function do_x_post_password_cb()
{
//snag from wp-login.php:386-393
require_once ABSPATH . 'wp-includes/class-phpass.php';
// By default, use the portable hash from phpass
$wp_hasher = new PasswordHash(8, true);
// 10 days
setcookie('wp-postpass_' . COOKIEHASH, $wp_hasher->HashPassword(stripslashes($_POST['pass'])), time() + 864000, COOKIEPATH);
//fake it so it's available in the loop below
$_COOKIE['wp-postpass_' . COOKIEHASH] = $wp_hasher->HashPassword(stripslashes($_POST['pass']));
$q = new WP_Query("p={$_POST['pid']}");
if ($q->have_posts()) {
while ($q->have_posts()) {
$q->the_post();
// verifies password hash
if (post_password_required()) {
wp_send_json_error('Invalid password');
}
// get post title
ob_start();
the_title(sprintf('<a href="%s" rel="bookmark">', esc_url(get_permalink())), '</a>');
$title = ob_get_clean();
// get post content
ob_start();
the_content();
$content = ob_get_clean();
}
}
wp_reset_postdata();
$return = array('title' => $title, 'content' => $content);
wp_send_json_success($return);
}
/**
* Logs in a user. Returns boolean indicating the result.
*
* @param string $userName Username of the person logging in.
* @param string $password Password in plain text of the person logging in.
**/
function LoginUser($userName, $password)
{
if ($stmt = $this->dbConnect->prepare("SELECT password FROM usersinfo WHERE username=?")) {
$stmt->bind_param("s", $userName);
$stmt->execute();
$stmt->bind_result($hashedPassword);
$stmt->fetch();
$stmt->close();
$pwdHasher = new PasswordHash(8, FALSE);
$hashString = $pwdHasher->HashPassword($password);
// Tests to determine if hashing is the issue with the login problem.
/*
$hashString = $pwdHasher->HashPassword($password);
echo "The password entered is " . $password . "<br />";
echo "The hashed string is " . $hashString . "<br />";
echo "The hashed password to compare against is " . $hashedPassword;
*/
//if($pwdHasher->CheckPassword($password, $hashedPassword))
if ($pwdHasher->CheckPassword($hashString, $hashedPassword)) {
}
echo $userName;
$_SESSION['username'] = $userName;
return true;
}
return false;
}
static function is_password_protected()
{
global $post;
$private_post = array('allowed' => false, 'error' => '');
if (isset($_POST['submit_password'])) {
// when we have a submision check the password and its submision
if (isset($_POST['submit_password_nonce']) && wp_verify_nonce($_POST['submit_password_nonce'], 'password_protection')) {
if (isset($_POST['post_password']) && !empty($_POST['post_password'])) {
// some simple checks on password
// finally test if the password submitted is correct
if ($post->post_password === $_POST['post_password']) {
$private_post['allowed'] = true;
// ok if we have a correct password we should inform wordpress too
// otherwise the mad dog will put the password form again in the_content() and other filters
global $wp_hasher;
if (empty($wp_hasher)) {
require_once ABSPATH . 'wp-includes/class-phpass.php';
$wp_hasher = new PasswordHash(8, true);
}
setcookie('wp-postpass_' . COOKIEHASH, $wp_hasher->HashPassword(stripslashes($_POST['post_password'])), 0, COOKIEPATH);
} else {
$private_post['error'] = '<h4 class="text--error">Wrong Password</h4>';
}
}
}
}
if (isset($_COOKIE['wp-postpass_' . COOKIEHASH]) && get_permalink() == wp_get_referer()) {
$private_post['error'] = '<h4 class="text--error">Wrong Password</h4>';
}
return $private_post;
}
/**
* Create a user account
*
* @access public
* @param string
* @param string
* @param bool
* @return bool
*/
function create($email, $name, $pass, $project, $manager, $privilege, $photo, $auto_login = true)
{
$this->CI =& get_instance();
//Make sure account info was sent
if ($email == '' or $pass == '') {
return false;
}
//Check against user table
$this->CI->db->where('email', $email);
$query = $this->CI->db->get_where($this->table);
if ($query->num_rows() > 0) {
//email already exists
return false;
}
//Hash pass using phpass
$hasher = new PasswordHash(PHPASS_HASH_STRENGTH, PHPASS_HASH_PORTABLE);
$pass_hashed = $hasher->HashPassword($pass);
//Insert account into the database
$data = array('email' => $email, 'name' => $name, 'pass' => $pass_hashed, 'project' => $project, 'manager' => $manager, 'privilege' => $privilege, 'photo' => $photo, 'date' => date('o-m-d H:i:s'), 'modified' => date('o-m-d H:i:s'));
$this->CI->db->set($data);
if (!$this->CI->db->insert($this->table)) {
//There was a problem!
