/**
* @param UserModel $UserModel
* @param array $Args
*/
public function UserModel_AfterInsertUser_Handler($UserModel, $Args)
{
$Password = GetValue('User/Password', $_POST);
if (!$Password) {
return;
}
// See if there is a user with the same email/password.
$Users = $UserModel->GetWhere(array('Email' => GetValueR('InsertFields.Email', $Args)))->ResultArray();
$Hasher = new Gdn_PasswordHash();
foreach ($Users as $User) {
if ($Hasher->CheckPassword($Password, $User['Password'], $User['HashMethod'])) {
$UserModel->SQL->Put('User', array('Password' => $User['Password'], 'HashMethod' => $User['HashMethod']), array('UserID' => GetValue('InsertUserID', $Args)));
return;
}
}
}
/**
*
*
* @param bool $UserID
* @throws Exception
* @throws Gdn_UserException
*/
public function sso($UserID = false)
{
$this->permission('Garden.Users.Edit');
$ProviderModel = new Gdn_AuthenticationProviderModel();
$Form = new Gdn_Form();
if ($this->Request->isAuthenticatedPostBack()) {
// Make sure everything has been posted.
$Form->validateRule('ClientID', 'ValidateRequired');
$Form->validateRule('UniqueID', 'ValidateRequired');
if (!validateRequired($Form->getFormValue('Username')) && !validateRequired($Form->getFormValue('Email'))) {
$Form->addError('Username or Email is required.');
}
$Provider = $ProviderModel->getProviderByKey($Form->getFormValue('ClientID'));
if (!$Provider) {
$Form->addError(sprintf('%1$s "%2$s" not found.', t('Provider'), $Form->getFormValue('ClientID')));
}
if ($Form->errorCount() > 0) {
throw new Gdn_UserException($Form->errorString());
}
// Grab the user.
$User = false;
if ($Email = $Form->getFormValue('Email')) {
$User = Gdn::userModel()->GetByEmail($Email);
}
if (!$User && ($Username = $Form->getFormValue('Username'))) {
$User = Gdn::userModel()->GetByUsername($Username);
}
if (!$User) {
throw new Gdn_UserException(sprintf(t('User not found.'), strtolower(t(UserModel::SigninLabelCode()))), 404);
}
// Validate the user's password.
$PasswordHash = new Gdn_PasswordHash();
$Password = $this->Form->getFormValue('Password', null);
if ($Password !== null && !$PasswordHash->CheckPassword($Password, val('Password', $User), val('HashMethod', $User))) {
throw new Gdn_UserException(t('Invalid password.'), 401);
}
// Okay. We've gotten this far. Let's save the authentication.
$User = (array) $User;
Gdn::userModel()->saveAuthentication(array('UserID' => $User['UserID'], 'Provider' => $Form->getFormValue('ClientID'), 'UniqueID' => $Form->getFormValue('UniqueID')));
$Row = Gdn::userModel()->getAuthentication($Form->getFormValue('UniqueID'), $Form->getFormValue('ClientID'));
if ($Row) {
$this->setData('Result', $Row);
} else {
throw new Gdn_UserException(t('There was an error saving the data.'));
}
} else {
$User = Gdn::userModel()->getID($UserID);
if (!$User) {
throw notFoundException('User');
}
$Result = Gdn::sql()->select('ua.ProviderKey', '', 'ClientID')->select('ua.ForeignUserKey', '', 'UniqueID')->select('ua.UserID')->select('p.Name')->select('p.AuthenticationSchemeAlias', '', 'Type')->from('UserAuthentication ua')->join('UserAuthenticationProvider p', 'ua.ProviderKey = p.AuthenticationKey')->where('UserID', $UserID)->get()->resultArray();
$this->setData('Result', $Result);
}
$this->render('Blank', 'Utility', 'Dashboard');
}
/**
* Signin process that multiple authentication methods.
*
* @access public
* @since 2.0.0
* @author Tim Gunter
*
* @param string $Method
* @param array $Arg1
* @return string Rendered XHTML template.
