friendica/mod/lostpass.php

<?php
/**
 * @copyright Copyright (C) 2010-2023, the Friendica project
 *
 * @license GNU AGPL version 3 or any later version
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU Affero General Public License as
 * published by the Free Software Foundation, either version 3 of the
 * License, or (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU Affero General Public License for more details.
 *
 * You should have received a copy of the GNU Affero General Public License
 * along with this program.  If not, see <https://www.gnu.org/licenses/>.
 *
 */

use Friendica\App;
use Friendica\Core\Renderer;
use Friendica\Database\DBA;
use Friendica\DI;
use Friendica\Model\User;
use Friendica\Util\DateTimeFormat;
use Friendica\Util\Strings;

function lostpass_post(App $a)
{
	$loginame = trim($_POST['login-name']);
	if (!$loginame) {
		DI::baseUrl()->redirect();
	}

	$condition = ['(`email` = ? OR `nickname` = ?) AND `verified` = 1 AND `blocked` = 0 AND `account_removed` = 0 AND `account_expired` = 0', $loginame, $loginame];
	$user = DBA::selectFirst('user', ['uid', 'username', 'nickname', 'email', 'language'], $condition);
	if (!DBA::isResult($user)) {
		DI::sysmsg()->addNotice(DI::l10n()->t('No valid account found.'));
		DI::baseUrl()->redirect();
	}

	$pwdreset_token = Strings::getRandomHex(32);

	$fields = [
		'pwdreset' => hash('sha256', $pwdreset_token),
		'pwdreset_time' => DateTimeFormat::utcNow()
	];
	$result = DBA::update('user', $fields, ['uid' => $user['uid']]);
	if ($result) {
		DI::sysmsg()->addInfo(DI::l10n()->t('Password reset request issued. Check your email.'));
	}

	$sitename = DI::config()->get('config', 'sitename');
	$resetlink = DI::baseUrl() . '/lostpass/' . $pwdreset_token;

	$preamble = Strings::deindent(DI::l10n()->t('
		Dear %1$s,
			A request was recently received at "%2$s" to reset your account
		password. In order to confirm this request, please select the verification link
		below or paste it into your web browser address bar.

		If you did NOT request this change, please DO NOT follow the link
		provided and ignore and/or delete this email, the request will expire shortly.

		Your password will not be changed unless we can verify that you
		issued this request.', $user['username'], $sitename));
	$body = Strings::deindent(DI::l10n()->t('
		Follow this link soon to verify your identity:

		%1$s

		You will then receive a follow-up message containing the new password.
		You may change that password from your account settings page after logging in.

		The login details are as follows:

		Site Location:	%2$s
		Login Name:	%3$s', $resetlink, DI::baseUrl(), $user['nickname']));

	$email = DI::emailer()
		->newSystemMail()
		->withMessage(DI::l10n()->t('Password reset requested at %s', $sitename), $preamble, $body)
		->forUser($user)
		->withRecipient($user['email'])
		->build();

	DI::emailer()->send($email);
	DI::baseUrl()->redirect();
}

function lostpass_content(App $a)
{
	if (DI::args()->getArgc() > 1) {
		$pwdreset_token = DI::args()->getArgv()[1];

		$user = DBA::selectFirst('user', ['uid', 'username', 'nickname', 'email', 'pwdreset_time', 'language'], ['pwdreset' => hash('sha256', $pwdreset_token)]);
		if (!DBA::isResult($user)) {
			DI::sysmsg()->addNotice(DI::l10n()->t("Request could not be verified. \x28You may have previously submitted it.\x29 Password reset failed."));

			return lostpass_form();
		}

		// Password reset requests expire in 60 minutes
		if ($user['pwdreset_time'] < DateTimeFormat::utc('now - 1 hour')) {
			$fields = [
				'pwdreset' => null,
				'pwdreset_time' => null
			];
			DBA::update('user', $fields, ['uid' => $user['uid']]);

			DI::sysmsg()->addNotice(DI::l10n()->t('Request has expired, please make a new one.'));

			return lostpass_form();
		}

		return lostpass_generate_password($user);
	} else {
		return lostpass_form();
	}
}

function lostpass_form()
{
	$tpl = Renderer::getMarkupTemplate('lostpass.tpl');
	$o = Renderer::replaceMacros($tpl, [
		'$title' => DI::l10n()->t('Forgot your Password?'),
		'$desc' => DI::l10n()->t('Enter your email address and submit to have your password reset. Then check your email for further instructions.'),
		'$name' => DI::l10n()->t('Nickname or Email: '),
		'$submit' => DI::l10n()->t('Reset')
	]);

	return $o;
}

function lostpass_generate_password($user)
{
	$o = '';

