PasswordResetModel::sendPasswordResetMail PHP Method

PasswordResetModel Class Documentation Usage Examples Of PasswordResetModel::sendPasswordResetMail Mostrar archivo Open project: panique/huge

sendPasswordResetMail() public static method

Send the password reset mail

public static sendPasswordResetMail ( string $user_name, string $user_password_reset_hash, string $user_email ) : boolean
$user_name	string	username
$user_password_reset_hash	string	password reset hash
$user_email	string	user email
return	boolean	success status

    public static function sendPasswordResetMail($user_name, $user_password_reset_hash, $user_email)
    {
        // create email body
        $body = Config::get('EMAIL_PASSWORD_RESET_CONTENT') . ' ' . Config::get('URL') . Config::get('EMAIL_PASSWORD_RESET_URL') . '/' . urlencode($user_name) . '/' . urlencode($user_password_reset_hash);
        // create instance of Mail class, try sending and check
        $mail = new Mail();
        $mail_sent = $mail->sendMail($user_email, Config::get('EMAIL_PASSWORD_RESET_FROM_EMAIL'), Config::get('EMAIL_PASSWORD_RESET_FROM_NAME'), Config::get('EMAIL_PASSWORD_RESET_SUBJECT'), $body);
        if ($mail_sent) {
            Session::add('feedback_positive', Text::get('FEEDBACK_PASSWORD_RESET_MAIL_SENDING_SUCCESSFUL'));
            return true;
        }
        Session::add('feedback_negative', Text::get('FEEDBACK_PASSWORD_RESET_MAIL_SENDING_ERROR') . $mail->getError());
        return false;
    }

Usage Example

Ejemplo n.º 1

Mostrar archivo

Archivo: PasswordResetModel.php Proyecto: queer1/PC-Track

 /**
  * Perform the necessary actions to send a password reset mail
  *
  * @param $user_name_or_email string Username or user's email
  *
  * @return bool success status
  */
 public static function requestPasswordReset($user_name_or_email)
 {
     if (empty($user_name_or_email)) {
         Session::add('feedback_negative', Text::get('FEEDBACK_USERNAME_EMAIL_FIELD_EMPTY'));
         return false;
     }
     // check if that username exists
     $result = UserModel::getUserDataByUserNameOrEmail($user_name_or_email);
     if (!$result) {
         Session::add('feedback_negative', Text::get('FEEDBACK_USER_DOES_NOT_EXIST'));
         return false;
     }
     // generate integer-timestamp (to see when exactly the user (or an attacker) requested the password reset mail)
     // generate random hash for email password reset verification (40 char string)
     $temporary_timestamp = time();
     $user_password_reset_hash = sha1(uniqid(mt_rand(), true));
     // set token (= a random hash string and a timestamp) into database ...
     $token_set = PasswordResetModel::setPasswordResetDatabaseToken($result->user_name, $user_password_reset_hash, $temporary_timestamp);
     if (!$token_set) {
         return false;
     }
     // ... and send a mail to the user, containing a link with username and token hash string
     $mail_sent = PasswordResetModel::sendPasswordResetMail($result->user_name, $user_password_reset_hash, $result->user_email);
     if ($mail_sent) {
         return true;
     }
     // default return
     return false;
 }

PasswordResetModel

changePassword

requestPasswordReset

saveChangedPassword

saveNewUserPassword

sendPasswordResetMail

setNewPassword

setPasswordResetDatabaseToken

validatePasswordChange

validateResetPassword

verifyPasswordReset