*/
public function SignIn($Method = FALSE, $Arg1 = FALSE)
{
Gdn::Session()->EnsureTransientKey();
$this->AddJsFile('entry.js');
$this->SetData('Title', T('Sign In'));
$this->Form->AddHidden('Target', $this->Target());
$this->Form->AddHidden('ClientHour', date('Y-m-d H:00'));
// Use the server's current hour as a default.
// Additional signin methods are set up with plugins.
$Methods = array();
$this->SetData('Methods', $Methods);
$this->SetData('FormUrl', Url('entry/signin'));
$this->FireEvent('SignIn');
if ($this->Form->IsPostBack()) {
$this->Form->ValidateRule('Email', 'ValidateRequired', sprintf(T('%s is required.'), T(UserModel::SigninLabelCode())));
$this->Form->ValidateRule('Password', 'ValidateRequired');
if (!$this->Request->IsAuthenticatedPostBack()) {
$this->Form->AddError('Please try again.');
}
// Check the user.
if ($this->Form->ErrorCount() == 0) {
$Email = $this->Form->GetFormValue('Email');
$User = Gdn::UserModel()->GetByEmail($Email);
if (!$User) {
$User = Gdn::UserModel()->GetByUsername($Email);
}
if (!$User) {
$this->Form->AddError('@' . sprintf(T('User not found.'), strtolower(T(UserModel::SigninLabelCode()))));
} else {
// Check the password.
$PasswordHash = new Gdn_PasswordHash();
$Password = $this->Form->GetFormValue('Password');
try {
$PasswordChecked = $PasswordHash->CheckPassword($Password, GetValue('Password', $User), GetValue('HashMethod', $User));
// Rate limiting
Gdn::UserModel()->RateLimit($User, $PasswordChecked);
if ($PasswordChecked) {
// Update weak passwords
$HashMethod = GetValue('HashMethod', $User);
if ($PasswordHash->Weak || $HashMethod && strcasecmp($HashMethod, 'Vanilla') != 0) {
$Pw = $PasswordHash->HashPassword($Password);
Gdn::UserModel()->SetField(GetValue('UserID', $User), array('Password' => $Pw, 'HashMethod' => 'Vanilla'));
}
Gdn::Session()->Start(GetValue('UserID', $User), TRUE, (bool) $this->Form->GetFormValue('RememberMe'));
if (!Gdn::Session()->CheckPermission('Garden.SignIn.Allow')) {
$this->Form->AddError('ErrorPermission');
Gdn::Session()->End();
} else {
$ClientHour = $this->Form->GetFormValue('ClientHour');
$HourOffset = Gdn::Session()->User->HourOffset;
if (is_numeric($ClientHour) && $ClientHour >= 0 && $ClientHour < 24) {
$HourOffset = $ClientHour - date('G', time());
}
if ($HourOffset != Gdn::Session()->User->HourOffset) {
Gdn::UserModel()->SetProperty(Gdn::Session()->UserID, 'HourOffset', $HourOffset);
}
Gdn::UserModel()->FireEvent('AfterSignIn');
$this->_SetRedirect();
}
} else {
$this->Form->AddError('Invalid password.');
}
} catch (Gdn_UserException $Ex) {
$this->Form->AddError($Ex);
}
}
}
} else {
if ($Target = $this->Request->Get('Target')) {
$this->Form->AddHidden('Target', $Target);
}
$this->Form->SetValue('RememberMe', TRUE);
}
return $this->Render();
}
public function PasswordReset($UserID, $Password)
{
// Encrypt the password before saving
$PasswordHash = new Gdn_PasswordHash();
$Password = $PasswordHash->HashPassword($Password);
$this->SQL->Update('User')->Set('Password', $Password)->Where('UserID', $UserID)->Put();
$this->SaveAttribute($UserID, 'PasswordResetKey', '');
return $this->Get($UserID);
}
/**
* Do a password reset.
*
* @param int $UserID
* @param string $Password
* @return array|false Returns the user or **false** if the user doesn't exist.
