37 lines
829 B
PHP
37 lines
829 B
PHP
<?php
|
|
|
|
use Vn\Web;
|
|
|
|
class RecoverPassword extends Vn\Web\JsonRequest {
|
|
const PARAMS = ['recoverUser'];
|
|
|
|
function run($db) {
|
|
$recoverUser = $_REQUEST['recoverUser'];
|
|
|
|
$user = $db->getRow(
|
|
'SELECT email, active FROM account.user WHERE name = #',
|
|
[$recoverUser]
|
|
);
|
|
|
|
if (!($user['active'] && $user['email']))
|
|
return TRUE;
|
|
|
|
$verificationToken = bin2hex(random_bytes(16));
|
|
$db->query(
|
|
'UPDATE account.user SET verificationToken = #
|
|
WHERE name = #',
|
|
[$verificationToken, $recoverUser]
|
|
);
|
|
|
|
$service = $this->service;
|
|
$token = $service->createToken($recoverUser);
|
|
$url = $service->getUrl() ."#!form=account/conf&verificationToken=$verificationToken&token=$token";
|
|
|
|
$report = new Vn\Web\Report($db, 'recover-password', ['url' => $url]);
|
|
$report->sendMail($user['email']);
|
|
|
|
return TRUE;
|
|
}
|
|
}
|
|
|