public function send_forgot_password($params)
{
if (!isset($params['captcha'])) {
return array('error' => 'Please enter the captcha answer!');
} else {
$validate_captcha = $this->app->captcha->validate($params['captcha']);
if ($validate_captcha == false) {
return array('error' => 'Invalid captcha answer!', 'captcha_error' => true);
}
}
if (isset($params['email'])) {
//return array('error' => 'Enter username or email!');
} elseif (!isset($params['username']) or trim($params['username']) == '') {
return array('error' => 'Enter username or email!');
}
$data_res = false;
$data = false;
if (isset($params) and !empty($params)) {
$user = isset($params['username']) ? $params['username'] : false;
$email = isset($params['email']) ? $params['email'] : false;
$data = array();
if (trim($user != '')) {
$data1 = array();
$data1['username'] = $user;
$data = array();
if (trim($user != '')) {
$data = $this->get_all($data1);
if ($data == false) {
$data1 = array();
$data1['email'] = $user;
$data = $this->get_all($data1);
}
}
} elseif (trim($email != '')) {
$data1 = array();
$data1['email'] = $email;
$data = array();
if (trim($email != '')) {
$data = $this->get_all($data1);
}
}
if (isset($data[0])) {
$data_res = $data[0];
}
if (!is_array($data_res)) {
return array('error' => 'Enter right username or email!');
} else {
$to = $data_res['email'];
if (isset($to) and filter_var($to, FILTER_VALIDATE_EMAIL)) {
$subject = 'Password reset!';
$content = "Hello, {$data_res['username']} <br> ";
$content .= 'You have requested a password reset link from IP address: ' . MW_USER_IP . '<br><br> ';
$security = array();
$security['ip'] = MW_USER_IP;
// $security['hash'] = $this->app->format->array_to_base64($data_res);
// $function_cache_id = md5(rand()) . uniqid() . rand() . str_random(40);
$function_cache_id = md5($data_res['id']) . uniqid() . rand() . str_random(40);
if (isset($data_res['id'])) {
$data_to_save = array();
$data_to_save['id'] = $data_res['id'];
$data_to_save['password_reset_hash'] = $function_cache_id;
$table = $this->tables['users'];
$save = $this->app->database_manager->save($table, $data_to_save);
}
$base_link = $this->app->url_manager->current(1);
$cur_template = template_dir();
$cur_template_file = normalize_path($cur_template . 'login.php', false);
$cur_template_file2 = normalize_path($cur_template . 'forgot_password.php', false);
if (is_file($cur_template_file)) {
$base_link = site_url('login');
} elseif (is_file($cur_template_file2)) {
$base_link = site_url('forgot_password');
}
$pass_reset_link = $base_link . '?reset_password_link=' . $function_cache_id;
$security['base_link'] = $base_link;
$security['reset_password_link'] = "<a href='{$pass_reset_link}'>" . $pass_reset_link . '</a>';
$security['username'] = $data_res['username'];
$security['first_name'] = $data_res['first_name'];
$security['last_name'] = $data_res['last_name'];
$security['created_at'] = $data_res['created_at'];
$security['email'] = $data_res['email'];
$security['id'] = $data_res['id'];
$notif = array();
$notif['module'] = 'users';
$notif['rel_type'] = 'users';
$notif['rel_id'] = $data_to_save['id'];
$notif['title'] = 'Password reset link sent';
$content_notif = "User with id: {$data_to_save['id']} and email: {$to} has requested a password reset link";
$notif['description'] = $content_notif;
$this->app->log_manager->save($notif);
$content .= "Click here to reset your password <a style='word-break:break-all;' href='{$pass_reset_link}'>" . $pass_reset_link . '</a><br><br> ';
//custom email
if (get_option('forgot_pass_email_enabled', 'users')) {
$cust_subject = get_option('forgot_pass_email_subject', 'users');
$cust_content = get_option('forgot_pass_email_content', 'users');
if (trim($cust_subject) != '') {
$subject = $cust_subject;
}
if ($cust_content != false) {
$cust_content_check = strip_tags($cust_content);
$cust_content_check = trim($cust_content_check);
if ($cust_content_check != '') {
foreach ($security as $key => $value) {
if (!is_array($value) and is_string($key)) {
$cust_content = str_ireplace('{' . $key . '}', $value, $cust_content);
}
}
$content = $cust_content;
}
}
}
$sender = new \Microweber\Utils\MailSender();
$sender->send($to, $subject, $content);
return array('success' => 'Your password reset link has been sent to ' . $to);
} else {
return array('error' => 'Error: the user doesn\'t have a valid email address!');
}
}
}
}