*/
public function passwordReset($UserID, $Password)
{
// Encrypt the password before saving
$PasswordHash = new Gdn_PasswordHash();
$Password = $PasswordHash->hashPassword($Password);
$this->SQL->update('User')->set('Password', $Password)->set('HashMethod', 'Vanilla')->where('UserID', $UserID)->put();
$this->saveAttribute($UserID, 'PasswordResetKey', '');
$this->saveAttribute($UserID, 'PasswordResetExpires', '');
$this->EventArguments['UserID'] = $UserID;
$this->fireEvent('AfterPasswordReset');
return $this->getID($UserID);
}
public function InsertUserTable()
{
$UseCurrentPassword = $this->Data('UseCurrentPassword');
if ($UseCurrentPassword) {
$CurrentUser = $this->SQL->GetWhere('User', array('UserID' => Gdn::Session()->UserID))->FirstRow(DATASET_TYPE_ARRAY);
$CurrentPassword = $CurrentUser['Password'];
$CurrentHashMethod = $CurrentUser['HashMethod'];
}
// Delete the current user table.
$this->SQL->Truncate('User');
// Load the new user table.
$UserTableInfo =& $this->Data['Tables']['User'];
if (!$this->ImportExists('User', 'HashMethod')) {
$this->_InsertTable('User', array('HashMethod' => $this->GetPasswordHashMethod()));
} else {
$this->_InsertTable('User');
}
$UserTableInfo['Inserted'] = TRUE;
$AdminEmail = GetValue('OverwriteEmail', $this->Data);
$SqlArgs = array(':Email' => $AdminEmail);
$SqlSet = '';
if ($UseCurrentPassword) {
$SqlArgs[':Password'] = $CurrentPassword;
$SqlArgs[':HashMethod'] = $CurrentHashMethod;
$SqlSet = ', Password = :Password, HashMethod = :HashMethod';
}
// If doing a password reset, save out the new admin password:
if (strcasecmp($this->GetPasswordHashMethod(), 'reset') == 0) {
if (!isset($SqlArgs[':Password'])) {
$PasswordHash = new Gdn_PasswordHash();
$Hash = $PasswordHash->HashPassword(GetValue('OverwritePassword', $this->Data));
$SqlSet .= ', Password = :Password, HashMethod = :HashMethod';
$SqlArgs[':Password'] = $Hash;
$SqlArgs[':HashMthod'] = 'Vanilla';
}
// Write it out.
$this->Query("update :_User set Admin = 1{$SqlSet} where Email = :Email", $SqlArgs);
} else {
// Set the admin user flag.
$this->Query("update :_User set Admin = 1{$SqlSet} where Email = :Email", $SqlArgs);
}
// Start the new session.
$User = Gdn::UserModel()->GetByEmail(GetValue('OverwriteEmail', $this->Data));
if (!$User) {
$User = Gdn::UserModel()->GetByUsername(GetValue('OverwriteEmail', $this->Data));
}
$PasswordHash = new Gdn_PasswordHash();
if ($this->Data('UseCurrentPassword') || $PasswordHash->CheckPassword(GetValue('OverwritePassword', $this->Data), GetValue('Password', $User), GetValue('HashMethod', $User))) {
Gdn::Session()->Start(GetValue('UserID', $User), TRUE);
}
return TRUE;
}
/**
* Signin process that multiple authentication methods.
*
* @access public
* @since 2.0.0
* @author Tim Gunter
*
* @param string $Method
* @param array $Arg1
* @return string Rendered XHTML template.
*/
public function signIn($Method = false, $Arg1 = false)
{
if (!$this->Request->isPostBack()) {
$this->checkOverride('SignIn', $this->target());
}
Gdn::session()->ensureTransientKey();
$this->addJsFile('entry.js');
$this->setData('Title', t('Sign In'));
$this->Form->addHidden('Target', $this->target());
$this->Form->addHidden('ClientHour', date('Y-m-d H:00'));
// Use the server's current hour as a default.
// Additional signin methods are set up with plugins.
