/**
* Creates a reset password token for an account identified either by a login or an email.
*
* @param string $login User login
* @param string $meail User email
*
* @return boolean
* @todo replace the call to mail() by a proper mailer class
*/
public function createResetToken($login, $email)
{
$result = false;
$this->_db->beginTransaction();
try {
if (!empty($login)) {
$account = $this->_db->fetchFirstRequest('getUserByLogin', array(':login' => $login));
if (!empty($account['email'])) {
$email = $account['email'];
}
}
if (empty($email)) {
if (empty($account)) {
$this->_messenger->add('error', $this->_lang->get('loginNotFound'));
} else {
$this->_messenger->add('error', $this->_lang->get('accountWithoutEmail'));
}
return false;
} else {
if (empty($account)) {
$account = $this->_db->fetchFirstRequest('getUserByEmail', array(':email' => $email));
}
if (empty($account)) {
$this->_messenger->add('error', $this->_lang->get('emailNotFound'));
} else {
do {
$token = StringTools::generateToken();
$alreadyExists = $this->_db->fetchFirstRequest('getPasswordResetByToken', array(':token' => $token));
} while (!empty($alreadyExists));
$this->_db->executeRequest('createPasswordReset', array(':token' => $token, ':userId' => $account['ID']));
$to = str_replace(array("\r", "\n", "%0a", "%0d"), '', $email);
$subject = $this->_lang->get('resetMailTitle');
$body = sprintf($this->_lang->get('resetMailBody'), $account['login'], Url::generate('Account', 'showPasswordSetForm', '&', array('token' => $token)));
if (mail($to, $subject, $body, 'From: Atrexus <*****@*****.**>' . "\n\r")) {
$result = true;
} else {
$this->_messenger->add('error', $body);
$this->_messenger->add('error', $this->_lang->get('emailNotSent'));
}
}
}
} catch (Exception $e) {
$this->_db->rollBack();
throw $e;
}
$this->_db->commit();
return $result;
}
