/**
* Reset password
* send an email with new credentials
*
* @param integer $id User ID
* @param string $md5 Encrypted verification code
* @return void
*/
public function reset($id, $md5)
{
$mod = new X4Auth_model('users');
$user = $mod->get_by_id($id, 'users', 'last_in, password, mail, username');
if ($user) {
// user exists
if (md5($user->last_in . SITE . $user->password) == $md5 && time() - strtotime($user->last_in) < 604800) {
$new_pwd = X4Text_helper::random_string(6);
$result = $mod->reset($user->mail, $new_pwd);
if ($result) {
// load dictionary
$this->dict->get_wordarray(array('login', 'pwd_recovery'));
$src = array('XXXUSERNAMEXXX', 'XXXPASSWORDXXX');
$rpl = array($user->username, $new_pwd);
$view = new X4View_core(X4Utils_helper::set_tpl('mail'));
$view->subject = SERVICE . ' - ' . _RECOVERY_SUBJECT;
$view->message = str_replace($src, $rpl, _RECOVERY_BODY_RESET);
// build msg
$body = $view->__toString();
$msg = mb_convert_encoding($body, 'ISO-8859-1', 'auto');
// recipients
$to = array(array('mail' => $user->mail, 'name' => $user->username));
$check = X4Mailer_helper::mailto(MAIL, true, $view->subject, $msg, $to, array());
X4Utils_helper::set_msg($check, _RECOVERY_PWD_OK, _MSG_ERROR);
header('Location: ' . BASE_URL . 'login/recovery');
die;
}
// log
if (LOGS) {
$mod->logger($user->id, 1, 'users', 'recovery password completed for ' . $user->mail);
}
} else {
if (LOGS) {
$mod->logger($user->id, 1, 'users', 'recovery password failed for ' . $user->mail);
}
}
} else {
if (LOGS) {
$mod->logger($user->id, 1, 'users', 'recovery password attempt from unknown id ' . $id);
}
}
X4Utils_helper::set_msg(false, '', _RECOVERY_PWD_ERROR);
header('Location: ' . BASE_URL . 'login/recovery');
die;
}
