params['data'])) { $theUser = $this->User->findByEmail($this->params['data']['User']['email']); if(is_array($theUser) && is_array($theUser['User'])) { $ticket = $this->Tickets->set($theUser['User']['email']); $to = $theUser['User']['email']; // users email $subject = utf8_decode('Password reset information'); $message = 'http://'.$_SERVER['SERVER_NAME'].'/'.$this->params['controller'].'/password/'.$ticket; $from = 'noreply@example.com'; $headers = 'From: ' . $from . "\r\n" . 'Reply-To: ' . $from . "\r\n" . 'X-Mailer: CakePHP PHP ' . phpversion(). "\r\n" . 'Content-Type: text/plain; charset=ISO-8859-1'; if(mail($to, $subject, utf8_decode( sprintf($this->Lang->show('recover_email'), $message) ."\r\n"."\r\n" ), $headers)) { $this->set('message', 'A recovery email was sent. Check your inbox.'); }else{ // internal error, sorry $this->set('message', 'Server error, please try again later.'); } }else{ // no user found for adress $this->set('message', 'No user with that email address'); } } } // uses the ticket to reset the password for the correct user. function password($hash = null) { if ( $email = $this->Tickets->get($this->params['controller'], $hash) ) { $authUser = $this->User->findByEmail($email); if (is_array($authUser)) { if (!empty($this->params['data'])) { $theUser = $this->User->findById($this->params['data']['User']['id']); if ($this->User->save($this->params['data'])) { $this->set('message', 'Your new password was saved.'); }else{ $this->set('message', 'User could not be saved'); } $this->Tickets->del($hash); $this->redirect( '/' ); } unset($authUser['User']['pass']); $this->params['data'] = $authUser; $this->render(); return; } } $this->Tickets->del($hash); $this->set('message', 'No hash provided'); $this->redirect( '/' ); } ?>