/** * Validate the user's signature & state * State is generated in the welcome controller and passed through the oauth process * * @todo process $state passed back through the oauth process * * @param int $user_id * @return mixed VBX_User or false */ protected function validate_returning_user($user_id) { // jump through hoops to get around the Tenantization $userdata = $this->db->get_where('users', array('id' => $user_id))->result(); if (!empty($userdata[0])) { $user = new VBX_User($userdata[0]); $list = implode(',', array($user->id, $user->password, $user->tenant_id, $user->is_admin)); $expected_signature = VBX_User::salt_encrypt($list); $actual_signature = $this->session->userdata('signature'); if ($expected_signature == $actual_signature) { return $user; } else { return false; } } }
private function setup_user($user) { $this->load->database(); $this->config->load('openvbx'); $this->load->model('vbx_user'); $admin = new VBX_User(); $admin->email = $user['email']; $admin->password = VBX_User::salt_encrypt($user['password']); $admin->first_name = $user['firstname']; $admin->last_name = $user['lastname']; $admin->tenant_id = $user['tenant_id']; $admin->is_admin = true; $admin->voicemail = 'Please leave a message after the beep.'; try { $admin->save(); } catch (Exception $e) { throw new InstallException($e->getMessage(), 4); } }
public function password() { if (!$this->session->userdata('loggedin')) { redirect('auth/login'); } $user = VBX_user::get(array('id' => $this->user_id)); $old_pw = $this->input->post('old_pw'); $new_pw = $this->input->post('new_pw1'); $new_pw2 = $this->input->post('new_pw2'); $this->data['error'] = false; $message = ''; if ($user->password != VBX_User::salt_encrypt($old_pw)) { $this->data['error'] = true; $message = 'Password incorrect'; } else { if ($new_pw != $new_pw2) { $this->data['error'] = true; $message = 'Password mismatch'; } else { $user->password = VBX_User::salt_encrypt($new_pw); try { $user->save(); $message = 'Password changed'; $this->session->set_userdata('signature', VBX_User::signature($user->id)); } catch (VBX_UserException $e) { $this->data['error'] = true; $message = 'Unable to set password, please try again later.'; error_log($e->getMessage()); } } } $this->data['message'] = $message; echo json_encode($this->data); }