From 71d1bb1b53f7f8c5a5810a002a04ffebb047c41c Mon Sep 17 00:00:00 2001 From: scholzDaSense Date: Thu, 11 Jul 2013 19:43:44 +0200 Subject: [PATCH] function for changing user password --- security/Security.php | 36 ++++++++++++++++++++++++++++++++++++ 1 file changed, 36 insertions(+) diff --git a/security/Security.php b/security/Security.php index 155b2c7..4ffaab8 100644 --- a/security/Security.php +++ b/security/Security.php @@ -43,6 +43,42 @@ class Security { return ($advancedResult ? $result->next() : self::REGISTER_OK); } + + public static function changePassword(\SYSTEM\DB\DBInfo $dbinfo, $username, $password_sha_old, $password_sha_new){ + + $con = new \SYSTEM\DB\Connection($dbinfo); + if(\SYSTEM\system::isSystemDbInfoPG()){ + $result = $con->prepare('', + 'SELECT id FROM '.\SYSTEM\DBD\UserTable::NAME_PG. + ' WHERE lower('.\SYSTEM\DBD\UserTable::FIELD_USERNAME.') LIKE lower($1)'. + ' AND '.\SYSTEM\DBD\UserTable::FIELD_PASSWORD_SHA.' = $2;', + array($username, $password_sha_old) ); + + }else{ + return 'MySQL Query not implemented!'; + } + + + $row = $result->next(); + if(!$row){ + return 0; // old password wrong + } + + $userID = $row['id']; + if(\SYSTEM\system::isSystemDbInfoPG()){ + $result = $con->prepare('', + 'UPDATE '.\SYSTEM\DBD\UserTable::NAME_PG. + ' SET "password_sha" = $1 WHERE '.\SYSTEM\DBD\UserTable::FIELD_ID.' = $2;', + array($password_sha_new, $userID) ); + }else{ + return 'MySQL Query not implemented!'; + } + + + return 1; + } + + public static function login(\SYSTEM\DB\DBInfo $dbinfo, $username, $password_sha, $password_md5, $locale=NULL, $advancedResult=false){ self::startSession();