii\framework\web\CController.php(266): CController->runActionWithFilters(Object(CInlineAction), Array)
+#13 D:\Projects\Astaf\workspace\yii\framework\web\CWebApplication.php(276): CController->run('login')
+#14 D:\Projects\Astaf\workspace\yii\framework\web\CWebApplication.php(135): CWebApplication->runController('site/login')
+#15 D:\Projects\Astaf\workspace\yii\framework\base\CApplication.php(162): CWebApplication->processRequest()
+#16 D:\Projects\Astaf\workspace\admin.astaf.de\protected\tests\functional\UserControllerTest.php(5): CApplication->run()
+#17 {main}
+REQUEST_URI=/admin.astaf.de/protected/tests/functional/UserControllerTest.php?r=site/login
+---
+2012/05/20 12:20:51 [error] [exception.CHttpException.404] exception 'CHttpException' with message 'Das System konnte die angeforderte Action "newPassword" nicht finden.' in D:\Projects\Astaf\workspace\yii\framework\web\CController.php:484
+Stack trace:
+#0 D:\Projects\Astaf\workspace\yii\framework\web\CController.php(271): CController->missingAction('newPassword')
+#1 D:\Projects\Astaf\workspace\yii\framework\web\CWebApplication.php(276): CController->run('newPassword')
+#2 D:\Projects\Astaf\workspace\yii\framework\web\CWebApplication.php(135): CWebApplication->runController('verein/newPassw...')
+#3 D:\Projects\Astaf\workspace\yii\framework\base\CApplication.php(162): CWebApplication->processRequest()
+#4 D:\Projects\Astaf\workspace\admin.astaf.de\index-test.php(15): CApplication->run()
+#5 {main}
+REQUEST_URI=/admin.astaf.de/index-test.php?r=verein/newPassword
+---
+2012/05/20 12:21:01 [error] [exception.CHttpException.400] exception 'CHttpException' with message 'Ihre Anfrage ist ungültig.' in D:\Projects\Astaf\workspace\yii\framework\web\CController.php:337
+Stack trace:
+#0 D:\Projects\Astaf\workspace\yii\framework\web\CController.php(310): CController->invalidActionParams(Object(CInlineAction))
+#1 D:\Projects\Astaf\workspace\yii\framework\web\filters\CFilterChain.php(134): CController->runAction(Object(CInlineAction))
+#2 D:\Projects\Astaf\workspace\yii\framework\web\filters\CFilter.php(41): CFilterChain->run()
+#3 D:\Projects\Astaf\workspace\yii\framework\web\CController.php(1146): CFilter->filter(Object(CFilterChain))
+#4 D:\Projects\Astaf\workspace\yii\framework\web\filters\CInlineFilter.php(59): CController->filterAccessControl(Object(CFilterChain))
+#5 D:\Projects\Astaf\workspace\yii\framework\web\filters\CFilterChain.php(131): CInlineFilter->filter(Object(CFilterChain))
+#6 D:\Projects\Astaf\workspace\yii\framework\web\CController.php(292): CFilterChain->run()
+#7 D:\Projects\Astaf\workspace\yii\framework\web\CController.php(266): CController->runActionWithFilters(Object(CInlineAction), Array)
+#8 D:\Projects\Astaf\workspace\yii\framework\web\CWebApplication.php(276): CController->run('newPassword')
+#9 D:\Projects\Astaf\workspace\yii\framework\web\CWebApplication.php(135): CWebApplication->runController('user/newPasswor...')
