FuelPHP User Model

<?php
/**
 * User model
 *
 * @package  app
 * @extends  Model
 */

namespace Model;

class User extends \Model
{
    protected $user = null;

    public static function _init()
    {
        // load langauge strings
        \Lang::load('errors', 'validation');
    }

    public static function check_username_availability($username)
    {
        $cleanUsername = \Security::xss_clean($username);
        $result = \DB::select('username')->from('users')->where('username', $cleanUsername)->execute()->current();
        return (count($result) == 0) ? "AVAILABLE" : "NOT AVAILABLE";
    }

    public static function fetch_user_hash_token($username)
    {
        $result = \DB::select('hash_token')->from('users')->where('username', $username)->execute()->current();
        return $result['hash_token'];
    }

    public static function confirm_account($token)
    {
        $result = \DB::select('activation_token', 'account_status')->from('users')->where('activation_token', $token)->limit(1)->execute()->current();

        if(!$token)
            return 'MISSING_TOKEN';
        else
        {
            if(!$result)
                return 'INVALID_TOKEN';
            else if($result['account_status'] == 'pending_activation')
            {
                \DB::update('users')
                ->value('account_status', 'active')
                ->where('activation_token', '=', $token)
                ->execute();

                return 'CONFIRMED';
            }
            else
                return 'ALREADY_CONFIRMED';
        }
    }


    public static function process_registration($email, $username, $password, $confirmPassword)
    {
        // perform server side validation as a fail-safe to client side validation
        $cleanEmail = \Security::xss_clean($email);
        $cleanUsername = \Security::xss_clean($username);
        $cleanPassword = \Security::xss_clean($password);
        $cleanConfirmedPassword = \Security::xss_clean($confirmPassword);

        $usernameFilter = "/^[A-Za-z0-9 ]+$/";

        preg_match($usernameFilter, $cleanUsername, $usernameMatches);
        $existingEmail = \DB::select('email')->from('users')->where('email', $cleanEmail)->limit(1)->execute()->current();

        if(strlen($cleanEmail) == 0)
            return __('errors.validation.COMPLETE_REQUIRED_FIELDS');
        if(strlen($cleanUsername) == 0)
            return __('errors.validation.COMPLETE_REQUIRED_FIELDS');
        if(strlen($cleanPassword) == 0)
            return __('errors.validation.COMPLETE_REQUIRED_FIELDS');
        if(strlen($cleanConfirmedPassword) == 0)
            return __('errors.validation.COMPLETE_REQUIRED_FIELDS');
        if(!filter_var($cleanEmail, FILTER_VALIDATE_EMAIL))
            return __('errors.validation.INVALID_EMAIL');
        if($cleanPassword != $cleanConfirmedPassword)
            return __('errors.validation.PASSWORD_MISMATCH');
        if(count($usernameMatches) == 0)
            return __('errors.validation.INVALID_USERNAME');
        if(strlen($cleanUsername) < 5)
            return __('errors.validation.USERNAME_MIN_LEN');
        if(count($existingEmail) > 0)
            return __('errors.validation.EXISTING_EMAIL');
        if(static::check_username_availability($cleanUsername) == "NOT AVAILABLE")
            return __('errors.validation.USERNAME_NOT_AVAILABLE');

        // all good!
        $randSeed = substr(number_format(\Date::forge()->get_timestamp() * rand(),0,'',''),0,10);
        list($insert_id, $rows_affected) = \DB::insert('users')->set(array(
            'username'   => $cleanUsername,
            'password'   => \Crypt::encode($cleanPassword . $randSeed, $randSeed),
            'group'      => 1,
            'email'      => $cleanEmail,
            'last_login' => '',
            'login_hash' => '',
            'hash_token' => $randSeed,
            'created_at' => \Date::forge()->get_timestamp(),
            'account_status' => 'pending_activation',
            'activation_token' => substr(\Crypt::encode($cleanUsername . $randSeed, $randSeed), 0, 30)
        ))->execute();

                if(!$insert_id)
                    return __('errors.validation.REGISTRATION_FAILED');

                // retrieve activation token && send the mail
                $result = \DB::select('activation_token')->from('users')->where('id', $insert_id)->limit(1)->execute()->current();
        $email = \Email::forge();
        $data = array('activation_token' => $result['activation_token']);

        $email->to($cleanEmail);
        $email->subject('Activate your PoochFinder account');
        $email->body(\View::forge('templates/email/activation', $data));
        $email->send();

        return 'SUCCESS';
    }

    public static function process_login($username, $password, $rememberMe)
    {
        // perform server side validation as a fail-safe to client side validation
        $cleanUsername = \Security::xss_clean($username);
        $cleanPassword = \Security::xss_clean($password);