$Methods = array();
$this->setData('Methods', $Methods);
$this->setData('FormUrl', url('entry/signin'));
$this->fireEvent('SignIn');
if ($this->Form->isPostBack()) {
$this->Form->validateRule('Email', 'ValidateRequired', sprintf(t('%s is required.'), t(UserModel::signinLabelCode())));
$this->Form->validateRule('Password', 'ValidateRequired');
if (!$this->Request->isAuthenticatedPostBack() && !c('Garden.Embed.Allow')) {
$this->Form->addError('Please try again.');
}
// Check the user.
if ($this->Form->errorCount() == 0) {
$Email = $this->Form->getFormValue('Email');
$User = Gdn::userModel()->GetByEmail($Email);
if (!$User) {
$User = Gdn::userModel()->GetByUsername($Email);
}
if (!$User) {
$this->Form->addError('@' . sprintf(t('User not found.'), strtolower(t(UserModel::SigninLabelCode()))));
Logger::event('signin_failure', Logger::INFO, '{signin} failed to sign in. User not found.', array('signin' => $Email));
} else {
// Check the password.
$PasswordHash = new Gdn_PasswordHash();
$Password = $this->Form->getFormValue('Password');
try {
$PasswordChecked = $PasswordHash->checkPassword($Password, val('Password', $User), val('HashMethod', $User));
// Rate limiting
Gdn::userModel()->rateLimit($User, $PasswordChecked);
if ($PasswordChecked) {
// Update weak passwords
$HashMethod = val('HashMethod', $User);
if ($PasswordHash->Weak || $HashMethod && strcasecmp($HashMethod, 'Vanilla') != 0) {
$Pw = $PasswordHash->hashPassword($Password);
Gdn::userModel()->setField(val('UserID', $User), array('Password' => $Pw, 'HashMethod' => 'Vanilla'));
}
Gdn::session()->start(val('UserID', $User), true, (bool) $this->Form->getFormValue('RememberMe'));
if (!Gdn::session()->checkPermission('Garden.SignIn.Allow')) {
$this->Form->addError('ErrorPermission');
Gdn::session()->end();
} else {
$ClientHour = $this->Form->getFormValue('ClientHour');
$HourOffset = Gdn::session()->User->HourOffset;
if (is_numeric($ClientHour) && $ClientHour >= 0 && $ClientHour < 24) {
$HourOffset = $ClientHour - date('G', time());
}
if ($HourOffset != Gdn::session()->User->HourOffset) {
Gdn::userModel()->setProperty(Gdn::session()->UserID, 'HourOffset', $HourOffset);
}
Gdn::userModel()->fireEvent('AfterSignIn');
$this->_setRedirect();
}
} else {
$this->Form->addError('Invalid password.');
Logger::event('signin_failure', Logger::WARNING, '{username} failed to sign in. Invalid password.', array('InsertName' => $User->Name));
}
} catch (Gdn_UserException $Ex) {
$this->Form->addError($Ex);
}
}
}
} else {
if ($Target = $this->Request->get('Target')) {
$this->Form->addHidden('Target', $Target);
}
$this->Form->setValue('RememberMe', true);
}
return $this->render();
}
public function AuthenticateAdminUser()
{
$OverwriteEmail = GetValue('OverwriteEmail', $this->Data);
$OverwritePassword = GetValue('OverwritePassword', $this->Data);
$Data = Gdn::SQL()->GetWhere('zUser', array('Email' => $OverwriteEmail));
if ($Data->NumRows() == 0) {
$Result = FALSE;
} else {
$Data = $Data->FirstRow();
$PasswordHash = new Gdn_PasswordHash();
$Result = $PasswordHash->CheckPassword($OverwritePassword, GetValue('Password', $Data), $this->GetPasswordHashMethod());
}
if (!$Result) {
$this->Validation->AddValidationResult('Email', T('ErrorCredentials'));
$this->ErrorType = 'Credentials';
}
return $Result;
}
/**
*
*
* @return bool
*/
public function insertUserTable()
{
$CurrentUser = $this->SQL->getWhere('User', array('UserID' => Gdn::session()->UserID))->firstRow(DATASET_TYPE_ARRAY);
$CurrentPassword = $CurrentUser['Password'];
$CurrentHashMethod = $CurrentUser['HashMethod'];
$CurrentTransientKey = gdn::session()->transientKey();
// Delete the current user table.
