public function forget()
{
if (!$this->feather->user->is_guest) {
Url::redirect($this->feather->urlFor('home'), 'Already logged in');
}
if ($this->feather->request->isPost()) {
// Validate the email address
$email = strtolower(Utils::trim($this->feather->request->post('req_email')));
if (!$this->feather->email->is_valid_email($email)) {
throw new Error(__('Invalid email'), 400);
}
$user = ModelAuth::get_user_from_email($email);
if ($user) {
// Load the "activate password" template
$mail_tpl = trim(file_get_contents($this->feather->forum_env['FEATHER_ROOT'] . 'featherbb/lang/' . $this->feather->user->language . '/mail_templates/activate_password.tpl'));
$mail_tpl = $this->feather->hooks->fire('mail_tpl_password_forgotten', $mail_tpl);
// The first row contains the subject
$first_crlf = strpos($mail_tpl, "\n");
$mail_subject = trim(substr($mail_tpl, 8, $first_crlf - 8));
$mail_message = trim(substr($mail_tpl, $first_crlf));
// Do the generic replacements first (they apply to all emails sent out here)
$mail_message = str_replace('<base_url>', Url::base() . '/', $mail_message);
$mail_message = str_replace('<board_mailer>', $this->feather->forum_settings['o_board_title'], $mail_message);
$mail_message = $this->feather->hooks->fire('mail_message_password_forgotten', $mail_message);
if ($user->last_email_sent != '' && time() - $user->last_email_sent < 3600 && time() - $user->last_email_sent >= 0) {
throw new Error(sprintf(__('Email flood'), intval((3600 - (time() - $user->last_email_sent)) / 60)), 429);
}
// Generate a new password and a new password activation code
$new_password = Random::pass(12);
$new_password_key = Random::pass(8);
ModelAuth::set_new_password($new_password, $new_password_key, $user->id);
// Do the user specific replacements to the template
$cur_mail_message = str_replace('<username>', $user->username, $mail_message);
$cur_mail_message = str_replace('<activation_url>', $this->feather->urlFor('profileAction', ['action' => 'change_pass']) . '?key=' . $new_password_key, $cur_mail_message);
$cur_mail_message = str_replace('<new_password>', $new_password, $cur_mail_message);
$cur_mail_message = $this->feather->hooks->fire('cur_mail_message_password_forgotten', $cur_mail_message);
$this->feather->email->feather_mail($email, $mail_subject, $cur_mail_message);
Url::redirect($this->feather->urlFor('home'), __('Forget mail') . ' <a href="mailto:' . $this->feather->utils->escape($this->feather->forum_settings['o_admin_email']) . '">' . $this->feather->utils->escape($this->feather->forum_settings['o_admin_email']) . '</a>.', 200);
} else {
throw new Error(__('No email match') . ' ' . Utils::escape($email) . '.', 400);
}
}
$this->feather->template->setPageInfo(array('active_page' => 'login', 'title' => array(Utils::escape($this->feather->forum_settings['o_board_title']), __('Request pass')), 'required_fields' => array('req_email' => __('Email')), 'focus_element' => array('request_pass', 'req_email')))->addTemplate('login/password_forgotten.php')->display();
}
