-
- if (!$user) {
- $this->showForm(_('No user with that email address or username.'));
- return;
- }
-
- # Try to get an unconfirmed email address if they used a user name
-
- if (!$user->email && !$confirm_email) {
- $confirm_email = new Confirm_address();
- $confirm_email->user_id = $user->id;
- $confirm_email->address_type = 'email';
- $confirm_email->find();
- if (!$confirm_email->fetch()) {
- $confirm_email = null;
- }
- }
-
- if (!$user->email && !$confirm_email) {
- $this->clientError(_('No registered email address for that user.'));
- return;
- }
-
- # Success! We have a valid user and a confirmed or unconfirmed email address
-
- $confirm = new Confirm_address();
- $confirm->code = common_confirmation_code(128);
- $confirm->address_type = 'recover';
- $confirm->user_id = $user->id;
- $confirm->address = (!empty($user->email)) ? $user->email : $confirm_email->address;
-
- if (!$confirm->insert()) {
- common_log_db_error($confirm, 'INSERT', __FILE__);
- $this->serverError(_('Error saving address confirmation.'));
- return;
- }
-
- $body = "Hey, $user->nickname.";
- $body .= "\n\n";
- $body .= 'Someone just asked for a new password ' .
- 'for this account on ' . common_config('site', 'name') . '.';
- $body .= "\n\n";
- $body .= 'If it was you, and you want to confirm, use the URL below:';
- $body .= "\n\n";
- $body .= "\t".common_local_url('recoverpassword',
- array('code' => $confirm->code));
- $body .= "\n\n";
- $body .= 'If not, just ignore this message.';
- $body .= "\n\n";
- $body .= 'Thanks for your time, ';
- $body .= "\n";
- $body .= common_config('site', 'name');
- $body .= "\n";
-
- $headers = _mail_prepare_headers('recoverpassword', $user->nickname, $user->nickname);
- mail_to_user($user, _('Password recovery requested'), $body, $headers, $confirm->address);
-
- $this->mode = 'sent';
- $this->msg = _('Instructions for recovering your password ' .
- 'have been sent to the email address registered to your ' .
- 'account.');
- $this->success = true;