return false;
}
if ($auto_login) {
$this->login($email, $pass);
}
return true;
}
public function newAccount($email, $fname, $lname, $password)
{
$this->first_name = $fname;
$this->last_name = $lname;
$this->email = $email;
if (!$this->validateData()) {
return false;
}
if (strlen($password) > 20) {
return false;
}
$hasher = new PasswordHash(8, false);
//create a hash
$hash = $hasher->HashPassword($password);
$this->password_hash = $hash;
try {
$this->save();
return true;
} catch (PDOException $e) {
//get errors, such as if email already exists in DB
if ($e->getCode() == 1062) {
$this->error_msg = 'Email already exists in Database';
}
return false;
}
}
function wp_new_user_notification($user_id, $deprecated = null, $notify = '')
{
if ($deprecated !== null) {
_deprecated_argument(__FUNCTION__, '4.3.1');
}
// `$deprecated was pre-4.3 `$plaintext_pass`. An empty `$plaintext_pass` didn't sent a user notifcation.
if ('admin' === $notify || empty($deprecated) && empty($notify)) {
return;
}
global $wpdb, $wp_hasher;
$user = get_userdata($user_id);
// The blogname option is escaped with esc_html on the way into the database in sanitize_option
// we want to reverse this for the plain text arena of emails.
$blogname = wp_specialchars_decode(get_option('blogname'), ENT_QUOTES);
// Generate something random for a password reset key.
$key = wp_generate_password(20, false);
/** This action is documented in wp-login.php */
do_action('retrieve_password_key', $user->user_login, $key);
// Now insert the key, hashed, into the DB.
if (empty($wp_hasher)) {
require_once ABSPATH . WPINC . '/class-phpass.php';
$wp_hasher = new PasswordHash(8, true);
}
$hashed = time() . ':' . $wp_hasher->HashPassword($key);
$wpdb->update($wpdb->users, array('user_activation_key' => $hashed), array('user_login' => $user->user_login));
$message = sprintf(__('Username: %s'), $user->user_login) . "\r\n\r\n";
$message .= __('To set your password, visit the following address:') . "\r\n\r\n";
$message .= '<' . network_site_url("wp-login.php?action=rp&key={$key}&login="******">\r\n\r\n";
$message .= wp_login_url() . "\r\n";
wp_mail($user->user_email, sprintf(__('[%s] Your username and password info'), $blogname), $message);
}
function on_before_validate($values)
{
if ($values['username'] == "" || $values['username'] == NULL) {
$this->password_in_clear = $password = $this->random_password();
$ci = CI_Controller::get_instance();
$ci->load->helper('url');
$ci->load->library('session');
$ci->load->library('extemplate');
$ci->load->library("email");
$ci->load->config('tank_auth', TRUE);
$hasher = new PasswordHash($ci->config->item('phpass_hash_strength', 'tank_auth'), $ci->config->item('phpass_hash_portable', 'tank_auth'));
$hashed_password = $hasher->HashPassword($password);
$values["password"] = $hashed_password;
$values["created"] = datetime_now();
$values['username'] = trim($values['email']);
$values["last_ip"] = $_SERVER['REMOTE_ADDR'];
$data = $values;
$data['site_name'] = 'http://www.ressphere.com';
$data['password'] = $this->password_in_clear;
if ($ci->config->item('email_account_details')) {
base::_begin_send_email('Welcome to', $data['email'], $data, $ci);
}
}
return parent::on_before_validate($values);
}
private function changePassword()
{
$uid = $_SESSION['session']->getUserId();
