function withPassword($hashed_password)
{
$password_handler = PasswordHandlerFactory::getPasswordHandler();
$this->params['password'] = $password_handler->computeHashPassword($hashed_password);
$this->params['user_pw'] = md5($hashed_password);
return $this;
}
function register_valid($user_id, CSRFSynchronizerToken $csrf, EventManager $event_manager)
{
$request = HTTPRequest::instance();
if (!$request->isPost() || !$request->exist('Update')) {
return 0;
}
$csrf->check();
// check against old pw
$user_manager = UserManager::instance();
$user = $user_manager->getUserById($user_id);
if ($user === null) {
$GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('account_change_pw', 'user_not_found'));
return 0;
}
$password_expiration_checker = new User_PasswordExpirationChecker();
$password_handler = PasswordHandlerFactory::getPasswordHandler();
$login_manager = new User_LoginManager($event_manager, $user_manager, $password_expiration_checker, $password_handler);
if (!$login_manager->verifyPassword($user, $request->get('form_oldpw'))) {
$GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('account_change_pw', 'incorrect_old_password'));
return 0;
}
try {
$status_manager = new User_UserStatusManager();
$status_manager->checkStatus($user);
} catch (User_StatusInvalidException $exception) {
$GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('account_change_pw', 'account_inactive'));
return 0;
}
if (!$request->exist('form_pw')) {
$GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('account_change_pw', 'password_needed'));
return 0;
}
if ($request->get('form_pw') != $request->get('form_pw2')) {
$GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('account_change_pw', 'password_not_match'));
return 0;
}
if ($request->get('form_pw') === $request->get('form_oldpw')) {
$GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('account_change_pw', 'identical_password'));
return 0;
}
if (!account_pwvalid($request->get('form_pw'), $errors)) {
foreach ($errors as $e) {
$GLOBALS['Response']->addFeedback('error', $e);
}
return 0;
}
// if we got this far, it must be good
$user->setPassword($request->get('form_pw'));
if (!$user_manager->updateDb($user)) {
$GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('account_change_pw', 'internal_error_update'));
return 0;
}
return 1;
}
/**
* Update db entry of 'user' table with values in object
* @param PFUser $user
*/
public function updateDb(PFUser $user)
{
if (!$user->isAnonymous()) {
$old_user = $this->getUserByIdWithoutCache($user->getId());
$userRow = $user->toRow();
if ($user->getPassword() != '') {
$password_handler = PasswordHandlerFactory::getPasswordHandler();
if (!$password_handler->verifyHashPassword($user->getPassword(), $user->getUserPw()) || $password_handler->isPasswordNeedRehash($user->getUserPw())) {
// Update password
$userRow['clear_password'] = $user->getPassword();
}
}
if ($user->getLegacyUserPw() !== '' && !ForgeConfig::get('sys_keep_md5_hashed_password')) {
$userRow['user_pw'] = '';
}
$result = $this->getDao()->updateByRow($userRow);
if ($result) {
if ($user->isSuspended() || $user->isDeleted()) {
$this->getDao()->deleteAllUserSessions($user->getId());
}
$this->_getEventManager()->processEvent(Event::USER_MANAGER_UPDATE_DB, array('old_user' => $old_user, 'new_user' => &$user));
}
return $result;
}
return false;
}
public function __construct($da = null)
{
parent::__construct($da);
$this->password_handler = PasswordHandlerFactory::getPasswordHandler();
}
private function routeGitSmartHTTP(Git_URL $url)
{
if (!$url->isSmartHTTP()) {
return;
}
$repository = $url->getRepository();
if (!$repository) {
return;
}
$logger = new WrapperLogger($this->logger, 'http');
$logger->debug('REQUEST_URI ' . $_SERVER['REQUEST_URI']);
$command_factory = new Git_HTTP_CommandFactory($this->factory, new User_LoginManager(EventManager::instance(), UserManager::instance(), new User_PasswordExpirationChecker(), PasswordHandlerFactory::getPasswordHandler()), PermissionsManager::instance(), new URLVerification(), $logger);
$http_wrapper = new Git_HTTP_Wrapper($logger);
$http_wrapper->stream($command_factory->getCommandForRepository($repository, $url));
exit;
}
function testUpdateNoPasswordChange() {
$password_handler = PasswordHandlerFactory::getPasswordHandler();
$user = mock('PFUser');
$user->setReturnValue('isAnonymous', false);
$user->setReturnValue('toRow', array());
$user->setReturnValue('getPassword', self::PASSWORD);
$user->setReturnValue('getUserPw', $password_handler->computeHashPassword(self::PASSWORD));
$dao = new MockUserDao($this);
$dao->expect('updateByRow', array(array('user_pw' => '')));
$um = new UserManagerTestVersion($this);
$um->setReturnReference('getDao', $dao);
$um->updateDb($user);
}
}
