/** * @param UserModel $UserModel * @param array $Args */ public function UserModel_AfterInsertUser_Handler($UserModel, $Args) { $Password = GetValue('User/Password', $_POST); if (!$Password) { return; } // See if there is a user with the same email/password. $Users = $UserModel->GetWhere(array('Email' => GetValueR('InsertFields.Email', $Args)))->ResultArray(); $Hasher = new Gdn_PasswordHash(); foreach ($Users as $User) { if ($Hasher->CheckPassword($Password, $User['Password'], $User['HashMethod'])) { $UserModel->SQL->Put('User', array('Password' => $User['Password'], 'HashMethod' => $User['HashMethod']), array('UserID' => GetValue('InsertUserID', $Args))); return; } } }
/** * * * @param bool $UserID * @throws Exception * @throws Gdn_UserException */ public function sso($UserID = false) { $this->permission('Garden.Users.Edit'); $ProviderModel = new Gdn_AuthenticationProviderModel(); $Form = new Gdn_Form(); if ($this->Request->isAuthenticatedPostBack()) { // Make sure everything has been posted. $Form->validateRule('ClientID', 'ValidateRequired'); $Form->validateRule('UniqueID', 'ValidateRequired'); if (!validateRequired($Form->getFormValue('Username')) && !validateRequired($Form->getFormValue('Email'))) { $Form->addError('Username or Email is required.'); } $Provider = $ProviderModel->getProviderByKey($Form->getFormValue('ClientID')); if (!$Provider) { $Form->addError(sprintf('%1$s "%2$s" not found.', t('Provider'), $Form->getFormValue('ClientID'))); } if ($Form->errorCount() > 0) { throw new Gdn_UserException($Form->errorString()); } // Grab the user. $User = false; if ($Email = $Form->getFormValue('Email')) { $User = Gdn::userModel()->GetByEmail($Email); } if (!$User && ($Username = $Form->getFormValue('Username'))) { $User = Gdn::userModel()->GetByUsername($Username); } if (!$User) { throw new Gdn_UserException(sprintf(t('User not found.'), strtolower(t(UserModel::SigninLabelCode()))), 404); } // Validate the user's password. $PasswordHash = new Gdn_PasswordHash(); $Password = $this->Form->getFormValue('Password', null); if ($Password !== null && !$PasswordHash->CheckPassword($Password, val('Password', $User), val('HashMethod', $User))) { throw new Gdn_UserException(t('Invalid password.'), 401); } // Okay. We've gotten this far. Let's save the authentication. $User = (array) $User; Gdn::userModel()->saveAuthentication(array('UserID' => $User['UserID'], 'Provider' => $Form->getFormValue('ClientID'), 'UniqueID' => $Form->getFormValue('UniqueID'))); $Row = Gdn::userModel()->getAuthentication($Form->getFormValue('UniqueID'), $Form->getFormValue('ClientID')); if ($Row) { $this->setData('Result', $Row); } else { throw new Gdn_UserException(t('There was an error saving the data.')); } } else { $User = Gdn::userModel()->getID($UserID); if (!$User) { throw notFoundException('User'); } $Result = Gdn::sql()->select('ua.ProviderKey', '', 'ClientID')->select('ua.ForeignUserKey', '', 'UniqueID')->select('ua.UserID')->select('p.Name')->select('p.AuthenticationSchemeAlias', '', 'Type')->from('UserAuthentication ua')->join('UserAuthenticationProvider p', 'ua.ProviderKey = p.AuthenticationKey')->where('UserID', $UserID)->get()->resultArray(); $this->setData('Result', $Result); } $this->render('Blank', 'Utility', 'Dashboard'); }
