. * */ namespace Vvveb\Controller\User; use function Vvveb\__; use function Vvveb\email; use function Vvveb\setLanguage; use Vvveb\System\Functions\Str; use Vvveb\System\Sites; use Vvveb\System\User\Admin; use function Vvveb\url; #[\AllowDynamicProperties] class Reset { function reset() { $token = $this->request->get['token'] ?? false; $user = $this->request->get['user'] ?? false; $password = $this->request->post['password'] ?? false; $confirmPassword = $this->request->post['confirm_password'] ?? false; $admin = []; if ($user && $token) { $admin = Admin::get(['username' => $user, 'token' => $token, 'status' => 1]); if ($password) { if ($confirmPassword && ($password === $confirmPassword)) { if ($admin) { if (Admin::update(['token' => '', 'password' => $password], ['username' => $user, 'token' => $token])) { $success = __('Password was reset!'); $this->view->success['login'] = $success; $this->session->set('success', ['login' => $success]); header('Location: ' . url(['module' => 'user/login'/*, 'success' => $success*/])); } else { $errors = __('Update failed!'); $this->view->errors['login'] = $errors; $this->session->set('errors', ['login' => $errors]); } } } else { $errors = __('Passwords don\'t match!'); $this->view->errors['login'] = $errors; } } } if (! $admin) { die(__('Invalid or expired token!')); } } function index() { $email = $this->request->post['email'] ?? false; $loginData = []; $language = $this->session->get('language') ?? 'en_US'; setLanguage($language); if ($email) { $loginData['email'] = $email; if (($adminData = Admin::get($loginData)) != false) { //set reset token and send reset email $token = Str::random(32); Admin::update(['token' => $token], ['email' => $adminData['email']]); $agent = $_SERVER['HTTP_USER_AGENT']; if (strpos($agent, 'Linux') !== false) { $os = 'Linux'; } elseif (strpos($agent, '/Win/') !== false) { $os = 'Windows'; } elseif (strpos($agent, '/Mac/') !== false) { $os = 'Mac'; } else { $os = 'UnKnown'; } $site = Sites :: getSiteData(); $reset_url = url(['module' => 'user/reset', 'action' => 'reset', 'token' => $token, 'user' => $adminData['username'], 'host' => $site['host'] ?? false]); $data = $adminData + ['token' => $token, 'operating_system' => $os, 'browser_name' => $_SERVER['HTTP_USER_AGENT'], 'reset_url' => $reset_url]; if (email($adminData['email'], __('Password reset'), 'user/reset', $data)) { $success = __('A reset email was sent, please use it to reset your password!'); $this->view->success[] = $success; $this->session->set('success', $success); header('Location: ' . url(['module' => 'user/login'/* 'success' => $success*/])); } else { $this->view->errors['login'] = __('Error sending reset email!'); } } else { $this->view->errors['login'] = __('Email not found!'); } } } }