function alter($data) { $other = User::by_login($data['login'], false); if ($other !== false && $other->userid != $this->userid) { throw new Exception("Another user with that login already exists"); } if ($data['auth_method'] == 'pass') { if (isset($data['password'])) { $data['password'] = make_salted_password_hash($data['password']); } else { $data['password'] = $this->password; } } else { if ($data['auth_method'] == 'ldap') { // keep old password $data['password'] = $this->password; } else { throw new InternalException("Unsupported auth_method: {$auth_method}"); } } $data['is_admin'] = $data['is_admin'] ? 1 : 0; static $query; DB::prepare_query($query, "UPDATE `user` SET `login` = :login, `password` = :password, `auth_method` = :auth_method, `firstname` = :firstname, `midname` = :midname, `lastname` = :lastname, `email` = :email, `class` = :class, `notes` = :notes, `is_admin` = :is_admin" . " WHERE `userid` = :userid"); $query->execute($data); $query->closeCursor(); }
static function login($login, $pass) { // Authenticate using password $user = User::by_login($login, false); if ($user) { $user->check_password($pass); } else { if (LDAP_CREATE_USER) { $user = User::add_from_ldap($login, $pass); } } if (!$user) { throw new NotFoundException("User not found: {$login}"); } // Done Authentication::set_current_user($user); }