This repository has been archived by the owner on Jun 7, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 201
/
password_forgotten.php
58 lines (39 loc) · 2.03 KB
/
password_forgotten.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
<?php
/*
$Id$
CE Phoenix, E-Commerce made Easy
https://phoenixcart.org
Copyright (c) 2021 Phoenix Cart
Released under the GNU General Public License
*/
require 'includes/application_top.php';
require language::map_to_translation('password_forgotten.php');
if (!$customer_data->has(['email_address'])) {
tep_redirect(tep_href_link('index.php'));
}
$password_reset_initiated = false;
if (tep_validate_form_action_is('process')) {
$email_address = Text::input($_POST['email_address']);
$check_customer_query = tep_db_query($customer_data->build_read(['name', 'id'], 'customers', ['email_address' => $email_address]));
if ($check_customer = $check_customer_query->fetch_assoc()) {
$actionRecorder = new actionRecorder('ar_reset_password', $customer_data->get('id', $check_customer), $email_address);
if ($actionRecorder->canPerform()) {
$actionRecorder->record();
$reset_key = tep_create_random_value(40);
tep_db_query("UPDATE customers_info SET password_reset_key = '" . tep_db_input($reset_key) . "', password_reset_date = NOW() WHERE customers_info_id = " . (int)$check_customer['id']);
$reset_key_url = tep_href_link('password_reset.php', 'account=' . urlencode($email_address) . '&key=' . $reset_key, 'SSL', false);
if ( strpos($reset_key_url, '&') !== false ) {
$reset_key_url = str_replace('&', '&', $reset_key_url);
}
tep_mail($customer_data->get('name', $check_customer), $email_address, EMAIL_PASSWORD_RESET_SUBJECT, sprintf(EMAIL_PASSWORD_RESET_BODY, $reset_key_url), STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
$password_reset_initiated = true;
} else {
$actionRecorder->record(false);
$messageStack->add('password_forgotten', sprintf(ERROR_ACTION_RECORDER, $ar_reset_password->minutes));
}
} else {
$messageStack->add('password_forgotten', TEXT_NO_EMAIL_ADDRESS_FOUND);
}
}
require $oscTemplate->map_to_template(__FILE__, 'page');
require 'includes/application_bottom.php';