/**
* Checks login/pasword against the DB records and changes to the new one
* returns result wrapped within HTML
*
* @param string $login
* @param string $old_password
* @param string $new_password1
* @param string $new_password2
* @return bool true on success, false elsewhere
*/
private function tryChangePassword($login, $old_password, $new_password1, $new_password2, &$result)
{
// check if login correct
if (!preg_match(self::REGEXP_USERNAME, $login)) {
$result = sprintf(self::HTML_MESSAGE_FAIL, 'Неверное имя пользователя или пароль');
return false;
}
// check if current password ok
if (!$this->checkPassword($login, $old_password)) {
$result = sprintf(self::HTML_MESSAGE_FAIL, 'Неверное имя пользователя или пароль');
return false;
}
// check if new passwords are same
if ($new_password1 != $new_password2) {
$result = sprintf(self::HTML_MESSAGE_FAIL, 'Пароли не совпадают');
return false;
}
try {
$DB = new PDOWrapper($this->CONFIG['database']['server_driver'], $this->CONFIG['database']['server_host'], $this->CONFIG['database']['server_login'], $this->CONFIG['database']['server_password'], $this->CONFIG['database']['server_db_name']);
if (isset($this->CONFIG['secret_field']) && $this->CONFIG['secret_field'] > '') {
$secret = $DB->querySingle("select `{$this->CONFIG['secret_field']}` from `{$this->CONFIG['table']}` where `{$this->CONFIG['login_field']}` = '{$login}'");
} else {
$secret = $this->CONFIG['secret_default'];
}
$new_hash = $this->generateHash($new_password1, $secret);
$DB->exec("update `{$this->CONFIG['table']}` set `{$this->CONFIG['md5_field']}` = '{$new_hash}' where `{$this->CONFIG['login_field']}` = '{$login}'");
} catch (Exception $e) {
$result = '[JuliaCMS][AUTH] WARNING: failed changing password: '******'Пароль успешно изменен');
return true;
}
