public function forgotPassword($userOrEmail, $secondFactor, $answer, $newPassword) { if (AuthUserData::emailExist($userOrEmail)) { $userAuth = AuthUserData::getUserNameByEmail($userOrEmail); $this->loadUserForced($userAuth); } else { if (AuthUserData::userExist($userOrEmail)) { $userAuth = $userOrEmail; $this->loadUserForced($userAuth); } else { return array("continue" => false); } } if ($secondFactor != '') { if ($this->checkKey($_POST['secondFactor'], 'forgotPassword')) { if ($answer != '') { if ($answer == $this->userData['securityAnswer']) { if ($newPassword != '' && $newPassword != hash('sha512', '')) { $this->createAndUpdatePassword($newPassword); AuthUserData::clearExtraKey($this->userData['userID']); return array("continue" => true, "flowDone" => true); } else { return array("continue" => true, "askForNewPassword" => true); } } } else { return array("continue" => true, "question" => $this->userData['securityQuestion']); } } else { AuthUserData::clearExtraKey($this->userData['userID']); } } else { $newExtraKey = $this->createPin(_PIN_FORGOT_PASSWORD_PLUS_CHARS_); AuthUserData::updateExtraKey($this->userData['userID'], $newExtraKey, 'forgotPassword'); $this->sendNotification('ForgotPassword', array(array('{{PIN}}'), array($newExtraKey))); return array("continue" => true, "secondFactor" => true); } return array("continue" => false); }