function setPassword($user, $passwd) { global $myPasswdMgr; /** * I could have just said passwordManager::setPassword($user, stringHandler::toSHA1(passwordManager::randomWord(5))); * but that way I'll have no idea what the unhashed password is, and * won't be able to send it to the user. */ //generate new password and write it to the db. setPassword(user, password) $passwd = $myPasswdMgr->randomWord(5); $myPasswdMgr->setPassword($user, passwordManager::toSHA1($passwd)); }
/** * Authenticate the user * * @param string $user Username * @param string $pass Password * @param bool $setcookie If true, set a cookie */ function userauth($user, $pass, $setcookie = FALSE) { $query = "SELECT `id` FROM `" . T_AUTHORS . "` WHERE `nickname`='" . stringHandler::removeMagicQuotes($user) . "' AND `password`='" . stringHandler::removeMagicQuotes(passwordManager::toSHA1($pass)) . "'"; $rs = $this->_adb->GetRow($query); if ($rs) { $_SESSION['user_id'] = $rs[0]; return true; } else { return false; } }