diff --git a/public/include/classes/user.class.php b/public/include/classes/user.class.php
index 7eb7808f..a2af2f94 100644
--- a/public/include/classes/user.class.php
+++ b/public/include/classes/user.class.php
@@ -167,6 +167,35 @@ class User extends Base {
return false;
}
+public function generatePin($userID, $current) {
+ $this->debug->append("STA " . __METHOD__, 4);
+ $username = $this->getUserName($userID);
+ $email = $this->getUserEmail($username);
+ $current = $this->getHash($current);
+ $newpin = intval( "0" . rand(1,9) . rand(0,9) . rand(0,9) . rand(0,9) );
+ $aData['username'] = $username;
+ $aData['email'] = $email;
+ $aData['pin'] = $newpin;
+ $newpin = $this->getHash($newpin);
+ $aData['subject'] = 'PIN Reset Request';
+ $stmt = $this->mysqli->prepare("UPDATE $this->table SET pin = ? WHERE ( id = ? AND pass = ? )");
+
+ if ($this->checkStmt($stmt) && $stmt->bind_param('sis', $newpin, $userID, $current) && $stmt->execute())
+ {
+ if ($stmt->errno == 0 && $stmt->affected_rows === 1) {
+ if ($this->mail->sendMail('pin/reset', $aData)) {
+ return true;
+ } else {
+ $this->setErrorMessage('Unable to send mail to your address');
+ return false;
+ }
+ }
+ $stmt->close();
+ }
+ $this->setErrorMessage( 'Unable to generate PIN, current password incorrect?' );
+ return false;
+}
+
/**
* Get all users that have auto payout setup
* @param none
diff --git a/public/include/pages/account/edit.inc.php b/public/include/pages/account/edit.inc.php
index 3bb9c778..0ca82ef9 100644
--- a/public/include/pages/account/edit.inc.php
+++ b/public/include/pages/account/edit.inc.php
@@ -5,6 +5,14 @@ if (!defined('SECURITY'))
die('Hacking attempt');
if ($user->isAuthenticated()) {
+if (isset($_POST['do']) && $_POST['do'] == 'genPin') {
+ if ($user->generatePin($_SESSION['USERDATA']['id'], $_POST['currentPassword'])) {
+ $_SESSION['POPUP'][] = array('CONTENT' => 'Your PIN # has been sent to your email.', 'TYPE' => 'success');
+ } else {
+ $_SESSION['POPUP'][] = array('CONTENT' => $user->getError(), 'TYPE' => 'errormsg');
+ }
+}
+else {
if ( @$_POST['do'] && (! $user->checkPin($_SESSION['USERDATA']['id'], @$_POST['authPin']))) {
$_SESSION['POPUP'][] = array('CONTENT' => 'Invalid PIN. ' . ($config['maxfailed']['pin'] - $user->getUserPinFailed($_SESSION['USERDATA']['id'])) . ' attempts remaining.', 'TYPE' => 'errormsg');
} else {
@@ -49,7 +57,7 @@ if ($user->isAuthenticated()) {
}
}
}
-
+}
// Tempalte specifics
$smarty->assign("CONTENT", "default.tpl");
?>
diff --git a/public/templates/mail/pin/reset.tpl b/public/templates/mail/pin/reset.tpl
new file mode 100644
index 00000000..b7b0d5f1
--- /dev/null
+++ b/public/templates/mail/pin/reset.tpl
@@ -0,0 +1,9 @@
+
+
+Hello {$DATA.username},
+You have requested a PIN reset through our online form.
+Randomly Generated PIN: {$DATA.pin}
+Cheers,
+Website Administration
+
+
diff --git a/public/templates/mpos/account/edit/default.tpl b/public/templates/mpos/account/edit/default.tpl
index 212ded72..ca07b61f 100644
--- a/public/templates/mpos/account/edit/default.tpl
+++ b/public/templates/mpos/account/edit/default.tpl
@@ -131,3 +131,26 @@
+
+
+