Beispiel #1
0
 /**
  * @param string $pass
  * @param string $salt
  * @param string $encPass
  * @return boolean
  * 
  * This method compares user entered value with the value stored in DB. It encrypts the user input before comparison
  */
 public static function comparePasswords($pass = null, $salt = null, $encPass = null)
 {
     if (null == $pass || null == $salt || null == $encPass) {
         return false;
     }
     if (SecurityUtils::encryptPassword($pass, $salt) === $encPass) {
         //if($pass === $encPass){
         return true;
     }
     return false;
 }
 public function exists($attribute, $params)
 {
     if ($this->id) {
         $user = UserCredentials::model()->findByPk($this->id);
         if ($user) {
             $password = SecurityUtils::encryptPassword($this->currentPassword, $user->salt);
             $criteria = new CDbCriteria();
             $criteria->condition = 'password=:password';
             $criteria->params = array(':password' => $password);
             if (!UserCredentials::model()->find($criteria)) {
                 $this->addError('currentPassword', 'Please enter your current password !');
             }
         } else {
             $this->addError('currentPassword', 'Sorry, could not process your password modification request at this time !');
         }
     } else {
         $this->addError('currentPassword', 'Sorry, could not process your password modification request at this time !');
     }
 }
Beispiel #3
0
 public function actionForgotPassword()
 {
     if (!Yii::app()->user->isGuest) {
         $this->redirect('/home');
     }
     $model = new ForgotPasswordForm();
     if (isset($_POST) && isset($_POST['ForgotPasswordForm'])) {
         $model->attributes = $_POST['ForgotPasswordForm'];
         if ($model->validate()) {
             // Generate Password here and redirect
             $tempPass = SecurityUtils::generateRandomString(8);
             $user = UserCredentials::model()->find('email_id=:email', array(':email' => $model->email));
             if ($user) {
                 $user->salt = SecurityUtils::generateSalt($user->email_id);
                 $user->password = SecurityUtils::encryptPassword($tempPass, $user->salt);
                 if ($user->save()) {
                     $data['temp_password'] = $tempPass;
                     $data['user'] = $user->id;
                     EmailApi::sendEmail($model->email, "ACCOUNT.RESET.PASSWORD", $data);
                     Yii::app()->user->setFlash('success', "We have sent you a new password to your email.\n\t\t\t\t\t\t<br/> Please add " . Yii::app()->params['adminEmail'] . " to your whitelist.");
                     $this->redirect('/home');
                 }
             }
         }
     }
     $this->render('forgotPassword', array('model' => $model));
 }
Beispiel #4
0
 public static function createUser($credential, $profile, $role = "Member")
 {
     $password = $credential->password;
     $credential->salt = SecurityUtils::generateSalt($credential->email_id);
     $credential->activation_code = SecurityUtils::generateRandomString(10);
     $credential->registered_ip = SecurityUtils::getRealIp();
     $credential->password = SecurityUtils::encryptPassword($credential->password, $credential->salt);
     $credential->password_confirm = $credential->password;
     if ($credential->save()) {
         $profile->user_id = $credential->id;
         if ($profile->save()) {
             $assignment = new Assignments();
             $assignment->itemname = $role;
             $assignment->userid = $credential->id;
             $assignment->data = 's:0:"";';
             $assignment->save();
             return array('credential' => $credential, 'profile' => $profile);
         } else {
             $credential->delete();
             $credential->setIsNewRecord(true);
             return false;
         }
     } else {
         $credential->password = $password;
         $credential->password_confirm = $password;
         return false;
     }
 }