use Friendica\App;
use Friendica\Core\System;
use Friendica\Database\DBM;
+use Friendica\Model\User;
require_once 'include/boot.php';
require_once 'include/enotify.php';
return $o;
}
- $new_password = autoname(6) . mt_rand(100, 9999);
- $new_password_encoded = hash('whirlpool', $new_password);
-
- $result = dba::update('user', ['password' => $new_password_encoded, 'pwdreset' => ''], ['uid' => $user['uid']]);
+ $new_password = User::generateNewPassword();
+ $result = User::updatePassword($user['uid'], $new_password);
if (DBM::is_result($result)) {
$tpl = get_markup_template('pwdreset.tpl');
$o .= replace_macros($tpl,
/**
* @file mod/settings.php
*/
+
use Friendica\App;
use Friendica\Content\Feature;
use Friendica\Content\Nav;
use Friendica\Core\Addon;
-use Friendica\Core\System;
-use Friendica\Core\Worker;
use Friendica\Core\Config;
use Friendica\Core\PConfig;
+use Friendica\Core\System;
+use Friendica\Core\Worker;
use Friendica\Database\DBM;
use Friendica\Model\GContact;
use Friendica\Model\Group;
}
if (!$err) {
- $password = hash('whirlpool', $newpass);
- $r = q("UPDATE `user` SET `password` = '%s' WHERE `uid` = %d",
- dbesc($password),
- intval(local_user())
- );
- if (DBM::is_result($r)) {
+ $result = User::updatePassword(local_user(), $newpass);
+ if (DBM::is_result($result)) {
info(t('Password changed.') . EOL);
} else {
notice(t('Password update failed. Please try again.') . EOL);
return false;
}
- $password_hashed = hash('whirlpool', $password);
+ $password_hashed = self::hashPassword($password);
if ($password_hashed !== $user['password']) {
return false;
return $user['uid'];
}
+ /**
+ * Generates a human-readable random password
+ *
+ * @return string
+ */
+ public static function generateNewPassword()
+ {
+ return autoname(6) . mt_rand(100, 9999);
+ }
+
+ /**
+ * Global user password hashing function
+ *
+ * @param string $password
+ * @return string
+ */
+ private static function hashPassword($password)
+ {
+ return hash('whirlpool', $password);
+ }
+
+ /**
+ * Updates a user row with a new plaintext password
+ *
+ * @param int $uid
+ * @param string $password
+ * @return bool
+ */
+ public static function updatePassword($uid, $password)
+ {
+ return self::updatePasswordHashed($uid, self::hashPassword($password));
+ }
+
+ /**
+ * Updates a user row with a new hashed password.
+ * Empties the password reset token field just in case.
+ *
+ * @param int $uid
+ * @param string $pasword_hashed
+ * @return bool
+ */
+ private static function updatePasswordHashed($uid, $pasword_hashed)
+ {
+ return dba::update('user', ['password' => $pasword_hashed, 'pwdreset' => ''], ['uid' => $uid]);
+ }
+
/**
* @brief Catch-all user creation function
*
throw new Exception(t('Nickname is already registered. Please choose another.'));
}
- $new_password = strlen($password) ? $password : autoname(6) . mt_rand(100, 9999);
- $new_password_encoded = hash('whirlpool', $new_password);
+ $new_password = strlen($password) ? $password : User::generateNewPassword();
+ $new_password_encoded = self::hashPassword($new_password);
$return['password'] = $new_password;
projects / friendica.git / commitdiff