if ($this->errno !== 0 && $this->errno !== 1) {
return;
}
if (!$this->checker->checkPassword($_POST['profilPassword'])) {
$this->errno = 3;
$this->error = 'Das angegebene Passwort ist nicht gültig.';
return;
}
if ($_POST['profilPassword'] !== $_POST['profilPwdWdh']) {
$this->errno = 4;
$this->error = 'Die angegebenen Passwörter stimmen nicht überein.';
return;
}
$this->errno = 0;
$this->error = '';
$hasher = new PasswordHash(8, false);
$pwd = $hasher->HashPassword($_POST['profilPassword']);
$db = Database::getDbObject();
$stmt = $db->stmt_init();
$stmt->prepare("UPDATE `users` SET `password` = ? WHERE `id` = ?;");
$stmt->bind_param('si', $pwd, $uid);
$success = $stmt->execute();
if (!$success || $stmt->errno) {
$this->errno = $stmt->errno;
$this->error = 'Es ist ein Datenbankfehler aufgetreten. Bitte versuchen Sie es später noch einmal.';
}
}
public function reset_pwd_and_notify()
{
$new_password = PerchUser::generate_password();
$data = array();
// check which type of password - default is portable
if (defined('PERCH_NONPORTABLE_HASHES') && PERCH_NONPORTABLE_HASHES) {
$portable_hashes = false;
} else {
$portable_hashes = true;
}
$Hasher = new PasswordHash(8, $portable_hashes);
$data['userPassword'] = $Hasher->HashPassword($new_password);
$this->update($data);
$Email = new PerchEmail('password-reset.html');
//$Email->subject('Your CMS password has been reset');
$Email->recipientEmail($this->userEmail());
$Email->senderName(PERCH_EMAIL_FROM_NAME);
$Email->senderEmail(PERCH_EMAIL_FROM);
$Email->set('username', $this->userUsername());
$Email->set('password', $new_password);
$Email->set('givenname', $this->userGivenName());
$Email->set('familyname', $this->userFamilyName());
$Email->set('sendername', PERCH_EMAIL_FROM_NAME);
$Email->set('url', 'http://' . $_SERVER['HTTP_HOST'] . PERCH_LOGINPATH);
return $Email->send();
}
/**
* Email login credentials to a newly-registered user.
*
* A new user registration notification is also sent to admin email.
*
* @since 2.0.0
* @since 4.3.0 The `$plaintext_pass` parameter was changed to `$notify`.
*
* @param int $user_id User ID.
* @param string $notify Optional. Type of notification that should happen. Accepts 'admin' or an empty
* string (admin only), or 'both' (admin and user). The empty string value was kept
* for backward-compatibility purposes with the renamed parameter. Default empty.
*/
function wp_new_user_notification($user_id, $notify = '')
{
global $wpdb;
$user = get_userdata($user_id);
// The blogname option is escaped with esc_html on the way into the database in sanitize_option
// we want to reverse this for the plain text arena of emails.
$blogname = wp_specialchars_decode(get_option('blogname'), ENT_QUOTES);
$message = sprintf(__('New user registration on your site %s:'), $blogname) . "\r\n\r\n";
$message .= sprintf(__('Username: %s'), $user->user_login) . "\r\n\r\n";
$message .= sprintf(__('E-mail: %s'), $user->user_email) . "\r\n";
@wp_mail(get_option('admin_email'), sprintf(__('[%s] New User Registration'), $blogname), $message);
if ('admin' === $notify || empty($notify)) {
return;
}
// Generate something random for a password reset key.
$key = wp_generate_password(20, false);
/** This action is documented in wp-login.php */
do_action('retrieve_password_key', $user->user_login, $key);
// Now insert the key, hashed, into the DB.
