/** * */ public function forgotPassword($data) { $SQL_data = Convert::raw2sql($data); $SQL_email = $SQL_data['Email']; $member = DataObject::get_one('Member', "\"Email\" = '{$SQL_email}'"); $backUrlString = ''; if (isset($data['BackURL']) && ($backURL = $data['BackURL'])) { $backUrlString = '?BackURL=' . $backURL; } if ($member) { $token = $member->generateAutologinTokenAndStoreHash(); $e = Member_ForgotPasswordEmail::create(); $e->populateTemplate($member); $e->populateTemplate(array('PasswordResetLink' => AdminSecurity::getPasswordResetLink($member, $token))); $e->setTo($member->Email); $e->send(); $this->controller->redirect('AdminSecurity/passwordsent/' . urlencode($data['Email'])); } elseif ($data['Email']) { // Avoid information disclosure by displaying the same status, // regardless wether the email address actually exists $this->controller->redirect('AdminSecurity/passwordsent/' . urlencode($data['Email'])); } else { $this->sessionMessage(_t('Member.ENTEREMAIL', 'Please enter an email address to get a password reset link.'), 'bad'); $this->controller->redirect('AdminSecurity/lostpassword'); } }
/** * @param Member $member * @param string $token */ protected function sendPasswordResetLinkEmail($member, $token) { /* @var $email Member_ForgotPasswordEmail */ $email = Member_ForgotPasswordEmail::create(); $email->populateTemplate($member); $email->populateTemplate(['PasswordResetLink' => AdminSecurity::getPasswordResetLink($member, $token)]); $email->setTo($member->Email); $email->send(); }