The construction of the mail $body looks weird at first, but it's really just a simple string.
public static sendVerificationEmail ( integer $user_id, string $user_email, string $user_activation_hash ) : boolean | ||
$user_id | integer | user's id |
$user_email | string | user's email |
$user_activation_hash | string | user's mail verification hash string |
return | boolean | gives back true if mail has been sent, gives back false if no mail could been sent |
/** * Handles the entire registration process for DEFAULT users (not for people who register with * 3rd party services, like facebook) and creates a new user in the database if everything is fine * * @return boolean Gives back the success status of the registration */ public static function registerNewUser() { // TODO this could be written simpler and cleaner // clean the input $user_name = strip_tags(Request::post('user_name')); $user_email = strip_tags(Request::post('user_email')); $user_password_new = Request::post('user_password_new'); $user_password_repeat = Request::post('user_password_repeat'); // stop registration flow if registrationInputValidation() returns false (= anything breaks the input check rules) if (Config::get('RECAPTCHA_ENABLED')) { $validation_result = RegistrationModel::registrationInputValidation(Request::post('g-recaptcha-response'), $user_name, $user_password_new, $user_password_repeat, $user_email); } else { $validation_result = RegistrationModel::registrationInputValidation(Request::post('captcha'), $user_name, $user_password_new, $user_password_repeat, $user_email); } if (!$validation_result) { return false; } // crypt the password with the PHP 5.5's password_hash() function, results in a 60 character hash string. // @see php.net/manual/en/function.password-hash.php for more, especially for potential options $user_password_hash = password_hash($user_password_new, PASSWORD_DEFAULT); // check if username already exists if (UserModel::doesUsernameAlreadyExist($user_name)) { Session::add('feedback_negative', Text::get('FEEDBACK_USERNAME_ALREADY_TAKEN')); return false; } // check if email already exists if (UserModel::doesEmailAlreadyExist($user_email)) { Session::add('feedback_negative', Text::get('FEEDBACK_USER_EMAIL_ALREADY_TAKEN')); return false; } // generate random hash for email verification (40 char string) $user_activation_hash = sha1(uniqid(mt_rand(), true)); // write user data to database if (!RegistrationModel::writeNewUserToDatabase($user_name, $user_password_hash, $user_email, time(), $user_activation_hash)) { Session::add('feedback_negative', Text::get('FEEDBACK_ACCOUNT_CREATION_FAILED')); } // get user_id of the user that has been created, to keep things clean we DON'T use lastInsertId() here $user_id = UserModel::getUserIdByUsername($user_name); if (!$user_id) { Session::add('feedback_negative', Text::get('FEEDBACK_UNKNOWN_ERROR')); return false; } // send verification email if (RegistrationModel::sendVerificationEmail($user_id, $user_email, $user_activation_hash)) { Session::add('feedback_positive', Text::get('FEEDBACK_ACCOUNT_SUCCESSFULLY_CREATED')); return true; } // if verification email sending failed: instantly delete the user RegistrationModel::rollbackRegistrationByUserId($user_id); Session::add('feedback_negative', Text::get('FEEDBACK_VERIFICATION_MAIL_SENDING_FAILED')); return false; }