	$new_password = User::generateNewPassword();
	$result = User::updatePassword($user['uid'], $new_password);
	if (DBA::isResult($result)) {
		$tpl = Renderer::getMarkupTemplate('pwdreset.tpl');
		$o .= Renderer::replaceMacros($tpl, [
			'$lbl1'    => DI::l10n()->t('Password Reset'),
			'$lbl2'    => DI::l10n()->t('Your password has been reset as requested.'),
			'$lbl3'    => DI::l10n()->t('Your new password is'),
			'$lbl4'    => DI::l10n()->t('Save or copy your new password - and then'),
			'$lbl5'    => '<a href="' . DI::baseUrl() . '">' . DI::l10n()->t('click here to login') . '</a>.',
			'$lbl6'    => DI::l10n()->t('Your password may be changed from the <em>Settings</em> page after successful login.'),
			'$newpass' => $new_password,
		]);

		DI::sysmsg()->addInfo(DI::l10n()->t("Your password has been reset."));

		$sitename = DI::config()->get('config', 'sitename');
		$preamble = Strings::deindent(DI::l10n()->t('
			Dear %1$s,
				Your password has been changed as requested. Please retain this
			information for your records ' . "\x28" . 'or change your password immediately to
			something that you will remember' . "\x29" . '.
		', $user['username']));
		$body = Strings::deindent(DI::l10n()->t('
			Your login details are as follows:

			Site Location:	%1$s
			Login Name:	%2$s
			Password:	%3$s

			You may change that password from your account settings page after logging in.
		', DI::baseUrl(), $user['nickname'], $new_password));

		$email = DI::emailer()
			->newSystemMail()
			->withMessage(DI::l10n()->t('Your password has been changed at %s', $sitename), $preamble, $body)
			->forUser($user)
			->withRecipient($user['email'])
			->build();
		DI::emailer()->send($email);
	}

	return $o;
}
password reset 2010-07-18 08:24:51 +00:00			`<?php`
Require Cleanup Remove instances of require_once for email.php 2017-12-01 19:57:13 +00:00			`/**`
Happy New Year 2023! 2023-01-01 14:36:24 +00:00			`* @copyright Copyright (C) 2010-2023, the Friendica project`
Add license info at Friendica PHP files 2020-02-09 15:18:46 +00:00			`*`
			`* @license GNU AGPL version 3 or any later version`
			`*`
			`* This program is free software: you can redistribute it and/or modify`
			`* it under the terms of the GNU Affero General Public License as`
			`* published by the Free Software Foundation, either version 3 of the`
			`* License, or (at your option) any later version.`
			`*`
			`* This program is distributed in the hope that it will be useful,`
			`* but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`* GNU Affero General Public License for more details.`
			`*`
			`* You should have received a copy of the GNU Affero General Public License`
			`* along with this program. If not, see <https://www.gnu.org/licenses/>.`
			`*`
Require Cleanup Remove instances of require_once for email.php 2017-12-01 19:57:13 +00:00			`*/`
Fix formatting mod/lostpass 2018-01-20 03:27:31 +00:00
Move App to src - Add `use Friendica\App;` wherever needed 2017-04-30 04:07:00 +00:00			`use Friendica\App;`
replace macros implement new replaceMacros function 2018-10-31 14:35:50 +00:00			`use Friendica\Core\Renderer;`
Rename Friendica\Database\dba to Friendica\Database\DBA 2018-07-20 12:19:26 +00:00			`use Friendica\Database\DBA;`
Refactor deprecated App::internalRedirect() to DI::baseUrl()->redirect() 2019-12-15 23:28:31 +00:00			`use Friendica\DI;`
Centralize password hashing in Model\User 2018-01-20 03:49:06 +00:00			`use Friendica\Model\User;`
Move Temporal::convert() to DateTimeFormat::convert() 2018-01-27 02:38:34 +00:00			`use Friendica\Util\DateTimeFormat;`
notags calls implement removeTags function 2018-11-08 15:14:37 +00:00			`use Friendica\Util\Strings;`
Move App to src - Add `use Friendica\App;` wherever needed 2017-04-30 04:07:00 +00:00
Fix formatting mod/lostpass 2018-01-20 03:27:31 +00:00			`function lostpass_post(App $a)`
			`{`
Some removed escapeTags calls 2021-11-05 19:59:18 +00:00			`$loginame = trim($_POST['login-name']);`
Fix formatting mod/lostpass 2018-01-20 03:27:31 +00:00			`if (!$loginame) {`
Refactor deprecated App::internalRedirect() to DI::baseUrl()->redirect() 2019-12-15 23:28:31 +00:00			`DI::baseUrl()->redirect();`
Fix formatting mod/lostpass 2018-01-20 03:27:31 +00:00			`}`
password reset 2010-07-18 08:24:51 +00:00
Don't send password reset emails to deleted user accounts 2022-11-12 14:58:58 +00:00			$condition = ['(`email` = ? OR `nickname` = ?) AND `verified` = 1 AND `blocked` = 0 AND `account_removed` = 0 AND `account_expired` = 0', $loginame, $loginame];
Use nickname instead of email for Login Name 2019-01-04 01:42:29 +00:00			`$user = DBA::selectFirst('user', ['uid', 'username', 'nickname', 'email', 'language'], $condition);`
Rename DBA::is_result to DBA::isResult 2018-07-21 12:46:04 +00:00			`if (!DBA::isResult($user)) {`
Replace "notice" calls 2022-10-17 11:27:32 +00:00			`DI::sysmsg()->addNotice(DI::l10n()->t('No valid account found.'));`
Refactor deprecated App::internalRedirect() to DI::baseUrl()->redirect() 2019-12-15 23:28:31 +00:00			`DI::baseUrl()->redirect();`
don't allow blocked/unverified users to reset their password. 2011-06-29 07:59:21 +00:00			`}`

