function handleEditPassword($p)
{
$error = ErrorHandler::getInstance();
$session = SessionHandler::getInstance();
$u = User::getExact($session->type, $session->id, $session->username, $p['curr_pwd']);
if (!$u) {
$error->add('Current password is not correct');
return false;
}
if ($p['new_pwd'] != $p['new_pwd2']) {
$error->add('passwords dont match');
return false;
}
if (!$p['new_pwd']) {
$error->add('no password entered');
return false;
}
UserHandler::setPassword($session->id, $p['new_pwd']);
js_redirect('u/edit');
}
/**
* Handles logins
*
* @param $username
* @param $pwd
* @return true on success
*/
function login($username, $pwd, $type = SESSION_REGULAR)
{
$error = ErrorHandler::getInstance();
if (!$this->allow_logins) {
$error->add('Logins currently not allowed.');
return false;
}
$username = trim($username);
$pwd = trim($pwd);
switch ($type) {
case SESSION_REGULAR:
$user = User::getByName($username);
break;
case SESSION_FACEBOOK:
$user = new FacebookUser($username);
break;
default:
throw new \Exception('hmm ' . $type);
}
if (!$user || !$user->id) {
$error->add('Login failed - user not found1');
return false;
}
$x = User::getExact($type, $user->id, $username, $pwd);
if (!$x) {
dp('Failed login attempt: username ' . $username);
$error->add('Login failed - user not found2');
return false;
}
$this->id = $user->id;
$this->ip = client_ip();
$this->username = $username;
$this->type = $type;
$this->usermode = UserGroupHandler::getUserLevel($user->id);
if ($this->usermode >= USERLEVEL_WEBMASTER) {
$this->isWebmaster = true;
}
if ($this->usermode >= USERLEVEL_ADMIN) {
$this->isAdmin = true;
}
if ($this->usermode >= USERLEVEL_SUPERADMIN) {
$this->isSuperAdmin = true;
}
$q = 'UPDATE tblUsers SET time_last_login = NOW(), time_last_active = NOW(), last_ip = ?' . ' WHERE id = ?';
Sql::pUpdate($q, 'si', client_ip(), $this->id);
LoginEntry::add($this->id, client_ip(), $_SERVER['HTTP_USER_AGENT']);
$_SESSION['id'] = $this->id;
$_SESSION['username'] = $this->username;
$_SESSION['usermode'] = $this->usermode;
$_SESSION['isWebmaster'] = $this->isWebmaster;
$_SESSION['isAdmin'] = $this->isAdmin;
$_SESSION['isSuperAdmin'] = $this->isSuperAdmin;
$_SESSION['referer'] = $this->referer;
$_SESSION['ip'] = $this->ip;
$_SESSION['type'] = $this->type;
$_SESSION['last_active'] = time();
session_write_close();
dp($this->username . ' logged in from ' . $this->ip);
$error->reset();
// remove previous errors
return true;
}
