/**
* Sends an email to reset the password.
* At this point we should be already sure the email address is valid
*
* @param string $email - the email address
*/
public static function sendPasswordForgotten($email)
{
$requestingUser = PcUserPeer::getUserByEmail($email);
if (!is_object($requestingUser)) {
throw new Exception('Couldn\'t send the password forgotten email. Problems while creating the user object.');
}
// I need to use a token
$token = '';
$c = new Criteria();
$c->add(PcPasswordResetTokenPeer::USER_ID, $requestingUser->getId(), Criteria::EQUAL);
$tokenEntry = PcPasswordResetTokenPeer::doSelectOne($c);
if (is_object($tokenEntry)) {
$token = $tokenEntry->getToken();
} else {
$secret = sfConfig::get('app_forgottenPassword_secret');
// token doesn't need to be 32-char long. It is better to keep it short
// so there will be less chance the email client will break the link into 2 lines
$token = substr(md5($requestingUser->getId() . $secret . time()), 0, 14);
$tokenEntry = new PcPasswordResetToken();
$tokenEntry->setUserId($requestingUser->getId());
$tokenEntry->setToken($token);
$tokenEntry->save();
}
// now we can send the email
$link = sfContext::getInstance()->getController()->genUrl('@password-reset?t=' . $token, true);
$from = sfConfig::get('app_emailAddress_contact');
$subject = __('WEBSITE_FORGOTTEN_PSW_EMAIL_SUBJECT');
$body = sprintf(__('WEBSITE_FORGOTTEN_PSW_EMAIL_BODY'), $link);
PcUtils::sendEmail($email, $subject, $body, $from);
}
