/** * Changing authentication method? * Only appropriate for people using OpenID. * * @param bool $saving = false */ public function action_authentication($saving = false) { global $context, $cur_profile, $post_errors, $modSettings; $memID = currentMemberID(); loadLanguage('Login'); loadTemplate('ProfileOptions'); // We are saving? if ($saving) { // Moving to password passed authentication? if ($_POST['authenticate'] == 'passwd') { // Didn't enter anything? if ($_POST['passwrd1'] == '') { $post_errors[] = 'no_password'; } elseif (!isset($_POST['passwrd2']) || $_POST['passwrd1'] != $_POST['passwrd2']) { $post_errors[] = 'bad_new_password'; } else { require_once SUBSDIR . '/Auth.subs.php'; $passwordErrors = validatePassword($_POST['passwrd1'], $cur_profile['member_name'], array($cur_profile['real_name'], $cur_profile['email_address'])); // Were there errors? if ($passwordErrors != null) { $post_errors[] = 'password_' . $passwordErrors; } } if (empty($post_errors)) { // Integration? call_integration_hook('integrate_reset_pass', array($cur_profile['member_name'], $cur_profile['member_name'], $_POST['passwrd1'])); // Go then. require_once SUBSDIR . '/Auth.subs.php'; $new_pass = $_POST['passwrd1']; $passwd = validateLoginPassword($new_pass, '', $cur_profile['member_name'], true); // Do the important bits. updateMemberData($memID, array('openid_uri' => '', 'passwd' => $passwd)); if ($context['user']['is_owner']) { setLoginCookie(60 * $modSettings['cookieTime'], $memID, hash('sha256', $new_pass . $cur_profile['password_salt'])); redirectexit('action=profile;area=authentication;updated'); } else { redirectexit('action=profile;u=' . $memID); } } return true; } elseif ($_POST['authenticate'] == 'openid' && !empty($_POST['openid_identifier'])) { require_once SUBSDIR . '/OpenID.subs.php'; require_once SUBSDIR . '/Members.subs.php'; $openID = new OpenID(); $_POST['openid_identifier'] = $openID->canonize($_POST['openid_identifier']); if (memberExists($_POST['openid_identifier'])) { $post_errors[] = 'openid_in_use'; } elseif (empty($post_errors)) { // Authenticate using the new OpenID URI first to make sure they didn't make a mistake. if ($context['user']['is_owner']) { $_SESSION['new_openid_uri'] = $_POST['openid_identifier']; $openID->validate($_POST['openid_identifier'], false, null, 'change_uri'); } else { updateMemberData($memID, array('openid_uri' => $_POST['openid_identifier'])); } } } } // Some stuff. $context['member']['openid_uri'] = $cur_profile['openid_uri']; $context['auth_method'] = empty($cur_profile['openid_uri']) ? 'password' : 'openid'; $context['sub_template'] = 'authentication_method'; loadJavascriptFile('register.js'); }