/** * reset the user's password * * @return void * @author Andy Bennett */ public function forgotten_credential_reset() { $segs = array_reverse(Kohana::instance()->uri->segment_array()); $code = $segs[0]; $id = $segs[1]; if (!is_numeric($id) || $id <= 0 || !strlen($code) || !preg_match('/[a-zA-Z0-9]+/', $code)) { throw new Exception('invalid code / id passed'); } // check if the user with those details exists $this->db->select('*')->from($this->table); $this->db->where(array('id' => $id, 'activated' => 1, 'forgotten_credential_code' => $code)); $q = $this->db->get(); if (!$q->count()) { throw new Exception('<span class="form-error">' . Kohana::lang('auth.no_matching_user') . '</span>'); } // if they do, generate a new credential $credential = steamauth_helper::generate_random_string($this->conf->user_credential_min, $this->conf->user_credential_max); //encrypts the random credential using the md5 encryption $encrypted_credential = steamauth_helper::encode_string($credential); // inform the user of their new credential // get the current segment array $uri = implode('/', array_slice(Kohana::instance()->uri->segment_array(), 0, -3)); // get the column names $identity = $this->conf->identity_column; // run the email event $email_data = array('row' => $q->current(), 'credential' => $credential); Event::run('steamauth.forgotten_credential_reset_email', $email_data); // updates the user table with the new credential $sql = 'UPDATE ' . $this->table . ' SET `' . $this->conf->credential_column . '`="' . $encrypted_credential . '" WHERE `id`="' . $q->current()->id . '"'; $this->db->query($sql); return true; }