- $r = q("SELECT * FROM `user` WHERE `pwdreset` = '%s' LIMIT 1",
- dbesc($hash)
- );
- if (! dbm::is_result($r)) {
- $o = t("Request could not be verified. \x28You may have previously submitted it.\x29 Password reset failed.");
- return $o;
- }
- $uid = $r[0]['uid'];
- $username = $r[0]['username'];
- $email = $r[0]['email'];
-
- $new_password = autoname(6) . mt_rand(100,9999);
- $new_password_encoded = hash('whirlpool',$new_password);
-
- $r = q("UPDATE `user` SET `password` = '%s', `pwdreset` = '' WHERE `uid` = %d",
- dbesc($new_password_encoded),
- intval($uid)
- );
-
- /// @TODO Is dbm::is_result() okay here?
- if ($r) {
- $tpl = get_markup_template('pwdreset.tpl');
- $o .= replace_macros($tpl,array(
- '$lbl1' => t('Password Reset'),
- '$lbl2' => t('Your password has been reset as requested.'),
- '$lbl3' => t('Your new password is'),
- '$lbl4' => t('Save or copy your new password - and then'),
- '$lbl5' => '<a href="' . System::baseUrl() . '">' . t('click here to login') . '</a>.',
- '$lbl6' => t('Your password may be changed from the <em>Settings</em> page after successful login.'),
- '$newpass' => $new_password,
- '$baseurl' => System::baseUrl()
-
- ));
- info("Your password has been reset." . EOL);
-
-
- $sitename = $a->config['sitename'];
- // $username, $email, $new_password
- $preamble = deindent(t('
- Dear %1$s,
- Your password has been changed as requested. Please retain this
- information for your records (or change your password immediately to
- something that you will remember).
- '));
- $body = deindent(t('
- Your login details are as follows:
-
- Site Location: %1$s
- Login Name: %2$s
- Password: %3$s
-
- You may change that password from your account settings page after logging in.
- '));
-
- $preamble = sprintf($preamble, $username);
- $body = sprintf($body, System::baseUrl(), $email, $new_password);
-
- notification(array(
- 'type' => "SYSTEM_EMAIL",
- 'to_email' => $email,
- 'subject'=> sprintf( t('Your password has been changed at %s'),$sitename),
- 'preamble'=> $preamble,
- 'body' => $body));
-
- return $o;