Update lostpass.php use CSPRNG for password reset token generation 2020-04-04 08:06:49 +00:00			`$pwdreset_token = Strings::getRandomHex(32);`
password reset 2010-07-18 08:24:51 +00:00
Add password reset request expiration - Change password reset link to /lostpass/[pwdreset] 2018-01-20 23:15:55 +00:00			`$fields = [`
Update lostpass.php reduce info leakage on password reset tokens 2020-04-04 08:10:39 +00:00			`'pwdreset' => hash('sha256', $pwdreset_token),`
Move Temporal::convert() to DateTimeFormat::convert() 2018-01-27 02:38:34 +00:00			`'pwdreset_time' => DateTimeFormat::utcNow()`
Add password reset request expiration - Change password reset link to /lostpass/[pwdreset] 2018-01-20 23:15:55 +00:00			`];`
Rename Friendica\Database\dba to Friendica\Database\DBA 2018-07-20 12:19:26 +00:00			`$result = DBA::update('user', $fields, ['uid' => $user['uid']]);`
Fix formatting mod/lostpass 2018-01-20 03:27:31 +00:00			`if ($result) {`
The notice and info have been moved 2022-10-17 18:55:22 +00:00			`DI::sysmsg()->addInfo(DI::l10n()->t('Password reset request issued. Check your email.'));`
Fix formatting mod/lostpass 2018-01-20 03:27:31 +00:00			`}`
password reset 2010-07-18 08:24:51 +00:00
Move Config::get() to DI::config()->get() 2020-01-19 20:21:13 +00:00			`$sitename = DI::config()->get('config', 'sitename');`
Move redundant System::baseUrl() to DI::baseUrl() calls 2019-12-30 22:00:08 +00:00			`$resetlink = DI::baseUrl() . '/lostpass/' . $pwdreset_token;`
lost password verification mail via notification() 2014-09-07 08:27:39 +00:00
Move L10n::t() calls to DI::l10n()->t() calls 2020-01-18 19:52:34 +00:00			`$preamble = Strings::deindent(DI::l10n()->t('`
new password mail via notification() new include/text.php::deindent() function remove unused templates 2014-09-07 09:20:06 +00:00			`Dear %1$s,`
			`A request was recently received at "%2$s" to reset your account`
			`password. In order to confirm this request, please select the verification link`
			`below or paste it into your web browser address bar.`
lost password verification mail via notification() 2014-09-07 08:27:39 +00:00
new password mail via notification() new include/text.php::deindent() function remove unused templates 2014-09-07 09:20:06 +00:00			`If you did NOT request this change, please DO NOT follow the link`
Change password reset wording to acknowledge the expiration 2018-01-21 00:12:14 +00:00			`provided and ignore and/or delete this email, the request will expire shortly.`
lost password verification mail via notification() 2014-09-07 08:27:39 +00:00
new password mail via notification() new include/text.php::deindent() function remove unused templates 2014-09-07 09:20:06 +00:00			`Your password will not be changed unless we can verify that you`
Fix formatting mod/lostpass 2018-01-20 03:27:31 +00:00			`issued this request.', $user['username'], $sitename));`
Move L10n::t() calls to DI::l10n()->t() calls 2020-01-18 19:52:34 +00:00			`$body = Strings::deindent(DI::l10n()->t('`
Change password reset wording to acknowledge the expiration 2018-01-21 00:12:14 +00:00			`Follow this link soon to verify your identity:`
lost password verification mail via notification() 2014-09-07 08:27:39 +00:00
new password mail via notification() new include/text.php::deindent() function remove unused templates 2014-09-07 09:20:06 +00:00			`%1$s`
lost password verification mail via notification() 2014-09-07 08:27:39 +00:00
new password mail via notification() new include/text.php::deindent() function remove unused templates 2014-09-07 09:20:06 +00:00			`You will then receive a follow-up message containing the new password.`