        $usernameFilter = "/^[A-Za-z0-9 ]+$/";

        preg_match($usernameFilter, $cleanUsername, $usernameMatches);

        if(strlen($cleanUsername) == 0)
            return __('errors.validation.COMPLETE_REQUIRED_FIELDS');
        if(strlen($cleanPassword) == 0)
            return __('errors.validation.COMPLETE_REQUIRED_FIELDS');
        if(count($usernameMatches) == 0)
            return __('errors.validation.INVALID_USERNAME');

        // check login details
        $hashToken = static::fetch_user_hash_token($cleanUsername);

        $this->user = \DB::select_array(array('username', 'login_hash'))
            ->from('users')
            ->where('username', '=', $cleanUsername)
            ->where('password', '=', \Crypt::encode($cleanPassword . $hashToken, $hashToken))
            ->limit(1)->execute()->current();

        // FAIL!
        if(!$this->user)
            return __('errors.validation.INVALID_USERNAME_OR_PASSWORD');

        // log em in
        $last_login = \Date::forge()->get_timestamp();
        $login_hash = \Crypt::encode($cleanUsername . $last_login . $hashToken, $hashToken);

        \DB::update('users')
            ->set(array('last_login' => $last_login, 'login_hash' => $login_hash))
            ->where('username', '=', $cleanUsername)
            ->execute();
        \Session::set('username', $cleanUsername);
        \Session::set('login_hash', $login_hash);
        \Session::instance()->rotate();

        return 'SUCCESS';
    }

    public static function initiate_password_reset($email)
    {
        // we start by cleaning & validating the e-mail address
        $cleanEmail = \Security::xss_clean($email);
        $result = \DB::select('id', 'hash_token')->from('users')->where('email', $cleanEmail)->execute()->current();

        if(strlen($cleanEmail) == 0)
            return __('errors.validation.COMPLETE_REQUIRED_FIELDS');
        if(!filter_var($cleanEmail, FILTER_VALIDATE_EMAIL))
            return __('errors.validation.INVALID_EMAIL');
        if(count($result) == 0)
            return __('errors.validation.EMAIL_NOT_FOUND');

        list($insert_id, $rows_affected) = \DB::insert('pw_reset_requests')->set(array(
            'request_id'    => '',
            'user_id'       => $result['id'],
            'request_token' => substr(\Crypt::encode($cleanEmail . $result['hash_token'], $result['hash_token']), 0, 30),
            'timestamp'     => \Date::forge()->get_timestamp()
        ))->execute();

        if(!$insert_id)
                    return __('errors.validation.REQUEST_FAILED');

                // retrieve reset token && send the mail
                $result = \DB::select('request_token')->from('pw_reset_requests')->where('request_id', $insert_id)->limit(1)->execute()->current();
        $email = \Email::forge();
        $data = array('request_token' => $result['request_token']);

        $email->to($cleanEmail);
        $email->subject('Reset your password');
        $email->body(\View::forge('templates/email/confirmPwReset', $data));
        $email->send();

                return 'SUCCESS';
    }

    public static function complete_password_reset($token)
    {
        $result = \DB::select('request_token', 'user_id', 'timestamp')->from('pw_reset_requests')->where('request_token', $token)->limit(1)->execute()->current();
        $userResult = \DB::select('email')->from('users')->where('id', '=', $result['user_id'])->limit(1)->execute()->current();

        if(!$token)
            return 'MISSING_TOKEN';
        else
        {
            if(!$result)
                return 'INVALID_TOKEN';
            else
            {
                // is token still valid?
                if((\Date::forge()->get_timestamp() - $result['timestamp']) > 86400)
                    return 'EXPIRED_TOKEN';

                // generate && set a random 7 character alpha-numeric password
                $randSeed = substr(number_format(\Date::forge()->get_timestamp() * rand(),0,'',''),0,10);
                $randPw = substr(md5(rand(0, 1000000)), 0, 10);

                \DB::update('users')
                ->set(array(
                    'hash_token' => $randSeed,
                    'password'   => \Crypt::encode($randPw . $randSeed, $randSeed)
                ))
                ->where('id', '=', $result['user_id'])
                ->execute();

                // delete the reset request as it is complete
                \DB::delete('pw_reset_requests')->where('request_token', '=', $result['request_token'])->execute();

                // email temporary password
                $email = \Email::forge();
                $data = array('tempPw' => $randPw);

                $email->to($userResult['email']);
                $email->subject('Your temporary password');
                $email->body(\View::forge('templates/email/tempPw', $data));
                $email->send();

                return 'SUCCESS';
            }
        }
    }
}