/** * Signin process that multiple authentication methods. * * @access public * @since 2.0.0 * @author Tim Gunter * * @param string $Method * @param array $Arg1 * @return string Rendered XHTML template. */ public function SignIn($Method = FALSE, $Arg1 = FALSE) { Gdn::Session()->EnsureTransientKey(); $this->AddJsFile('entry.js'); $this->SetData('Title', T('Sign In')); $this->Form->AddHidden('Target', $this->Target()); $this->Form->AddHidden('ClientHour', date('Y-m-d H:00')); // Use the server's current hour as a default. // Additional signin methods are set up with plugins. $Methods = array(); $this->SetData('Methods', $Methods); $this->SetData('FormUrl', Url('entry/signin')); $this->FireEvent('SignIn'); if ($this->Form->IsPostBack()) { $this->Form->ValidateRule('Email', 'ValidateRequired', sprintf(T('%s is required.'), T(UserModel::SigninLabelCode()))); $this->Form->ValidateRule('Password', 'ValidateRequired'); if (!$this->Request->IsAuthenticatedPostBack()) { $this->Form->AddError('Please try again.'); } // Check the user. if ($this->Form->ErrorCount() == 0) { $Email = $this->Form->GetFormValue('Email'); $User = Gdn::UserModel()->GetByEmail($Email); if (!$User) { $User = Gdn::UserModel()->GetByUsername($Email); } if (!$User) { $this->Form->AddError('@' . sprintf(T('User not found.'), strtolower(T(UserModel::SigninLabelCode())))); } else { // Check the password. $PasswordHash = new Gdn_PasswordHash(); $Password = $this->Form->GetFormValue('Password'); try { $PasswordChecked = $PasswordHash->CheckPassword($Password, GetValue('Password', $User), GetValue('HashMethod', $User)); // Rate limiting Gdn::UserModel()->RateLimit($User, $PasswordChecked); if ($PasswordChecked) { // Update weak passwords $HashMethod = GetValue('HashMethod', $User); if ($PasswordHash->Weak || $HashMethod && strcasecmp($HashMethod, 'Vanilla') != 0) { $Pw = $PasswordHash->HashPassword($Password); Gdn::UserModel()->SetField(GetValue('UserID', $User), array('Password' => $Pw, 'HashMethod' => 'Vanilla')); } Gdn::Session()->Start(GetValue('UserID', $User), TRUE, (bool) $this->Form->GetFormValue('RememberMe')); if (!Gdn::Session()->CheckPermission('Garden.SignIn.Allow')) { $this->Form->AddError('ErrorPermission'); Gdn::Session()->End(); } else { $ClientHour = $this->Form->GetFormValue('ClientHour'); $HourOffset = Gdn::Session()->User->HourOffset; if (is_numeric($ClientHour) && $ClientHour >= 0 && $ClientHour < 24) { $HourOffset = $ClientHour - date('G', time()); } if ($HourOffset != Gdn::Session()->User->HourOffset) { Gdn::UserModel()->SetProperty(Gdn::Session()->UserID, 'HourOffset', $HourOffset); } Gdn::UserModel()->FireEvent('AfterSignIn'); $this->_SetRedirect(); } } else { $this->Form->AddError('Invalid password.'); } } catch (Gdn_UserException $Ex) { $this->Form->AddError($Ex); } } } } else { if ($Target = $this->Request->Get('Target')) { $this->Form->AddHidden('Target', $Target); } $this->Form->SetValue('RememberMe', TRUE); } return $this->Render(); }
public function PasswordReset($UserID, $Password) { // Encrypt the password before saving $PasswordHash = new Gdn_PasswordHash(); $Password = $PasswordHash->HashPassword($Password); $this->SQL->Update('User')->Set('Password', $Password)->Where('UserID', $UserID)->Put(); $this->SaveAttribute($UserID, 'PasswordResetKey', ''); return $this->Get($UserID); }
/** * Do a password reset. * * @param int $UserID * @param string $Password * @return array|false Returns the user or **false** if the user doesn't exist. */ public function passwordReset($UserID, $Password) { // Encrypt the password before saving $PasswordHash = new Gdn_PasswordHash(); $Password = $PasswordHash->hashPassword($Password); $this->SQL->update('User')->set('Password', $Password)->set('HashMethod', 'Vanilla')->where('UserID', $UserID)->put(); $this->saveAttribute($UserID, 'PasswordResetKey', ''); $this->saveAttribute($UserID, 'PasswordResetExpires', ''); $this->EventArguments['UserID'] = $UserID; $this->fireEvent('AfterPasswordReset'); return $this->getID($UserID); }