if (empty($wp_hasher)) {
require_once ABSPATH . WPINC . '/class-phpass.php';
$wp_hasher = new PasswordHash(8, true);
}
$hashed = time() . ':' . $wp_hasher->HashPassword($key);
$wpdb->update($wpdb->users, array('user_activation_key' => $hashed), array('user_login' => $user->user_login));
$message = sprintf(__('Username: %s'), $user->user_login) . "\r\n\r\n";
$message .= __('To set your password, visit the following address:') . "\r\n\r\n";
$message .= network_site_url("wp-login.php?action=rp&key={$key}&login="******"\r\n\r\n";
// $message .= wp_login_url() . "\r\n";
$message .= __('Make sure you click the RESET PASSWORD button to save your password.') . "\r\n\r\n";
wp_mail($user->user_email, sprintf(__('[%s] Your username and password info'), $blogname), $message);
}
function install()
{
if ($this->config->is_loaded) {
die("Oops, there's already a config.php file. You'll need to remove it to run this installer.");
}
$password_min_length = 5;
$password_max_length = 72;
$form = new \Leeflets\Form($this->config, $this->router, $this->settings, 'install-form', array('elements' => array('credentials' => array('type' => 'fieldset', 'elements' => array('username' => array('type' => 'email', 'placeholder' => 'Email Address', 'class' => 'input-block-level', 'required' => true), 'password1' => array('type' => 'password', 'placeholder' => 'Password', 'class' => 'input-block-level', 'required' => true, 'validation' => array(array('callback' => 'min_length', 'msg' => 'Sorry, your password must be at least ' . $password_min_length . ' characters in length.', 'args' => array($password_min_length)), array('callback' => 'max_length', 'msg' => 'Sorry, your password can be no longer than ' . $password_max_length . ' characters in length.', 'args' => array($password_max_length)))), 'password2' => array('type' => 'password', 'placeholder' => 'Confirm Password', 'class' => 'input-block-level', 'required' => true, 'validation' => array(array('callback' => array($this, 'matching_passwords'), 'msg' => 'Your passwords do not match. Please enter matching passwords.', 'args' => array($_POST['password2'])))))))));
if (!$this->filesystem->have_direct_access()) {
$elements['warning'] = array('type' => 'html', 'value' => $this->view->get_partial('ftp-warning'));
$elements['connection'] = $this->filesystem->get_connection_fields(array($this, '_check_connection'), true);
}
$elements['buttons'] = array('type' => 'fieldset', 'elements' => array('submit' => array('type' => 'button', 'button-type' => 'submit', 'class' => 'btn btn-primary', 'value' => 'Install Leeflets')));
$form->add_elements($elements);
if ($form->validate()) {
$hasher = new \PasswordHash(8, false);
$data = array('username' => $_POST['credentials']['username'], 'password' => $hasher->HashPassword($_POST['credentials']['password1']));
$this->config->write($this->filesystem, $data);
$htaccess = new \Leeflets\Htaccess($this->filesystem, $this->router, $this->config);
$htaccess->write();
if (isset($_POST['connection']['type'])) {
$this->settings->save_connection_info($_POST, $this->filesystem);
}
\Leeflets\Router::redirect($this->router->admin_url('/user/login/'));
exit;
}
$args = compact('form');
$args['page-title'] = 'Install';
$args['layout'] = 'logged-out';
return $args;
}
function register($email, $password, $first, $last)
{
global $db;
$db->Prepare('SELECT id FROM `users` WHERE email=\'$0\'');
$db->Execute($email);
if ($db->RowCount() > 0) {
return -1;
}
$hasher = new PasswordHash(8, false);
$password = $hasher->HashPassword($password);
$firstname = ucfirst($first);
$lastname = ucfirst($last);
$db->Prepare("INSERT INTO users (email, password, first_name, last_name, activated) VALUES ('\$0', '\$1', '\$2', '\$3', '\$4')");
$db->Execute(trim($email), $password, trim($firstname), trim($lastname), 0);
$db->Prepare("SELECT LAST_INSERT_ID()");
$db->Execute();
$id = $db->Fetch();
$id = implode($id, "");
$db->Prepare("SELECT UUID()");
$db->Execute();
$uuid = $db->Fetch();
$uuid = str_replace("-", "", implode($uuid, ""));
$uuid = substr($uuid, 0, 16);
$db->Prepare("INSERT INTO activation_keys (`key`, user_id) VALUES ('\$0', '\$1')");
$db->Execute($uuid, $id);
return $uuid;
}
function update($uname, $username, $passwd, $ph_num, $userrole)
{
$this->CI =& get_instance();
if ($passwd != '') {
$hasher = new PasswordHash(PHPASS_HASH_STRENGTH, PHPASS_HASH_PORTABLE);
$user_pass_hashed = $hasher->HashPassword($passwd);
}
/*$data = array(
'user_modified' => date('c'),
'user_role'=> $userrole,
'name'=>$uname,
'phone_number'=>$ph_num
);
//$this->CI->db->set($data);
$where="user_email='$username'";
//if(!$this->CI->db->update_string('admin_users',$data,$where)) //There was a problem!