+#10 D:\Projects\Astaf\workspace\yii\framework\base\CApplication.php(162): CWebApplication->processRequest()
+#11 D:\Projects\Astaf\workspace\admin.astaf.de\index-test.php(15): CApplication->run()
+#12 {main}
+REQUEST_URI=/admin.astaf.de/index-test.php?r=user/newPassword
+---
+2012/05/20 12:21:14 [error] [exception.CException] exception 'CException' with message 'Eigenschaft "User.slug ist nicht definiert.' in D:\Projects\Astaf\workspace\yii\framework\base\CComponent.php:131
+Stack trace:
+#0 D:\Projects\Astaf\workspace\yii\framework\db\ar\CActiveRecord.php(144): CComponent->__get('slug')
+#1 D:\Projects\Astaf\workspace\admin.astaf.de\protected\controllers\UserController.php(140): CActiveRecord->__get('slug')
+#2 [internal function]: UserController->actionNewPassword('1')
+#3 D:\Projects\Astaf\workspace\yii\framework\web\actions\CAction.php(107): ReflectionMethod->invokeArgs(Object(UserController), Array)
+#4 D:\Projects\Astaf\workspace\yii\framework\web\actions\CInlineAction.php(48): CAction->runWithParamsInternal(Object(UserController), Object(ReflectionMethod), Array)
+#5 D:\Projects\Astaf\workspace\yii\framework\web\CController.php(309): CInlineAction->runWithParams(Array)
+#6 D:\Projects\Astaf\workspace\yii\framework\web\filters\CFilterChain.php(134): CController->runAction(Object(CInlineAction))
+#7 D:\Projects\Astaf\workspace\yii\framework\web\filters\CFilter.php(41): CFilterChain->run()
+#8 D:\Projects\Astaf\workspace\yii\framework\web\CController.php(1146): CFilter->filter(Object(CFilterChain))
+#9 D:\Projects\Astaf\workspace\yii\framework\web\filters\CInlineFilter.php(59): CController->filterAccessControl(Object(CFilterChain))
+#10 D:\Projects\Astaf\workspace\yii\framework\web\filters\CFilterChain.php(131): CInlineFilter->filter(Object(CFilterChain))
+#11 D:\Projects\Astaf\workspace\yii\framework\web\CController.php(292): CFilterChain->run()
+#12 D:\Projects\Astaf\workspace\yii\framework\web\CController.php(266): CController->runActionWithFilters(Object(CInlineAction), Array)
+#13 D:\Projects\Astaf\workspace\yii\framework\web\CWebApplication.php(276): CController->run('newPassword')
+#14 D:\Projects\Astaf\workspace\yii\framework\web\CWebApplication.php(135): CWebApplication->runController('user/newPasswor...')
+#15 D:\Projects\Astaf\workspace\yii\framework\base\CApplication.php(162): CWebApplication->processRequest()
+#16 D:\Projects\Astaf\workspace\admin.astaf.de\index-test.php(15): CApplication->run()
+#17 {main}
+REQUEST_URI=/admin.astaf.de/index-test.php?r=user/newPassword&id=1
+---
+2012/05/20 12:23:31 [error] [php] Trying to get property of non-object (D:\Projects\Astaf\workspace\admin.astaf.de\protected\controllers\UserController.php:153)
+Stack trace:
+#0 D:\Projects\Astaf\workspace\yii\framework\web\actions\CInlineAction.php(48): CInlineAction->runWithParamsInternal()
+#1 D:\Projects\Astaf\workspace\yii\framework\web\CController.php(309): CInlineAction->runWithParams()
+#2 D:\Projects\Astaf\workspace\yii\framework\web\filters\CFilterChain.php(134): UserController->runAction()
+#3 D:\Projects\Astaf\workspace\yii\framework\web\filters\CFilter.php(41): CFilterChain->run()
+#4 D:\Projects\Astaf\workspace\yii\framework\web\CController.php(1146): CAccessControlFilter->filter()
+#5 D:\Projects\Astaf\workspace\yii\framework\web\filters\CInlineFilter.php(59): UserController->filterAccessControl()
+#6 D:\Projects\Astaf\workspace\yii\framework\web\filters\CFilterChain.php(131): CInlineFilter->filter()
+#7 D:\Projects\Astaf\workspace\yii\framework\web\CController.php(292): CFilterChain->run()
+#8 D:\Projects\Astaf\workspace\yii\framework\web\CController.php(266): UserController->runActionWithFilters()