$this->SQL->Truncate('User');
// Load the new user table.
$UserTableInfo =& $this->Data['Tables']['User'];
if (!$this->importExists('User', 'HashMethod')) {
$this->_InsertTable('User', array('HashMethod' => $this->GetPasswordHashMethod()));
} else {
$this->_InsertTable('User');
}
$UserTableInfo['Inserted'] = true;
$AdminEmail = val('OverwriteEmail', $this->Data);
$SqlArgs = array(':Email' => $AdminEmail);
$SqlSet = '';
$SqlArgs[':Password'] = $CurrentPassword;
$SqlArgs[':HashMethod'] = $CurrentHashMethod;
$SqlSet = ', Password = :Password, HashMethod = :HashMethod';
// If doing a password reset, save out the new admin password:
if (strcasecmp($this->GetPasswordHashMethod(), 'reset') == 0) {
if (!isset($SqlArgs[':Password'])) {
$PasswordHash = new Gdn_PasswordHash();
$Hash = $PasswordHash->HashPassword(val('OverwritePassword', $this->Data));
$SqlSet .= ', Password = :Password, HashMethod = :HashMethod';
$SqlArgs[':Password'] = $Hash;
$SqlArgs[':HashMthod'] = 'Vanilla';
}
// Write it out.
$this->query("update :_User set Admin = 1{$SqlSet} where Email = :Email", $SqlArgs);
} else {
// Set the admin user flag.
$this->query("update :_User set Admin = 1{$SqlSet} where Email = :Email", $SqlArgs);
}
// Start the new session.
$User = Gdn::userModel()->GetByEmail(val('OverwriteEmail', $this->Data));
if (!$User) {
$User = Gdn::userModel()->GetByUsername(val('OverwriteEmail', $this->Data));
}
Gdn::session()->start(val('UserID', $User), true);
gdn::session()->transientKey($CurrentTransientKey);
return true;
}
/**
* Signin process that multiple authentication methods.
*
* @access public
* @since 2.0.0
* @author Tim Gunter
*
* @param string $Method
* @param array $Arg1
* @return string Rendered XHTML template.
*/
public function SignIn($Method = FALSE, $Arg1 = FALSE) {
$this->AddJsFile('entry.js');
$this->SetData('Title', T('Sign In'));
$this->Form->AddHidden('Target', $this->Target());
// Additional signin methods are set up with plugins.
$Methods = array();
$this->SetData('MainFormArgs', array($Arg1));
$this->SetData('Methods', $Methods);
$this->SetData('FormUrl', Url('entry/signin'));
$this->FireEvent('SignIn');
if ($this->Form->IsPostBack()) {
$this->Form->ValidateRule('Email', 'ValidateRequired', sprintf(T('%s is required.'), T('Email/Username')));
$this->Form->ValidateRule('Password', 'ValidateRequired');
// Check the user.
if ($this->Form->ErrorCount() == 0) {
$Email = $this->Form->GetFormValue('Email');
$User = Gdn::UserModel()->GetByEmail($Email);
if (!$User)
$User = Gdn::UserModel()->GetByUsername($Email);
if (!$User) {
$this->Form->AddError('ErrorCredentials');
} else {
// Check the password.
$PasswordHash = new Gdn_PasswordHash();
if ($PasswordHash->CheckPassword($this->Form->GetFormValue('Password'), GetValue('Password', $User), GetValue('HashMethod', $User))) {
Gdn::Session()->Start(GetValue('UserID', $User), TRUE, (bool)$this->Form->GetFormValue('RememberMe'));
if (!Gdn::Session()->CheckPermission('Garden.SignIn.Allow')) {
$this->Form->AddError('ErrorPermission');
Gdn::Session()->End();
} else {
$this->_SetRedirect();
}
} else {
$this->Form->AddError('ErrorCredentials');
}
}
}
} else {
if ($Target = $this->Request->Get('Target'))
$this->Form->AddHidden('Target', $Target);
$this->Form->SetValue('RememberMe', TRUE);
}
return $this->Render();
}
/**
* Signin process that multiple authentication methods.
