function for changing user password

2013-07-11 19:43:44 +02:00 · 2013-07-11 19:43:44 +02:00 · 71d1bb1b53
commit 71d1bb1b53
parent 03a4c784f4
1 changed files with 36 additions and 0 deletions
--- a/security/Security.php
+++ b/security/Security.php
@ -44,6 +44,42 @@ class Security {
    }
    
    
+    public static function changePassword(\SYSTEM\DB\DBInfo $dbinfo, $username, $password_sha_old, $password_sha_new){
+        
+        $con = new \SYSTEM\DB\Connection($dbinfo);
+        if(\SYSTEM\system::isSystemDbInfoPG()){
+                $result = $con->prepare('',
+                                        'SELECT id FROM '.\SYSTEM\DBD\UserTable::NAME_PG.
+                                        ' WHERE lower('.\SYSTEM\DBD\UserTable::FIELD_USERNAME.') LIKE lower($1)'.
+                                        ' AND '.\SYSTEM\DBD\UserTable::FIELD_PASSWORD_SHA.' = $2;',
+                                        array($username, $password_sha_old) );     
+                
+        }else{
+            return 'MySQL Query not implemented!';
+        }
+        
+        
+        $row = $result->next();
+        if(!$row){
+            return 0; // old password wrong
+        }
+        
+        $userID = $row['id'];
+        if(\SYSTEM\system::isSystemDbInfoPG()){
+                $result = $con->prepare('', 
+                                    'UPDATE '.\SYSTEM\DBD\UserTable::NAME_PG.
+                                    ' SET "password_sha" = $1 WHERE '.\SYSTEM\DBD\UserTable::FIELD_ID.' = $2;',
+                                     array($password_sha_new, $userID) );           
+        }else{
+            return 'MySQL Query not implemented!';
+        }
+        
+        
+        return 1;
+    }
+    
+    
+     
    public static function login(\SYSTEM\DB\DBInfo $dbinfo, $username, $password_sha, $password_md5, $locale=NULL, $advancedResult=false){
        self::startSession();