+#9 D:\Projects\Astaf\workspace\yii\framework\web\CWebApplication.php(276): UserController->run()
+#10 D:\Projects\Astaf\workspace\yii\framework\web\CWebApplication.php(135): CWebApplication->runController()
+#11 D:\Projects\Astaf\workspace\yii\framework\base\CApplication.php(162): CWebApplication->processRequest()
+#12 D:\Projects\Astaf\workspace\admin.astaf.de\index-test.php(15): CWebApplication->run()
+REQUEST_URI=/admin.astaf.de/index-test.php?r=user/newPassword&id=1
+2012/05/20 13:04:50 [error] [php] Undefined variable: model (D:\Projects\Astaf\workspace\admin.astaf.de\protected\models\User.php:132)
+Stack trace:
+#0 D:\Projects\Astaf\workspace\yii\framework\web\actions\CAction.php(107): ReflectionMethod->invokeArgs()
+#1 D:\Projects\Astaf\workspace\yii\framework\web\actions\CInlineAction.php(48): CInlineAction->runWithParamsInternal()
+#2 D:\Projects\Astaf\workspace\yii\framework\web\CController.php(309): CInlineAction->runWithParams()
+#3 D:\Projects\Astaf\workspace\yii\framework\web\filters\CFilterChain.php(134): UserController->runAction()
+#4 D:\Projects\Astaf\workspace\yii\framework\web\filters\CFilter.php(41): CFilterChain->run()
+#5 D:\Projects\Astaf\workspace\yii\framework\web\CController.php(1146): CAccessControlFilter->filter()
+#6 D:\Projects\Astaf\workspace\yii\framework\web\filters\CInlineFilter.php(59): UserController->filterAccessControl()
+#7 D:\Projects\Astaf\workspace\yii\framework\web\filters\CFilterChain.php(131): CInlineFilter->filter()
+#8 D:\Projects\Astaf\workspace\yii\framework\web\CController.php(292): CFilterChain->run()
+#9 D:\Projects\Astaf\workspace\yii\framework\web\CController.php(266): UserController->runActionWithFilters()
+#10 D:\Projects\Astaf\workspace\yii\framework\web\CWebApplication.php(276): UserController->run()
+#11 D:\Projects\Astaf\workspace\yii\framework\web\CWebApplication.php(135): CWebApplication->runController()
+#12 D:\Projects\Astaf\workspace\yii\framework\base\CApplication.php(162): CWebApplication->processRequest()
+#13 D:\Projects\Astaf\workspace\admin.astaf.de\index-test.php(15): CWebApplication->run()
+REQUEST_URI=/admin.astaf.de/index-test.php?r=user/newPassword&id=1
+2012/05/20 14:53:11 [error] [exception.CHttpException.400] exception 'CHttpException' in D:\Projects\Astaf\workspace\admin.astaf.de\protected\controllers\UserController.php:159
+Stack trace:
+#0 D:\Projects\Astaf\workspace\yii\framework\web\actions\CInlineAction.php(50): UserController->actionNewPassword()
+#1 D:\Projects\Astaf\workspace\yii\framework\web\CController.php(309): CInlineAction->runWithParams(Array)
+#2 D:\Projects\Astaf\workspace\yii\framework\web\filters\CFilterChain.php(134): CController->runAction(Object(CInlineAction))
+#3 D:\Projects\Astaf\workspace\yii\framework\web\filters\CFilter.php(41): CFilterChain->run()
+#4 D:\Projects\Astaf\workspace\yii\framework\web\CController.php(1146): CFilter->filter(Object(CFilterChain))
+#5 D:\Projects\Astaf\workspace\yii\framework\web\filters\CInlineFilter.php(59): CController->filterAccessControl(Object(CFilterChain))
+#6 D:\Projects\Astaf\workspace\yii\framework\web\filters\CFilterChain.php(131): CInlineFilter->filter(Object(CFilterChain))
+#7 D:\Projects\Astaf\workspace\yii\framework\web\CController.php(292): CFilterChain->run()
+#8 D:\Projects\Astaf\workspace\yii\framework\web\CController.php(266): CController->runActionWithFilters(Object(CInlineAction), Array)
+#9 D:\Projects\Astaf\workspace\yii\framework\web\CWebApplication.php(276): CController->run('newPassword')
+#10 D:\Projects\Astaf\workspace\yii\framework\web\CWebApplication.php(135): CWebApplication->runController('user/newPasswor...')
