/** * @param string $pass * @param string $salt * @param string $encPass * @return boolean * * This method compares user entered value with the value stored in DB. It encrypts the user input before comparison */ public static function comparePasswords($pass = null, $salt = null, $encPass = null) { if (null == $pass || null == $salt || null == $encPass) { return false; } if (SecurityUtils::encryptPassword($pass, $salt) === $encPass) { //if($pass === $encPass){ return true; } return false; }
public function exists($attribute, $params) { if ($this->id) { $user = UserCredentials::model()->findByPk($this->id); if ($user) { $password = SecurityUtils::encryptPassword($this->currentPassword, $user->salt); $criteria = new CDbCriteria(); $criteria->condition = 'password=:password'; $criteria->params = array(':password' => $password); if (!UserCredentials::model()->find($criteria)) { $this->addError('currentPassword', 'Please enter your current password !'); } } else { $this->addError('currentPassword', 'Sorry, could not process your password modification request at this time !'); } } else { $this->addError('currentPassword', 'Sorry, could not process your password modification request at this time !'); } }
public function actionForgotPassword() { if (!Yii::app()->user->isGuest) { $this->redirect('/home'); } $model = new ForgotPasswordForm(); if (isset($_POST) && isset($_POST['ForgotPasswordForm'])) { $model->attributes = $_POST['ForgotPasswordForm']; if ($model->validate()) { // Generate Password here and redirect $tempPass = SecurityUtils::generateRandomString(8); $user = UserCredentials::model()->find('email_id=:email', array(':email' => $model->email)); if ($user) { $user->salt = SecurityUtils::generateSalt($user->email_id); $user->password = SecurityUtils::encryptPassword($tempPass, $user->salt); if ($user->save()) { $data['temp_password'] = $tempPass; $data['user'] = $user->id; EmailApi::sendEmail($model->email, "ACCOUNT.RESET.PASSWORD", $data); Yii::app()->user->setFlash('success', "We have sent you a new password to your email.\n\t\t\t\t\t\t<br/> Please add " . Yii::app()->params['adminEmail'] . " to your whitelist."); $this->redirect('/home'); } } } } $this->render('forgotPassword', array('model' => $model)); }
public static function createUser($credential, $profile, $role = "Member") { $password = $credential->password; $credential->salt = SecurityUtils::generateSalt($credential->email_id); $credential->activation_code = SecurityUtils::generateRandomString(10); $credential->registered_ip = SecurityUtils::getRealIp(); $credential->password = SecurityUtils::encryptPassword($credential->password, $credential->salt); $credential->password_confirm = $credential->password; if ($credential->save()) { $profile->user_id = $credential->id; if ($profile->save()) { $assignment = new Assignments(); $assignment->itemname = $role; $assignment->userid = $credential->id; $assignment->data = 's:0:"";'; $assignment->save(); return array('credential' => $credential, 'profile' => $profile); } else { $credential->delete(); $credential->setIsNewRecord(true); return false; } } else { $credential->password = $password; $credential->password_confirm = $password; return false; } }