/** * Validate the new email for a user */ public function validateNewEmail() { $tokenData = json_decode(Crypto::aes256Decode(base64_decode($this->token)), true); try { if (!$tokenData) { // Token format is not valid throw new \Exception(); } $user = User::getById($tokenData['userId']); if ($user->email !== $tokenData['currentEmail']) { // Token does not have the correct email corresponding to the user email throw new \Exception(); } if ($tokenData['createTime'] < time() - 86400) { // Token has expired throw new \Exception(); } // Everything OK, change the user's email address $user->set('email', $tokenData['newEmail']); $user->save(); // Disconnect the user session_destroy(); $status = 'success'; $messageKey = 'main.reset-email-success'; } catch (\Exception $e) { $messageKey = 'main.reset-email-invalid-token'; $status = 'error'; } $this->addJavaScriptInline(' require(["app"], function(){ app.notify("' . $status . '", "' . addcslashes(Lang::get($messageKey), '"') . '"); });'); return MainController::getInstance()->main(); }