+#11 D:\Projects\Astaf\workspace\yii\framework\base\CApplication.php(162): CWebApplication->processRequest()
+#12 D:\Projects\Astaf\workspace\admin.astaf.de\index.php(13): CApplication->run()
+#13 {main}
+REQUEST_URI=/admin.astaf.de/index.php?r=user/newPassword
+HTTP_REFERER=http://dev.astaf.de:90/admin.astaf.de/index.php?r=user/admin
+---
diff --git a/protected/views/layouts/main.php b/protected/views/layouts/main.php
index 7a9f52e..63ae0d0 100644
--- a/protected/views/layouts/main.php
+++ b/protected/views/layouts/main.php
@@ -29,26 +29,46 @@
 	<div id="mainmenu">
 		<?php $this->widget('zii.widgets.CMenu',array(
 			'items'=>array(
+                // Verein
 				array("label"=>"Mein Verein", "url"=>array("/myVerein"),
-						"visible"=>!Yii::app()->user->isGuest && Yii::app()->user->vereinId, "active"=>$this->id == "myVerein"),
-				array("label"=>"Vereine", "url"=>array("/verein/index"),
-						"visible"=>!Yii::app()->user->isGuest && Yii::app()->user->isAdmin, "active"=>$this->id == "verein"),
-				array("label"=>"Standorte", "url"=>array("/standort/index"),
-						"visible"=>!Yii::app()->user->isGuest && Yii::app()->user->isAdmin, "active"=>$this->id == "standort"),
-				array("label"=>"Kategorien", "url"=>array("/kategorie/index"),
-						"visible"=>!Yii::app()->user->isGuest && Yii::app()->user->isAdmin, "active"=>$this->id == "kategorie"),
-				array("label"=>"Speis & Trank", "url"=>array("/speisTrank/index"),
-						"visible"=>!Yii::app()->user->isGuest && Yii::app()->user->isAdmin, "active"=>$this->id == "speisTrank"),
+						"visible"=>!Yii::app()->user->isGuest && Yii::app()->user->vereinId,
+				        "active"=>$this->id == "myVerein"),
+			    // Admin
+			    array("label"=>"Vereine", "url"=>array("/verein/index"),
+						"visible"=>!Yii::app()->user->isGuest && Yii::app()->user->isAdmin,
+		                "active"=>$this->id == "verein"),
+				// Admin
+			    array("label"=>"Standorte", "url"=>array("/standort/index"),
+						"visible"=>!Yii::app()->user->isGuest && Yii::app()->user->isAdmin,
+		                "active"=>$this->id == "standort"),
+				// Admin
+			    array("label"=>"Kategorien", "url"=>array("/kategorie/index"),
+						"visible"=>!Yii::app()->user->isGuest && Yii::app()->user->isAdmin,
+		                "active"=>$this->id == "kategorie"),
+				// Admin
+			    array("label"=>"Speis & Trank", "url"=>array("/speisTrank/index"),
+						"visible"=>!Yii::app()->user->isGuest && Yii::app()->user->isAdmin,
+		                "active"=>$this->id == "speisTrank"),
+				// Verein
 				array("label"=>"Speis & Trank", "url"=>array("/myAngebot/index"),
-						"visible"=>!Yii::app()->user->isGuest && Yii::app()->user->vereinId, "active"=>$this->id == "myAngebot"),
-				array("label"=>"Veranstaltungen", "url"=>array("/veranstaltung/index"),
-						"visible"=>!Yii::app()->user->isGuest && Yii::app()->user->isAdmin, "active"=>$this->id == "veranstaltung"),
+						"visible"=>!Yii::app()->user->isGuest && Yii::app()->user->vereinId,
+		                "active"=>$this->id == "myAngebot"),