			`You may change that password from your account settings page after logging in.`
lost password verification mail via notification() 2014-09-07 08:27:39 +00:00
new password mail via notification() new include/text.php::deindent() function remove unused templates 2014-09-07 09:20:06 +00:00			`The login details are as follows:`
lost password verification mail via notification() 2014-09-07 08:27:39 +00:00
new password mail via notification() new include/text.php::deindent() function remove unused templates 2014-09-07 09:20:06 +00:00			`Site Location: %2$s`
Move redundant System::baseUrl() to DI::baseUrl() calls 2019-12-30 22:00:08 +00:00			`Login Name: %3$s', $resetlink, DI::baseUrl(), $user['nickname']));`
lost password verification mail via notification() 2014-09-07 08:27:39 +00:00
Extract System emails from enotify - Removed every SYSTEM_EMAIL occurrence in enotify - Introduced a "SystemMailBuilder" for build system emails - Replaced every SYSTEM_EMAIL usage in the classes with calling this builder - Added tests for this new Builder - Split the email templates between "base" template for email and concrete usages for different use cases 2020-02-01 19:08:54 +00:00			`$email = DI::emailer()`
simplify mail creation 2020-02-04 20:04:08 +00:00			`->newSystemMail()`
Fix indents 2020-02-02 08:22:30 +00:00			`->withMessage(DI::l10n()->t('Password reset requested at %s', $sitename), $preamble, $body)`
simplify mail creation 2020-02-04 20:04:08 +00:00			`->forUser($user)`
Fix indents 2020-02-02 08:22:30 +00:00			`->withRecipient($user['email'])`
			`->build();`
Extract System emails from enotify - Removed every SYSTEM_EMAIL occurrence in enotify - Introduced a "SystemMailBuilder" for build system emails - Replaced every SYSTEM_EMAIL usage in the classes with calling this builder - Added tests for this new Builder - Split the email templates between "base" template for email and concrete usages for different use cases 2020-02-01 19:08:54 +00:00
			`DI::emailer()->send($email);`
Refactor deprecated App::internalRedirect() to DI::baseUrl()->redirect() 2019-12-15 23:28:31 +00:00			`DI::baseUrl()->redirect();`
Updated modules to allow for partial overrides without errors Only define functions if they have not been defined before, e.g. in themes. This makes it possible to override parts of a module and still use the other functions. 2016-02-05 20:52:39 +00:00			`}`
password reset 2010-07-18 08:24:51 +00:00
Fix formatting mod/lostpass 2018-01-20 03:27:31 +00:00			`function lostpass_content(App $a)`
			`{`
Replaced argv/argc with replacement functions 2021-07-25 13:08:22 +00:00			`if (DI::args()->getArgc() > 1) {`
			`$pwdreset_token = DI::args()->getArgv()[1];`
Revert "Updated modules to allow for partial overrides without errors" This reverts commit db949bb802448184bfe5164d8d3dd86ddf51b187. 2016-02-07 14:11:34 +00:00
Update lostpass.php reduce info leakage on password reset tokens 2020-04-04 08:10:39 +00:00			`$user = DBA::selectFirst('user', ['uid', 'username', 'nickname', 'email', 'pwdreset_time', 'language'], ['pwdreset' => hash('sha256', $pwdreset_token)]);`
Rename DBA::is_result to DBA::isResult 2018-07-21 12:46:04 +00:00			`if (!DBA::isResult($user)) {`
Replace "notice" calls 2022-10-17 11:27:32 +00:00			`DI::sysmsg()->addNotice(DI::l10n()->t("Request could not be verified. \x28You may have previously submitted it.\x29 Password reset failed."));`
Add password reset request expiration - Change password reset link to /lostpass/[pwdreset] 2018-01-20 23:15:55 +00:00
			`return lostpass_form();`
password reset 2010-07-18 08:24:51 +00:00			`}`

