* @category Main * @package Galette * * @author Stéphane Salès <*****@*****.**> * @author Johan Cwiklinski <*****@*****.**> * @copyright 2005-2014 The Galette Team * @license http://www.gnu.org/licenses/gpl-3.0.html GPL License 3.0 or (at your option) any later version * @version SVN: $Id$ * @link http://galette.tuxfamily.org * @since Available since 0.62 */ require_once 'includes/galette.inc.php'; // initialize warnings $hash = ''; $password_updated = false; $password = new Galette\Core\Password(); // get hash id, $_GET if passed by url, $_POST if passed by this form if (isset($_GET['hash']) && !empty($_GET['hash'])) { $hash = $_GET['hash']; } else { if (isset($_POST['hash']) && !empty($_POST['hash'])) { $hash = $_POST['hash']; } } if (isset($hash) && !empty($hash)) { if ($id_adh = $password->isHashValid($hash)) { // Validation if (isset($_POST['valid']) && $_POST['valid'] == '1') { if ($_POST['mdp_adh'] == '') { $error_detected[] = _T("No password"); } else {
/** * Login and password field cannot be empty. * * If those ones are not required, or if a file has been imported * (from a CSV file for example), we fill here random values. * * @return boolean */ public function emptyLogins() { global $zdb; try { $zdb->connection->beginTransaction(); $select = $zdb->select(Adherent::TABLE); $select->columns(array('id_adh', 'login_adh', 'mdp_adh'))->where(array('login_adh' => new Expression('NULL'), 'login_adh' => '', 'mdp_adh' => new Expression('NULL'), 'mdp_adh' => ''), PredicateSet::OP_OR); $results = $zdb->execute($select); $processed = 0; if ($results->count() > 0) { $update = $zdb->update(Adherent::TABLE); $update->set(array('login_adh' => ':login', 'mdp_adh' => ':pass'))->where->equalTo(Adherent::PK, ':id'); $stmt = $zdb->sql->prepareStatementForSqlObject($update); $p = new \Galette\Core\Password(); foreach ($results as $m) { $dirty = false; if ($m->login_adh == '' || !isset($m->login_adh) || $m->login_adh == 'NULL') { $m->login_adh = $p->makeRandomPassword(15); $dirty = true; } if ($m->mdp_adh == '' || !isset($m->mdp_adh) || $m->mdp_adh == 'NULL') { $randomp = $p->makeRandomPassword(15); $m->mdp_adh = password_hash($randomp, PASSWORD_BCRYPT); $dirty = true; } if ($dirty === true) { /** Why where parameter is named where1 ?? */ $stmt->execute(array('login_adh' => $m->login_adh, 'mdp_adh' => $m->mdp_adh, 'where1' => $m->id_adh)); $processed++; } } } $zdb->connection->commit(); $this->_count = $processed; return true; } catch (\Exception $e) { $zdb->connection->rollBack(); Analog::log('An error occured trying to retrieve members with ' . 'empty logins/passwords (' . $e->getMessage(), Analog::ERROR); return false; } }