/**
* Changing authentication method?
* Only appropriate for people using OpenID.
*
* @param bool $saving = false
*/
public function action_authentication($saving = false)
{
global $context, $cur_profile, $post_errors, $modSettings;
$memID = currentMemberID();
loadLanguage('Login');
loadTemplate('ProfileOptions');
// We are saving?
if ($saving) {
// Moving to password passed authentication?
if ($_POST['authenticate'] == 'passwd') {
// Didn't enter anything?
if ($_POST['passwrd1'] == '') {
$post_errors[] = 'no_password';
} elseif (!isset($_POST['passwrd2']) || $_POST['passwrd1'] != $_POST['passwrd2']) {
$post_errors[] = 'bad_new_password';
} else {
require_once SUBSDIR . '/Auth.subs.php';
$passwordErrors = validatePassword($_POST['passwrd1'], $cur_profile['member_name'], array($cur_profile['real_name'], $cur_profile['email_address']));
// Were there errors?
if ($passwordErrors != null) {
$post_errors[] = 'password_' . $passwordErrors;
}
}
if (empty($post_errors)) {
// Integration?
call_integration_hook('integrate_reset_pass', array($cur_profile['member_name'], $cur_profile['member_name'], $_POST['passwrd1']));
// Go then.
require_once SUBSDIR . '/Auth.subs.php';
$new_pass = $_POST['passwrd1'];
$passwd = validateLoginPassword($new_pass, '', $cur_profile['member_name'], true);
// Do the important bits.
updateMemberData($memID, array('openid_uri' => '', 'passwd' => $passwd));
if ($context['user']['is_owner']) {
setLoginCookie(60 * $modSettings['cookieTime'], $memID, hash('sha256', $new_pass . $cur_profile['password_salt']));
redirectexit('action=profile;area=authentication;updated');
} else {
redirectexit('action=profile;u=' . $memID);
}
}
return true;
} elseif ($_POST['authenticate'] == 'openid' && !empty($_POST['openid_identifier'])) {
require_once SUBSDIR . '/OpenID.subs.php';
require_once SUBSDIR . '/Members.subs.php';
$openID = new OpenID();
$_POST['openid_identifier'] = $openID->canonize($_POST['openid_identifier']);
if (memberExists($_POST['openid_identifier'])) {
$post_errors[] = 'openid_in_use';
} elseif (empty($post_errors)) {
// Authenticate using the new OpenID URI first to make sure they didn't make a mistake.
if ($context['user']['is_owner']) {
$_SESSION['new_openid_uri'] = $_POST['openid_identifier'];
$openID->validate($_POST['openid_identifier'], false, null, 'change_uri');
} else {
updateMemberData($memID, array('openid_uri' => $_POST['openid_identifier']));
}
}
}
}
// Some stuff.
$context['member']['openid_uri'] = $cur_profile['openid_uri'];
$context['auth_method'] = empty($cur_profile['openid_uri']) ? 'password' : 'openid';
$context['sub_template'] = 'authentication_method';
loadJavascriptFile('register.js');
}
