public function onRecovery() { // Attempt to load up a user by email or username $post = post(); $validation = Validator::make($post, $this->recovery_rules, $this->messages); if ($validation->fails()) { return array('errors' => $validation->errors()->toArray()); } $login = $post['login']; // Attempt to load user by email first $user = Auth::get_user_by('email', $login); if (!$user) { // Attempt to load user by username $user = Auth::get_user_by('login', $login); if (!$user) { return array('errors' => array('login' => array('Invalid username or email'))); } } // We have the user so generate a key and store in the user meta $key = md5(rand(0, 1000)); // Remove any old keys Auth::delete_metadata('user', $user->ID, '_recovery_key', '', true); // Create new key Auth::add_user_meta($user->ID, '_recovery_key', $key); // Create the validation link and send email $host = 'http' . (isset($_SERVER['HTTPS']) ? 's' : '') . '://' . $_SERVER['HTTP_HOST']; $link = $host . $this->property('password_recovery_page') . "?key=" . $reset['key']; $user_login = stripslashes($user->data->user_login); $user_email = stripslashes($user->data->user_email); $message = sprintf(__('User password request on %s:'), $host) . "\r\n\r\n"; $message .= sprintf(__('Username: %s'), $user_login) . "\r\n\r\n"; $message .= sprintf(__('E-mail: %s'), $user_email) . "\r\n\r\n"; @wp_mail(get_option('admin_email'), sprintf(__('[%s] Password Reset Request'), $_SERVER['HTTP_HOST']), $message); $message = __('Hi there,') . "\r\n\r\n"; $message .= sprintf(__("You requested a password reset for: %s"), $_SERVER['HTTP_HOST']) . "\r\n\r\n"; $message .= __("Click the link below to reset your password.") . "\r\n\r\n"; $message .= $host . $this->property('password_recovery_page') . '?key=' . $key . "\r\n\r\n"; $message .= sprintf(__('If you have any problems, please contact me at %s.'), get_option('admin_email')) . "\r\n\r\n"; wp_mail($user_email, sprintf(__('[%s] password reset'), $_SERVER['HTTP_HOST']), $message); return array('#password-recovery-forms' => $this->renderPartial('passwordrecovery::checkemail')); }