Elgg\PasswordService::executeNewPasswordReset PHP Method

executeNewPasswordReset() public method

Validate and change password for a user.
public executeNewPasswordReset ( integer $user_guid, string $conf_code, string $password = null ) : boolean
$user_guid integer The user id
$conf_code string Confirmation code as sent in the request email.
$password string Optional new password, if not randomly generated.
return boolean True on success
    function executeNewPasswordReset($user_guid, $conf_code, $password = null)
    {
        $user_guid = (int) $user_guid;
        $user = get_entity($user_guid);
        if ($password === null) {
            $password = generate_random_cleartext_password();
            $reset = true;
        } else {
            $reset = false;
        }
        if (!$user instanceof \ElggUser) {
            return false;
        }
        $saved_code = $user->getPrivateSetting('passwd_conf_code');
        $code_time = (int) $user->getPrivateSetting('passwd_conf_time');
        $codes_match = _elgg_services()->crypto->areEqual($saved_code, $conf_code);
        if (!$saved_code || !$codes_match) {
            return false;
        }
        // Discard for security if it is 24h old
        if (!$code_time || $code_time < time() - 24 * 60 * 60) {
            return false;
        }
        if (!$this->forcePasswordReset($user, $password)) {
            return false;
        }
        remove_private_setting($user_guid, 'passwd_conf_code');
        remove_private_setting($user_guid, 'passwd_conf_time');
        // clean the logins failures
        reset_login_failure_count($user_guid);
        $ns = $reset ? 'resetpassword' : 'changepassword';
        $message = _elgg_services()->translator->translate("email:{$ns}:body", array($user->username, $password), $user->language);
        $subject = _elgg_services()->translator->translate("email:{$ns}:subject", array(), $user->language);
        $params = ['action' => $ns, 'object' => $user, 'password' => $password];
        notify_user($user->guid, elgg_get_site_entity()->guid, $subject, $message, $params, 'email');
        return true;
    }