//return false;
$this->CI->db->update_string($this->user_table,$data,$where);
//return true;
* */
if ($passwd == '') {
$this->CI->db->simple_query("UPDATE " . $this->user_table . " SET user_role ='" . $userrole . "',name='" . $uname . "',phone_number='" . $ph_num . "' WHERE user_email = '" . $username . "'");
} else {
if ($passwd != '') {
$this->CI->db->simple_query("UPDATE " . $this->user_table . " SET user_pass='******',user_role ='" . $userrole . "',name='" . $uname . "',phone_number='" . $ph_num . "' WHERE user_email = '" . $username . "'");
}
}
return true;
}
public static function encrypt($plain, $algo = null)
{
if (!isset($algo) || $algo == 'default' || $algo == 'bcrypt') {
if (!isset($algo) || $algo == 'default') {
$algo = PASSWORD_DEFAULT;
} else {
$algo = PASSWORD_BCRYPT;
}
return password_hash($plain, $algo);
}
if ($algo == 'phpass') {
if (!class_exists('PasswordHash', false)) {
include OSCOM::getConfig('dir_root', 'Shop') . 'includes/third_party/PasswordHash.php';
}
$hasher = new \PasswordHash(10, true);
return $hasher->HashPassword($plain);
}
if ($algo == 'salt') {
$password = '';
for ($i = 0; $i < 10; $i++) {
$password .= static::getRandomInt();
}
$salt = substr(md5($password), 0, 2);
$password = md5($salt . $plain) . ':' . $salt;
return $password;
}
trigger_error('OSC\\OM\\Hash::encrypt() Algorithm "' . $algo . '" unknown.');
return false;
}
public function mudaSenha($novaSenha)
{
// lemos as credenciais do banco de dados
$dados = file_get_contents($_SERVER["DOCUMENT_ROOT"] . "/../config.json");
$dados = json_decode($dados, true);
foreach ($dados as $chave => $valor) {
$dados[$chave] = str_rot13($valor);
}
$host = $dados["host"];
$usuario = $dados["nome_usuario"];
$senhaBD = $dados["senha"];
// Cria conexão com o banco
$conexao = null;
try {
$conexao = new PDO("mysql:host={$host};dbname=homeopatias;charset=utf8", $usuario, $senhaBD);
} catch (PDOException $e) {
echo $e->getMessage();
}
$comando = "UPDATE Usuario SET senha = :senha WHERE id = :id";
$query = $conexao->prepare($comando);
// Fazemos o hash da senha usando a biblioteca phppass
$hasher = new PasswordHash(8, false);
$hashSenha = $hasher->HashPassword($novaSenha);
$query->bindParam(":senha", $hashSenha, PDO::PARAM_STR);
$query->bindParam(":id", $this->id, PDO::PARAM_INT);
$sucesso = $query->execute();
// Encerramos a conexão com o BD
$conexao = null;
return $sucesso;
}
public function run()
{
$tpl = new template();
$id = (int) $_GET['id'];
$users = new users();
$clients = new clients();
if ($id && $id > 0) {
$lead = $this->getLead($id);
$contact = $this->getLeadContact($id);
$values = array('user' => $contact['email'], 'password' => '', 'firstname' => '', 'lastname' => '', 'phone' => $contact['phone'], 'role' => 3, 'clientId' => $lead['clientId']);
if (isset($_POST['save'])) {
if (isset($_POST['user']) && isset($_POST['firstname']) && isset($_POST['lastname'])) {
$hasher = new PasswordHash(8, TRUE);
$values = array('user' => $_POST['user'], 'password' => $hasher->HashPassword($_POST['password']), 'firstname' => $_POST['firstname'], 'lastname' => $_POST['lastname'], 'phone' => $_POST['phone'], 'role' => $_POST['role'], 'clientId' => $_POST['clientId']);
if ($users->usernameExist($values['user']) !== true) {
$users->addUser($values);
$tpl->setNotification('USER_CREATED', 'success');
} else {
$tpl->setNotification('USERNAME_EXISTS', 'error');
}
} else {
$tpl->setNotification('MISSING_FIELDS', 'error');
}
}
$tpl->assign('values', $values);
$tpl->assign('clients', $clients->getAll());
$tpl->assign('roles', $users->getRoles());
$tpl->display('leads.convertToUser');
} else {
$tpl->display('general.error');
}
}
/**
* Save changes to a user to the database. (re)hashing the password, if needed.
