aboutsummaryrefslogtreecommitdiff
path: root/actions/admin/user/resetpassword.php
blob: d168ab9cce1041afc9860329d6b481d72c5e0c0d (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
<?php
/**
 * Admin password reset.
 *
 * @package Elgg
 * @subpackage Core
 * @author Curverider Ltd
 * @link http://elgg.org/
 */

global $CONFIG;

// block non-admin users
admin_gatekeeper();
action_gatekeeper();

// Get the user
$guid = get_input('guid');
$obj = get_entity($guid);

if (($obj instanceof ElggUser) && ($obj->canEdit())) {
	$password = generate_random_cleartext_password();

	$obj->salt = generate_random_cleartext_password(); // Reset the salt
	$obj->password = generate_user_password($obj, $password);

	if ($obj->save()) {
		system_message(elgg_echo('admin:user:resetpassword:yes'));

		notify_user($obj->guid,
			$CONFIG->site->guid,
			elgg_echo('email:resetpassword:subject'),
			sprintf(elgg_echo('email:resetpassword:body'), $obj->username, $password),
			NULL,
			'email');
	} else {
		register_error(elgg_echo('admin:user:resetpassword:no'));
	}
} else {
	register_error(elgg_echo('admin:user:resetpassword:no'));
}

forward($_SERVER['HTTP_REFERER']);
exit;