diff options
author | Philip Häusler <msquare@notrademark.de> | 2013-12-26 13:34:48 +0100 |
---|---|---|
committer | Philip Häusler <msquare@notrademark.de> | 2013-12-26 13:34:48 +0100 |
commit | 0c98f13eee10a61cabdc13e7aa75916d50b8b078 (patch) | |
tree | d3931a0b5ffb03e59c3589de5dcfa3910e10bca6 /includes/model/User_model.php | |
parent | 3cc147d235bc977aedb660d896cbb54d1a4f92ec (diff) |
user password recovery
Diffstat (limited to 'includes/model/User_model.php')
-rw-r--r-- | includes/model/User_model.php | 46 |
1 files changed, 45 insertions, 1 deletions
diff --git a/includes/model/User_model.php b/includes/model/User_model.php index 884aeae8..523685df 100644 --- a/includes/model/User_model.php +++ b/includes/model/User_model.php @@ -31,9 +31,39 @@ function User_by_api_key($api_key) { } /** + * Returns User by email. + * + * @param string $email + * @return Matching user, null or false on error + */ +function User_by_email($email) { + $user = sql_select("SELECT * FROM `User` WHERE `email`='" . sql_escape($email) . "' LIMIT 1"); + if ($user === false) + return false; + if (count($user) == 0) + return null; + return $user[0]; +} + +/** + * Returns User by password token. + * + * @param string $token + * @return Matching user, null or false on error + */ +function User_by_password_recovery_token($token) { + $user = sql_select("SELECT * FROM `User` WHERE `password_recovery_token`='" . sql_escape($token) . "' LIMIT 1"); + if ($user === false) + return false; + if (count($user) == 0) + return null; + return $user[0]; +} + +/** * Generates a new api key for given user. * - * @param User $user + * @param User $user */ function User_reset_api_key(&$user) { $user['api_key'] = md5($user['Nick'] . time() . rand()); @@ -43,4 +73,18 @@ function User_reset_api_key(&$user) { engelsystem_log("API key resetted."); } +/** + * Generates a new password recovery token for given user. + * + * @param User $user + */ +function User_generate_password_recovery_token(&$user) { + $user['password_recovery_token'] = md5($user['Nick'] . time() . rand()); + $result = sql_query("UPDATE `User` SET `password_recovery_token`='" . sql_escape($user['password_recovery_token']) . "' WHERE `UID`='" . sql_escape($user['UID']) . "' LIMIT 1"); + if ($result === false) + return false; + engelsystem_log("Password recovery for " . $user['Nick'] . " started."); + return $user['password_recovery_token']; +} + ?>
\ No newline at end of file |