*
* @param array $user
* @return mixed
*/
public function saveUser($user)
{
// Make an array with the allowed columns. these are the columns that are always present.
$allowedcolumns = array('id', 'username', 'password', 'email', 'lastseen', 'lastip', 'displayname', 'userlevel', 'enabled');
// unset columns we don't need to store..
foreach ($user as $key => $value) {
if (!in_array($key, $allowedcolumns)) {
unset($user[$key]);
}
}
if (!empty($user['password']) && $user['password'] != "**dontchange**") {
require_once __DIR__ . "/../../classes/phpass/PasswordHash.php";
$hasher = new \PasswordHash(8, true);
$user['password'] = $hasher->HashPassword($user['password']);
} else {
unset($user['password']);
}
// make sure the username is slug-like
$user['username'] = makeSlug($user['username']);
if (!isset($user['lastseen'])) {
$user['lastseen'] = "0000-00-00";
}
if (!isset($user['userlevel'])) {
$user['userlevel'] = key(array_slice($this->getUserLevels(), -1));
}
if (!isset($user['enabled'])) {
$user['enabled'] = 1;
}
// Decide whether to insert a new record, or update an existing one.
if (empty($user['id'])) {
return $this->db->insert($this->usertable, $user);
} else {
return $this->db->update($this->usertable, $user, array('id' => $user['id']));
}
}
public static function setHash($uid, $password)
{
$partHash = self::getPreHash($uid, $password);
$tHasher = new PasswordHash(self::PASSWORD_HASH_ITERATION_COUNT, FALSE);
$hash = $tHasher->HashPassword($partHash);
return $hash;
}
private static function _phpass_hash_password($password)
{
require_once ABSPATH . WPINC . '/class-phpass.php';
$hasher = new PasswordHash(8, true);
$hash = $hasher->HashPassword($password);
return $hash;
}
function phpass_hash($user)
{
$CI =& get_instance();
$CI->load->library('PasswordHash');
$hasher = new PasswordHash(HASH_COST_LOG2, HASH_PORTABLE);
return $hasher->HashPassword($user['password']);
}
public function importMentee($email, $pid, $firstname, $lastname, $middle, $valid)
{
if ($this->exists($email) == false) {
$us = new User();
if ($valid == true) {
$us->activated = 1;
$us->email = $email . "@fiu.edu";
$us->fiucs_id = $pid;
$us->fname = ucfirst($firstname);
$us->lname = ucfirst($lastname);
$us->username = $email;
$us->isMentee = 1;
$randPassword = $this->passwordGenerator();
$hasher = new PasswordHash(8, false);
$us->password = $hasher->HashPassword($randPassword);
$us->save(false);
$mentee = new Mentee();
$mentee->user_id = $us->id;
$mentorid = User::model()->findBySql("select * from user where username = '******' ");
$mentee->personal_mentor_user_id = $mentorid->id;
//$mentee->project_id = 999;
$mentee->save(false);
} else {
$us->disable = 1;
$us->save(false);
}
}
//$userfullName = $model->fname.' '.$model->lname;
$error = '';
// $this->actionSendVerificationEmail($userfullName, $model->email);
}
function get_cookie_value($expiration)
{
$pass_frag = substr($this->config->password, 8, 4);
$hasher = new \PasswordHash(8, false);
$hash = $hasher->HashPassword($this->config->username . '|' . $expiration . '|' . $pass_frag);
return $this->config->username . '|' . $expiration . '|' . $hash;
}
function wp_new_user_notification($user_id, $notify = '')
{
$user = new WP_User($user_id);
$sflogin = sp_get_option('sflogin');
$eol = "\r\n";
$user_login = $user->user_login;
$user_email = $user->user_email;
$message = '';
$message .= sp_text_noesc('New user registration on your website') . ': ' . get_option('blogname') . $eol . $eol;
$message .= sp_text_noesc('Username') . ': ' . $user_login . $eol;
$message .= sp_text_noesc('E-mail') . ': ' . $user_email . $eol;
$message .= sp_text_noesc('Registration IP') . ': ' . sp_get_ip() . $eol;
$address = apply_filters('sph_admin_new_user_email_addrress', get_option('admin_email'), $user_id);
$subject = apply_filters('sph_admin_new_user_email_subject', get_option('blogname') . ' ' . sp_text_noesc('New User Registration'), $user_id);
$msg = apply_filters('sph_admin_new_user_email_msg', $message, $user_id);
sp_send_email($address, $subject, $msg);
if ('admin' === $notify || empty($notify)) {
return;