Update comment with updated expiration time 2018-01-21 00:15:05 +00:00			`// Password reset requests expire in 60 minutes`
Move Temporal::convert() to DateTimeFormat::convert() 2018-01-27 02:38:34 +00:00			`if ($user['pwdreset_time'] < DateTimeFormat::utc('now - 1 hour')) {`
Add password reset request expiration - Change password reset link to /lostpass/[pwdreset] 2018-01-20 23:15:55 +00:00			`$fields = [`
			`'pwdreset' => null,`
			`'pwdreset_time' => null`
			`];`
Rename Friendica\Database\dba to Friendica\Database\DBA 2018-07-20 12:19:26 +00:00			`DBA::update('user', $fields, ['uid' => $user['uid']]);`
Add password reset request expiration - Change password reset link to /lostpass/[pwdreset] 2018-01-20 23:15:55 +00:00
Replace "notice" calls 2022-10-17 11:27:32 +00:00			`DI::sysmsg()->addNotice(DI::l10n()->t('Request has expired, please make a new one.'));`
Add password reset request expiration - Change password reset link to /lostpass/[pwdreset] 2018-01-20 23:15:55 +00:00
			`return lostpass_form();`
password reset 2010-07-18 08:24:51 +00:00			`}`
Add password reset request expiration - Change password reset link to /lostpass/[pwdreset] 2018-01-20 23:15:55 +00:00
			`return lostpass_generate_password($user);`
Fix formatting mod/lostpass 2018-01-20 03:27:31 +00:00			`} else {`
Add password reset request expiration - Change password reset link to /lostpass/[pwdreset] 2018-01-20 23:15:55 +00:00			`return lostpass_form();`
			`}`
			`}`