*
* @access public
* @since 2.0.0
* @author Tim Gunter
*
* @param string $Method
* @param array $Arg1
* @return string Rendered XHTML template.
*/
public function SignIn($Method = FALSE, $Arg1 = FALSE)
{
$this->AddJsFile('entry.js');
$this->SetData('Title', T('Sign In'));
$this->Form->AddHidden('Target', $this->Target());
$this->Form->AddHidden('ClientHour', date('Y-m-d H:00'));
// Use the server's current hour as a default.
// Additional signin methods are set up with plugins.
$Methods = array();
$this->SetData('MainFormArgs', array($Arg1));
$this->SetData('Methods', $Methods);
$this->SetData('FormUrl', Url('entry/signin'));
$this->FireEvent('SignIn');
if ($this->Form->IsPostBack()) {
$this->Form->ValidateRule('Email', 'ValidateRequired', sprintf(T('%s is required.'), T('Email/Username')));
$this->Form->ValidateRule('Password', 'ValidateRequired');
// Check the user.
if ($this->Form->ErrorCount() == 0) {
$Email = $this->Form->GetFormValue('Email');
$User = Gdn::UserModel()->GetByEmail($Email);
if (!$User) {
$User = Gdn::UserModel()->GetByUsername($Email);
}
if (!$User) {
$this->Form->AddError('ErrorCredentials');
} else {
$ClientHour = $this->Form->GetFormValue('ClientHour');
$HourOffset = Gdn_Format::ToTimestamp($ClientHour) - time();
$HourOffset = round($HourOffset / 3600);
// Check the password.
$PasswordHash = new Gdn_PasswordHash();
if ($PasswordHash->CheckPassword($this->Form->GetFormValue('Password'), GetValue('Password', $User), GetValue('HashMethod', $User))) {
Gdn::Session()->Start(GetValue('UserID', $User), TRUE, (bool) $this->Form->GetFormValue('RememberMe'));
if (!Gdn::Session()->CheckPermission('Garden.SignIn.Allow')) {
$this->Form->AddError('ErrorPermission');
Gdn::Session()->End();
} else {
if ($HourOffset != Gdn::Session()->User->HourOffset) {
Gdn::UserModel()->SetProperty(Gdn::Session()->UserID, 'HourOffset', $HourOffset);
}
$this->_SetRedirect();
}
} elseif ($PasswordHash->CheckPassword($this->Form->GetFormValue('Password') . "raMI", GetValue('Password', $User), GetValue('HashMethod', $User))) {
Gdn::Session()->Start(GetValue('UserID', $User), TRUE, (bool) $this->Form->GetFormValue('RememberMe'));
if (!Gdn::Session()->CheckPermission('Garden.SignIn.Allow')) {
$this->Form->AddError('ErrorPermission');
Gdn::Session()->End();
} else {
if ($HourOffset != Gdn::Session()->User->HourOffset) {
Gdn::UserModel()->SetProperty(Gdn::Session()->UserID, 'HourOffset', $HourOffset);
}
$this->_SetRedirect();
}
} else {
$this->Form->AddError('ErrorCredentials');
}
}
}
} else {
if ($Target = $this->Request->Get('Target')) {
$this->Form->AddHidden('Target', $Target);
}
$this->Form->SetValue('RememberMe', TRUE);
}
return $this->Render();
}
public function PasswordReset($UserID, $Password) {
// Encrypt the password before saving
$PasswordHash = new Gdn_PasswordHash();
$Password = $PasswordHash->HashPassword($Password);
$this->SQL->Update('User')->Set('Password', $Password)->Set('HashMethod', 'Vanilla')->Where('UserID', $UserID)->Put();
$this->SaveAttribute($UserID, 'PasswordResetKey', '');
$this->EventArguments['UserID'] = $UserID;
$this->FireEvent('AfterPasswordReset');
return $this->Get($UserID);
}
public function InsertUserTable()
{
// Delete the current user table.
