public function resetPOST() { $form = new Form('/user/reset'); $form->addField(new LabelField('mail')); $form->addField(new InputField('mail', ['type' => 'text'])); $form->addField(new InputField('submit', ['type' => 'submit'])); $result = $form->validate(['mail' => 'Adresse mail']); $user = $this->userModel->getUserByMail($result['mail']); if (empty($user)) { throw new NoUserFoundException($result['mail']); } $token = hash('md5', uniqid()); $this->userModel->setReset($user['id'], $token); $message = 'Cliquez ici pour changer votre mot de passe : '; $message .= CR . 'https://srv0.sknz.info:3735/user/passwd/' . $token; MailUtil::send($user['mail'], 'AwayFromSecurity : RESET PASSWORD', $message); $this->getView()->redirect('/'); }
/** * @param array $infos * @return bool * @throws \Exception * @throws \SwagFramework\Exceptions\DatabaseConfigurationNotLoadedException */ public function insertUser(array $infos) { try { DatabaseProvider::connection()->beginTransaction(); $infos = array_merge($infos, ['salt' => self::SALT]); $success = DatabaseProvider::connection()->execute(self::INSERT_USER, $infos); $userId = DatabaseProvider::connection()->lastInsertId(); $token = str_shuffle(sha1(microtime() + mt_rand())); // Est-ce qu'on en parle des URLS hardcodées dégueulasses ? $mailContent = <<<TEXT Bonjour, Votre inscription sur Away From Security est en attente de validation. Veuillez ouvrir https://srv0.sknz.info:3735/user/validate/{$token}. Cordialement, #HCS TEXT; if ($success) { MailUtil::send($infos['mail'], 'Validation de votre compte AFS', $mailContent); } $success = $success && DatabaseProvider::connection()->execute(self::INSERT_USER_VALIDATION, [$userId, $token]); DatabaseProvider::connection()->commit(); return $success; } catch (\Exception $e) { DatabaseProvider::connection()->rollBack(); throw $e; } }