public static function forgotPassword(Db $db, $email, $pathtoTemplates = "templates/") { if (!self::emailExists($db, $email)) { return false; } $siteUrl = Constants::SITE_URL; $siteName = Constants::SITE_NAME; $newPass = UUID::generate(); $newPassHash = md5($newPass); $pq = "update users set passhash = ? where email like ? limit 1"; $db->preparedQuery($pq, array($newPassHash, $email), "ss"); $plainMessage = "Your password has been reset to:\n\n{$newPass}\n\nPlease use this temporary password to log into the site and change it to a new, secure password of your choosing on the Edit Profile page.\n\nYou can follow this link:\n{$siteUrl}" . "admin/login.php?email={$email}&from=settings.php\n\nFrom: Automailer\n"; $htmlMessage = EmailHelper::getEmailPara("Your password has been reset to:") . EmailHelper::getEmailPara("{$newPass}") . EmailHelper::getEmailPara("Please use this temporary password to log into the site and change it to a new, secure password of your choosing on the Edit Profile page.") . EmailHelper::getEmailPara("You can follow this link: <a style='color:#6666ff;' href='{$siteUrl}" . "admin/login.php?email={$email}&from=settings.php'>{$siteUrl}" . "login.php?email={$email}&from=settings.php</a>") . EmailHelper::getEmailPara("From: Automailer"); $tHtml = new Template($pathtoTemplates . "mailers/holder.tpl.html"); $tHtml->insertSlot("TITLE", "{$siteName} - Forgot Password"); $tHtml->insertSlot("CONTENT", $htmlMessage); // do NOT error here, the password has been reset, dont return false so they think it has not @EmailHelper::sendHtmlEmail($tHtml->output(), $plainMessage, Constants::EMAIL_INFO, $email, "[{$siteName}] password reset"); return true; }