public function newPassword($mail) { if (func_num_args() != 1) { return false; } // Check that the function is called with correct number of arguments if (User::checkMail($mail)) { global $database; $newpasswordclear = Tools::randString(9, true); $pepper = md5(sha1($newpasswordclear)); $salt = User::findSalt(); $newpassword = sha1($salt . $newpasswordclear . $pepper); $query = "UPDATE User SET password = ?, salt = ? WHERE email LIKE ?;"; $stmt = $database->prepare($query); $success = $stmt->execute(array($newpassword, $salt, $mail)); if ($success == true) { User::sendNewPasswordMail($mail, $newpasswordclear); } return $success; // returns true or false } else { return false; } }