$user_helper_preferences = array(array('preference_name' => UserHelper::PREFERENCES_NAME_AND_LOGIN, 'preference_label' => $Language->getText('account_options', 'tuleap_name_and_login'), 'is_selected' => (int) user_get_preference("username_display") === UserHelper::PREFERENCES_NAME_AND_LOGIN), array('preference_name' => UserHelper::PREFERENCES_LOGIN_AND_NAME, 'preference_label' => $Language->getText('account_options', 'tuleap_login_and_name'), 'is_selected' => (int) user_get_preference("username_display") === UserHelper::PREFERENCES_LOGIN_AND_NAME), array('preference_name' => UserHelper::PREFERENCES_LOGIN, 'preference_label' => $Language->getText('account_options', 'tuleap_login'), 'is_selected' => (int) user_get_preference("username_display") === UserHelper::PREFERENCES_LOGIN), array('preference_name' => UserHelper::PREFERENCES_REAL_NAME, 'preference_label' => $Language->getText('account_options', 'real_name'), 'is_selected' => (int) user_get_preference("username_display") === UserHelper::PREFERENCES_REAL_NAME));
$plugins_prefs = array();
$em->processEvent('user_preferences_appearance', array('preferences' => &$plugins_prefs));
$all_csv_separator = array();
foreach (PFUser::$csv_separators as $separator) {
$all_csv_separator[] = array('separator_name' => $separator, 'separator_label' => $Language->getText('account_options', $separator), 'is_selected' => $separator === user_get_preference("user_csv_separator"));
}
$all_csv_dateformat = array();
foreach (PFUser::$csv_dateformats as $dateformat) {
$all_csv_dateformat[] = array('dateformat_name' => $dateformat, 'dateformat_label' => $Language->getText('account_preferences', $dateformat), 'is_selected' => $dateformat === user_get_preference("user_csv_dateformat"));
}
$user_access_info = $um->getUserAccessInfo($user);
if (!$user_access_info) {
$user_access_info = array('last_auth_success' => false, 'last_auth_failure' => false, 'nb_auth_failure' => false, 'prev_auth_success' => false);
}
$svn_token_handler = new SVN_TokenHandler(new SVN_TokenDao(), new RandomNumberGenerator(), PasswordHandlerFactory::getPasswordHandler());
$svn_token_presenters = array();
foreach ($svn_token_handler->getSVNTokensForUser($user) as $user_svn_token) {
$svn_token_presenters[] = new SVN_TokenPresenter($user_svn_token);
}
$last_svn_token = '';
if (isset($_SESSION['last_svn_token'])) {
$last_svn_token = $_SESSION['last_svn_token'];
unset($_SESSION['last_svn_token']);
}
$presenter = new User_PreferencesPresenter($user, $can_change_realname, $can_change_email, $can_change_password, $extra_user_info, $user_access_info, $ssh_keys_extra_html, $svn_token_presenters, $third_paty_html, $csrf->fetchHTMLInput(), $tracker_formats, $all_themes, $languages_html, $user_helper_preferences, $plugins_prefs, $all_csv_separator, $all_csv_dateformat, $last_svn_token);
$HTML->header(array('title' => $Language->getText('account_options', 'title'), 'body_class' => array('account-maintenance')));
$renderer = TemplateRendererFactory::build()->getRenderer(dirname(__FILE__) . '/../../templates/user');
$renderer->renderToPage('account-maintenance', $presenter);
$HTML->footer(array());
$first_artifact_id = $argv[3];
$last_artifact_id = $argv[4];
$password = null;
if (!isset($password)) {
echo "Password for {$user_name}: ";
if (PHP_OS != 'WINNT') {
shell_exec('stty -echo');
$password = fgets(STDIN);
shell_exec('stty echo');
} else {
$password = fgets(STDIN);
}
$password = substr($password, 0, strlen($password) - 1);
echo PHP_EOL;
}
$login_manager = new User_LoginManager(EventManager::instance(), UserManager::instance(), new User_PasswordExpirationChecker(), PasswordHandlerFactory::getPasswordHandler());
try {
$tuleap_user = $login_manager->authenticate($user_name, $password);
} catch (Exception $exception) {
fwrite(STDERR, 'Login or password invalid. Exit' . PHP_EOL);
exit(1);
}
$tracker = TrackerFactory::instance()->getTrackerById($tracker_id);
if (!$tracker) {
fwrite(STDERR, 'Tracker id does not exist' . PHP_EOL);
exit(1);
}
if (!$tracker->userIsAdmin($tuleap_user)) {
fwrite(STDERR, $user_name . ' is not administrator of Tracker #' . $tracker_id . '. Exit.' . PHP_EOL);
exit(1);
}
* along with Tuleap. If not, see <http://www.gnu.org/licenses/>.
*/
$password_hasher_short_options = 'p:u';
$password_hasher_long_options = array('password:'******'unix');
$options = getopt($password_hasher_short_options, $password_hasher_long_options);
$password = false;
$is_unix = false;
foreach ($options as $option => $value) {
switch ($option) {
case 'p':
case 'password':
$password = $value;
break;
case 'u':
case 'unix':
$is_unix = true;
break;
}
}
if ($password === false) {
echo "Usage: password_hasher.php --password='******'\n\n Options:\n\n -u, --unix Generate a UNIX compatible password\n";
exit(1);
}
require_once '/usr/share/codendi/src/common/autoload.php';
$password_handler = PasswordHandlerFactory::getPasswordHandler();
if ($is_unix) {
$hashed_password = $password_handler->computeUnixPassword($password);
} else {
$hashed_password = $password_handler->computeHashPassword($password);
}
echo $hashed_password;
