/**
* Handles the resetting of users' passwords
*
* Handles resetting a user's password, prompted by an email sent by
* {@see bb_reset_email()}
*
* @since 0.7.2
* @global bbdb $bbdb
*
* @param string $key
* @return unknown
*/
function bb_reset_password($key)
{
global $bbdb;
$key = sanitize_user($key, true);
if (empty($key) || !is_string($key)) {
return new WP_Error('invalid_key', __('Invalid key'));
}
if (!($user_id = $bbdb->get_var($bbdb->prepare("SELECT user_id FROM {$bbdb->usermeta} WHERE meta_key = 'newpwdkey' AND meta_value = %s", $key)))) {
return new WP_Error('invalid_key', __('Invalid key'));
}
$user = new BP_User($user_id);
if (!$user || is_wp_error($user)) {
return new WP_Error('invalid_key', __('Invalid key'));
}
if (bb_has_broken_pass($user->ID)) {
bb_block_current_user();
}
if (!$user->has_cap('change_user_password', $user->ID)) {
return new WP_Error('permission_denied', __('You are not allowed to change your password.'));
}
$newpass = bb_generate_password();
bb_update_user_password($user->ID, $newpass);
if (!bb_send_pass($user->ID, $newpass)) {
return new WP_Error('sending_mail_failed', __('The email containing the new password could not be sent.'));
}
bb_update_usermeta($user->ID, 'newpwdkey', '');
return true;
}
/**
* Get details of the current user
*/
bb_current_user();
/**
* Initialise CRON
*/
if (!function_exists('nxt_schedule_single_event')) {
require_once BACKPRESS_PATH . 'functions.nxt-cron.php';
}
if (!defined('DOING_CRON') || !DOING_CRON) {
nxt_cron();
}
/**
* The currently viewed page number
*/
$page = bb_get_uri_page();
/**
* Initialisation complete API hook
*/
do_action('bb_init');
/**
* Block user if they deserve it
*/
if (bb_is_user_logged_in() && bb_has_broken_pass()) {
bb_block_current_user();
}
/**
* Send HTTP headers
*/
bb_send_headers();