+				// Admin
+			    array("label"=>"Veranstaltungen", "url"=>array("/veranstaltung/index"),
+						"visible"=>!Yii::app()->user->isGuest && Yii::app()->user->isAdmin,
+		                "active"=>$this->id == "veranstaltung"),
+				// Verein
 				array("label"=>"Veranstaltungen", "url"=>array("/myVeranstaltung/index"),
-						"visible"=>!Yii::app()->user->isGuest && Yii::app()->user->vereinId, "active"=>$this->id == "myVeranstaltung"),
-				array("label"=>"Audit", "url"=>array("/auditTrail/admin"),
-						"visible"=>!Yii::app()->user->isGuest && Yii::app()->user->isAdmin, "active"=>$this->id == "admin"),
-				array("label"=>"Benutzer", "url"=>array("/user/admin"),
-						"visible"=>!Yii::app()->user->isGuest && Yii::app()->user->isAdmin, "active"=>$this->id == "user"),
+						"visible"=>!Yii::app()->user->isGuest && Yii::app()->user->vereinId,
+		                "active"=>$this->id == "myVeranstaltung"),
+				// Admin
+			    array("label"=>"Audit", "url"=>array("/auditTrail/admin"),
+						"visible"=>!Yii::app()->user->isGuest && Yii::app()->user->isAdmin,
+		                "active"=>$this->id == "admin"),
+				// Admin
+			    array("label"=>"Benutzer", "url"=>array("/user/admin"),
+						"visible"=>!Yii::app()->user->isGuest && Yii::app()->user->isAdmin,
+		                "active"=>$this->id == "user"),
 				array('label'=>'Logout ('.Yii::app()->user->name.')', 'url'=>array('/site/logout'),
 						'visible'=>!Yii::app()->user->isGuest)
 			),
diff --git a/protected/views/user/admin.php b/protected/views/user/admin.php
index 90691ce..488559f 100644
--- a/protected/views/user/admin.php
+++ b/protected/views/user/admin.php
@@ -48,8 +48,45 @@ or <b>=</b>) at the beginning of each of your search values to specify how the c
 		'last_login',
 		'is_active',
 		'is_super_admin',
+        'admin_pw_reset',
+        'user_pw_reset',
 		array(
 			'class'=>'CButtonColumn',
+		    'template'=>'{email}{view}{update}{delete}',
+		    'buttons'=>array(
+		                    'email'=>array(
+		                                   'label'=>'Generate new password and email it',
+		                                   'imageUrl'=>Html::imageUrl('email.png'),
+		                                   'click'=>'function(){generatePassword($(this).parent().parent().children(":first-child").text());}'
+		                                   )
+		                    )
 		),
 	),
 )); ?>
+
+<script type="text/javascript">
+function generatePassword(id) {
+	console.log(id);
+    <?php echo CHtml::ajax(array(
+            'url'=>array('user/newPassword'),
+            'data'=> "js:{'id':id}",
+            'type'=>'post',
+            'dataType'=>'json',
+            'success'=>"function(data)
+            {
+                if (data.status == 'failure')
+                {
+                    alert(data.message);
+                }
+                else
+                {
+                   alert(data.message);
+                }
+ 
+            } ",
+            ))?>;
+    return false; 
+ 
+}
+ 
+</script>
-- 
cgit v1.0-28-g1787