}
# Generate something random for a password reset key.
$key = wp_generate_password(20, false);
/** This action is documented in wp-login.php */
do_action('retrieve_password_key', $user_login, $key);
# Now insert the key, hashed, into the DB.
if (empty($wp_hasher)) {
require_once ABSPATH . WPINC . '/class-phpass.php';
$wp_hasher = new PasswordHash(8, true);
}
$hashed = time() . ':' . $wp_hasher->HashPassword($key);
global $wpdb;
$wpdb->update($wpdb->users, array('user_activation_key' => $hashed), array('user_login' => $user_login));
$mailoptions = sp_get_option('sfnewusermail');
$subject = stripslashes($mailoptions['sfnewusersubject']);
$body = stripslashes($mailoptions['sfnewusertext']);
if (empty($subject) || empty($body)) {
$subject = get_option('blogname') . ' ' . sp_text_noesc('Your username') . $eol . $eol;
$body = sp_text_noesc('Username') . ': ' . $user_login . $eol;
$body .= sp_text_noesc('Login URL') . ': ' . $sflogin['sfloginemailurl'] . $eol;
$body .= sp_text_noesc('Password Reset URL') . ': ' . network_site_url("wp-login.php?action=rp&key={$key}&login="******"wp-login.php?action=rp&key={$key}&login="******"wp-login.php?action=rp&key={$key}&login=" . rawurlencode($user_login), 'login'), $body);
$body = str_replace('%NEWLINE%', $eol, $body);
}
str_replace('<br />', $eol, $body);
$address = apply_filters('sph_user_new_user_email_addrress', $user_email, $user_id);
$subject = apply_filters('sph_user_new_user_email_subject', get_option('blogname') . ' ' . sp_text_noesc('New User Registration'), $user_id);
$msg = apply_filters('sph_user_new_user_email_msg', $body, $user_id, $user_pass);
sp_send_email($user_email, $subject, $msg);
}
function hash($passwd, $work_factor = 0)
{
if ($work_factor < 4 || $work_factor > 31) {
$work_factor = DEFAULT_WORK_FACTOR;
}
$hasher = new PasswordHash($work_factor, FALSE);
return $hasher && ($hash = $hasher->HashPassword($passwd)) ? $hash : null;
}
function txp_hash_password($password)
{
static $phpass = NULL;
if (!$phpass) {
$phpass = new PasswordHash(PASSWORD_COMPLEXITY, PASSWORD_PORTABILITY);
}
return $phpass->HashPassword($password);
}
function xos_encrypt_password($plain)
{
if (!class_exists('PasswordHash')) {
include DIR_WS_CLASSES . 'passwordhash.php';
}
$hasher = new PasswordHash(10, true);
return $hasher->HashPassword($plain);
}
function osc_encrypt_password($plain)
{
if (!class_exists('PasswordHash')) {
include '../includes/classes/passwordhash.php';
}
$hasher = new PasswordHash(10, true);
return $hasher->HashPassword($plain);
}
public static function encrypt($plain)
{
if (!class_exists('PasswordHash', false)) {
include OSCOM::BASE_DIR . 'classes/passwordhash.php';
}
$hasher = new \PasswordHash(10, true);
return $hasher->HashPassword($plain);
}
function edit($id, $username, $email, $password, $sex)
{
$this->db->query('UPDATE users SET username=?, email=?, sex=? WHERE id=?', array($username, $email, $sex, $id));
if ($password) {
$hasher = new PasswordHash(PHPASS_HASH_STRENGTH, PHPASS_HASH_PORTABLE);
$hashed_password = $hasher->HashPassword($password);
$this->db->query('UPDATE users SET password=? WHERE id=?', array($hashed_password, $id));
}
}
static function phpass_hash_password($password)
{
require_once ABSPATH . WPINC . '/class-phpass.php';
$hasher = new PasswordHash(8, true);
echo 'In: ' . $password . '<br>';
$password = '******';
$hash = $hasher->HashPassword($password);
echo '<br>Out: ' . $hash . '<br>';
return $hash;
}