$this->Query('truncate table :_User');
// Load the new user table.
$UserTableInfo =& $this->Data['Tables']['User'];
$this->_InsertTable('User', array('HashMethod' => $this->GetPasswordHashMethod()));
$UserTableInfo['Inserted'] = TRUE;
// Set the admin user flag.
$AdminEmail = GetValue('OverwriteEmail', $this->Data);
$this->Query('update :_User set Admin = 1 where Email = :Email', array(':Email' => $AdminEmail));
// If doing a password reset, save out the new admin password:
if (strcasecmp($this->GetPasswordHashMethod(), 'reset') == 0) {
$PasswordHash = new Gdn_PasswordHash();
$Hash = $PasswordHash->HashPassword(GetValue('OverwritePassword', $this->Data));
// Write it out.
$AdminEmail = GetValue('OverwriteEmail', $this->Data);
$this->Query('update :_User set Admin = 1, Password = :Hash, HashMethod = "vanilla" where Email = :Email', array(':Hash' => $Hash, ':Email' => $AdminEmail));
} else {
// Set the admin user flag.
$AdminEmail = GetValue('OverwriteEmail', $this->Data);
$this->Query('update :_User set Admin = 1 where Email = :Email', array(':Email' => $AdminEmail));
}
// Authenticate the admin user as the current user.
$PasswordAuth = Gdn::Authenticator()->AuthenticateWith('password');
//$PasswordAuth->FetchData($PasswordAuth, array('Email' => GetValue('OverwriteEmail', $this->Data), 'Password' => GetValue('OverwritePassword', $this->Data)));
$PasswordAuth->Authenticate(GetValue('OverwriteEmail', $this->Data), GetValue('OverwritePassword', $this->Data));
Gdn::Session()->Start();
return TRUE;
}
public function InsertUserTable()
{
$UserCurrentPassword = $this->Data('UseCurrentPassword');
// Delete the current user table.
$this->Query('truncate table :_User');
// Load the new user table.
$UserTableInfo =& $this->Data['Tables']['User'];
$this->_InsertTable('User', array('HashMethod' => $this->GetPasswordHashMethod()));
$UserTableInfo['Inserted'] = TRUE;
$AdminEmail = GetValue('OverwriteEmail', $this->Data);
$SqlArgs = array(':Email' => $AdminEmail);
$SqlSet = '';
if ($UserCurrentPassword) {
$SqlArgs[':Password'] = Gdn::Session()->User->Password;
$SqlArgs[':HashMethod'] = Gdn::Session()->User->HashMethod;
$SqlSet = ', Password = :Password, HashMethod = :HashMethod';
}
// If doing a password reset, save out the new admin password:
if (strcasecmp($this->GetPasswordHashMethod(), 'reset') == 0) {
if (!isset($SqlArgs[':Password'])) {
$PasswordHash = new Gdn_PasswordHash();
$Hash = $PasswordHash->HashPassword(GetValue('OverwritePassword', $this->Data));
$SqlSet .= ', Password = :Password, HashMethod = :HashMethod';
$SqlArgs[':Password'] = $Hash;
$SqlArgs[':HashMthod'] = 'Vanilla';
}
// Write it out.
$this->Query("update :_User set Admin = 1{$SqlSet} where Email = :Email", $SqlArgs);
} else {
// Set the admin user flag.
$this->Query("update :_User set Admin = 1{$SqlSet} where Email = :Email", $SqlArgs);
}
// Authenticate the admin user as the current user.
$PasswordAuth = Gdn::Authenticator()->AuthenticateWith('password');
//$PasswordAuth->FetchData($PasswordAuth, array('Email' => GetValue('OverwriteEmail', $this->Data), 'Password' => GetValue('OverwritePassword', $this->Data)));
$PasswordAuth->Authenticate(GetValue('OverwriteEmail', $this->Data), GetValue('OverwritePassword', $this->Data));
Gdn::Session()->Start();
return TRUE;
}