			`function lostpass_form()`
			`{`
get markup template implement getMarkupTemplate function 2018-10-31 14:44:06 +00:00			`$tpl = Renderer::getMarkupTemplate('lostpass.tpl');`
replace macros implement new replaceMacros function 2018-10-31 14:35:50 +00:00			`$o = Renderer::replaceMacros($tpl, [`
Move L10n::t() calls to DI::l10n()->t() calls 2020-01-18 19:52:34 +00:00			`'$title' => DI::l10n()->t('Forgot your Password?'),`
			`'$desc' => DI::l10n()->t('Enter your email address and submit to have your password reset. Then check your email for further instructions.'),`
			`'$name' => DI::l10n()->t('Nickname or Email: '),`
			`'$submit' => DI::l10n()->t('Reset')`
Add password reset request expiration - Change password reset link to /lostpass/[pwdreset] 2018-01-20 23:15:55 +00:00			`]);`

			`return $o;`
			`}`

			`function lostpass_generate_password($user)`
			`{`
			`$o = '';`

			`$new_password = User::generateNewPassword();`
			`$result = User::updatePassword($user['uid'], $new_password);`
Rename DBA::is_result to DBA::isResult 2018-07-21 12:46:04 +00:00			`if (DBA::isResult($result)) {`
get markup template implement getMarkupTemplate function 2018-10-31 14:44:06 +00:00			`$tpl = Renderer::getMarkupTemplate('pwdreset.tpl');`
replace macros implement new replaceMacros function 2018-10-31 14:35:50 +00:00			`$o .= Renderer::replaceMacros($tpl, [`
Move L10n::t() calls to DI::l10n()->t() calls 2020-01-18 19:52:34 +00:00			`'$lbl1' => DI::l10n()->t('Password Reset'),`
			`'$lbl2' => DI::l10n()->t('Your password has been reset as requested.'),`
			`'$lbl3' => DI::l10n()->t('Your new password is'),`
			`'$lbl4' => DI::l10n()->t('Save or copy your new password - and then'),`
			`'$lbl5' => '<a href="' . DI::baseUrl() . '">' . DI::l10n()->t('click here to login') . '</a>.',`
			`'$lbl6' => DI::l10n()->t('Your password may be changed from the <em>Settings</em> page after successful login.'),`
Add password reset request expiration - Change password reset link to /lostpass/[pwdreset] 2018-01-20 23:15:55 +00:00			`'$newpass' => $new_password,`
Use short form array syntax everywhere - Add short form array syntax to po2php.php generation 2018-01-15 13:05:12 +00:00			`]);`
password reset 2010-07-18 08:24:51 +00:00
The notice and info have been moved 2022-10-17 18:55:22 +00:00			`DI::sysmsg()->addInfo(DI::l10n()->t("Your password has been reset."));`
Add password reset request expiration - Change password reset link to /lostpass/[pwdreset] 2018-01-20 23:15:55 +00:00
Move Config::get() to DI::config()->get() 2020-01-19 20:21:13 +00:00			`$sitename = DI::config()->get('config', 'sitename');`
Move L10n::t() calls to DI::l10n()->t() calls 2020-01-18 19:52:34 +00:00			`$preamble = Strings::deindent(DI::l10n()->t('`
Add password reset request expiration - Change password reset link to /lostpass/[pwdreset] 2018-01-20 23:15:55 +00:00			`Dear %1$s,`
			`Your password has been changed as requested. Please retain this`
Fix translation strings for use with util/extract.php - Change parentheses to “\x28” and “\x29” - Remove leading commas - Remove quotes before commas 2018-01-24 21:51:32 +00:00			`information for your records ' . "\x28" . 'or change your password immediately to`
			`something that you will remember' . "\x29" . '.`
Add password reset request expiration - Change password reset link to /lostpass/[pwdreset] 2018-01-20 23:15:55 +00:00			`', $user['username']));`
Move L10n::t() calls to DI::l10n()->t() calls 2020-01-18 19:52:34 +00:00			`$body = Strings::deindent(DI::l10n()->t('`
Add password reset request expiration - Change password reset link to /lostpass/[pwdreset] 2018-01-20 23:15:55 +00:00			`Your login details are as follows:`

			`Site Location: %1$s`
			`Login Name: %2$s`
			`Password: %3$s`

			`You may change that password from your account settings page after logging in.`
Move redundant System::baseUrl() to DI::baseUrl() calls 2019-12-30 22:00:08 +00:00			`', DI::baseUrl(), $user['nickname'], $new_password));`
Add password reset request expiration - Change password reset link to /lostpass/[pwdreset] 2018-01-20 23:15:55 +00:00
Extract System emails from enotify - Removed every SYSTEM_EMAIL occurrence in enotify - Introduced a "SystemMailBuilder" for build system emails - Replaced every SYSTEM_EMAIL usage in the classes with calling this builder - Added tests for this new Builder - Split the email templates between "base" template for email and concrete usages for different use cases 2020-02-01 19:08:54 +00:00			`$email = DI::emailer()`
simplify mail creation 2020-02-04 20:04:08 +00:00			`->newSystemMail()`
switched intend 2020-02-02 08:15:05 +00:00			`->withMessage(DI::l10n()->t('Your password has been changed at %s', $sitename), $preamble, $body)`
simplify mail creation 2020-02-04 20:04:08 +00:00			`->forUser($user)`
switched intend 2020-02-02 08:15:05 +00:00			`->withRecipient($user['email'])`
			`->build();`
Extract System emails from enotify - Removed every SYSTEM_EMAIL occurrence in enotify - Introduced a "SystemMailBuilder" for build system emails - Replaced every SYSTEM_EMAIL usage in the classes with calling this builder - Added tests for this new Builder - Split the email templates between "base" template for email and concrete usages for different use cases 2020-02-01 19:08:54 +00:00			`DI::emailer()->send($email);`
password reset 2010-07-18 08:24:51 +00:00			`}`
Add password reset request expiration - Change password reset link to /lostpass/[pwdreset] 2018-01-20 23:15:55 +00:00
			`return $o;`
add info() function. Works like notice() but show messages in a div with class info-message. update code to use info() instead of notice() when appropriate (non-error message) add info-message class style in themes 2011-05-23 09:39:57 +00:00			`}`