public function resetPassword($password, $re_enter, $code) { if (!ZP::isPassword($password)) { return (object) ['success' => false, 'exception' => 'Please specify a strong password.']; } else { if (strcmp($password, $re_enter) != 0) { return (object) ['success' => false, 'exception' => 'Passwords do not match.']; } } try { $query = $this->getConnection()->prepare("CALL reset_password(:password, :code)"); $query->bindValue(":password", password_hash($password, PASSWORD_BCRYPT)); $query->bindValue(":code", $code, PDO::PARAM_INT); if ($query->execute()) { // send email to $email that password has been changed $result = $query->fetch(PDO::FETCH_OBJ); if ($result->success) { unset($_SESSION['code']); $url = ZP::$url; $message = "<p>Your password has been successfully been reset. Please click on the link below login to the portal.</p>" . "<p><a href='{$url}'>ZEITI Portal</a> </p><br/>"; //. "<p style='font-weight: bold;'>If you did not request a password reset, please just ignore this message.</p>"; Mail::send($result->email, 'Password Reset Successful', $message); unset($result->email); } else { $url = ZP::$url; $message = "<p>{$result->message}.</p>" . "<p><a href='{$url}/core/reset.php'>Reset Password</a> </p><br/>" . "<p style='font-weight: bold;'>If you did not request a password reset, please just ignore this message.</p>"; Mail::send($result->email, 'Password Reset', $message); } //print_r($result); //exit(json_encode($result)); return $result; } return (object) ["success" => false, 'exception' => "Password not changed."]; } catch (\PDOException $e) { return (object) ['success' => false, 'exception' => $e]; } }