public function InsertUserTable() { $UseCurrentPassword = $this->Data('UseCurrentPassword'); if ($UseCurrentPassword) { $CurrentUser = $this->SQL->GetWhere('User', array('UserID' => Gdn::Session()->UserID))->FirstRow(DATASET_TYPE_ARRAY); $CurrentPassword = $CurrentUser['Password']; $CurrentHashMethod = $CurrentUser['HashMethod']; } // Delete the current user table. $this->SQL->Truncate('User'); // Load the new user table. $UserTableInfo =& $this->Data['Tables']['User']; if (!$this->ImportExists('User', 'HashMethod')) { $this->_InsertTable('User', array('HashMethod' => $this->GetPasswordHashMethod())); } else { $this->_InsertTable('User'); } $UserTableInfo['Inserted'] = TRUE; $AdminEmail = GetValue('OverwriteEmail', $this->Data); $SqlArgs = array(':Email' => $AdminEmail); $SqlSet = ''; if ($UseCurrentPassword) { $SqlArgs[':Password'] = $CurrentPassword; $SqlArgs[':HashMethod'] = $CurrentHashMethod; $SqlSet = ', Password = :Password, HashMethod = :HashMethod'; } // If doing a password reset, save out the new admin password: if (strcasecmp($this->GetPasswordHashMethod(), 'reset') == 0) { if (!isset($SqlArgs[':Password'])) { $PasswordHash = new Gdn_PasswordHash(); $Hash = $PasswordHash->HashPassword(GetValue('OverwritePassword', $this->Data)); $SqlSet .= ', Password = :Password, HashMethod = :HashMethod'; $SqlArgs[':Password'] = $Hash; $SqlArgs[':HashMthod'] = 'Vanilla'; } // Write it out. $this->Query("update :_User set Admin = 1{$SqlSet} where Email = :Email", $SqlArgs); } else { // Set the admin user flag. $this->Query("update :_User set Admin = 1{$SqlSet} where Email = :Email", $SqlArgs); } // Start the new session. $User = Gdn::UserModel()->GetByEmail(GetValue('OverwriteEmail', $this->Data)); if (!$User) { $User = Gdn::UserModel()->GetByUsername(GetValue('OverwriteEmail', $this->Data)); } $PasswordHash = new Gdn_PasswordHash(); if ($this->Data('UseCurrentPassword') || $PasswordHash->CheckPassword(GetValue('OverwritePassword', $this->Data), GetValue('Password', $User), GetValue('HashMethod', $User))) { Gdn::Session()->Start(GetValue('UserID', $User), TRUE); } return TRUE; }
/** * Signin process that multiple authentication methods. * * @access public * @since 2.0.0 * @author Tim Gunter * * @param string $Method * @param array $Arg1 * @return string Rendered XHTML template. */ public function signIn($Method = false, $Arg1 = false) { if (!$this->Request->isPostBack()) { $this->checkOverride('SignIn', $this->target()); } Gdn::session()->ensureTransientKey(); $this->addJsFile('entry.js'); $this->setData('Title', t('Sign In')); $this->Form->addHidden('Target', $this->target()); $this->Form->addHidden('ClientHour', date('Y-m-d H:00')); // Use the server's current hour as a default. // Additional signin methods are set up with plugins. $Methods = array(); $this->setData('Methods', $Methods); $this->setData('FormUrl', url('entry/signin')); $this->fireEvent('SignIn'); if ($this->Form->isPostBack()) { $this->Form->validateRule('Email', 'ValidateRequired', sprintf(t('%s is required.'), t(UserModel::signinLabelCode()))); $this->Form->validateRule('Password', 'ValidateRequired'); if (!$this->Request->isAuthenticatedPostBack() && !c('Garden.Embed.Allow')) { $this->Form->addError('Please try again.'); } // Check the user. if ($this->Form->errorCount() == 0) { $Email = $this->Form->getFormValue('Email'); $User = Gdn::userModel()->GetByEmail($Email); if (!$User) { $User = Gdn::userModel()->GetByUsername($Email); } if (!$User) { $this->Form->addError('@' . sprintf(t('User not found.'), strtolower(t(UserModel::SigninLabelCode())))); Logger::event('signin_failure', Logger::INFO, '{signin} failed to sign in. User not found.', array('signin' => $Email)); } else { // Check the password. $PasswordHash = new Gdn_PasswordHash(); $Password = $this->Form->getFormValue('Password'); try { $PasswordChecked = $PasswordHash->checkPassword($Password, val('Password', $User), val('HashMethod', $User)); // Rate limiting Gdn::userModel()->rateLimit($User, $PasswordChecked); if ($PasswordChecked) { // Update weak passwords $HashMethod = val('HashMethod', $User); if ($PasswordHash->Weak || $HashMethod && strcasecmp($HashMethod, 'Vanilla') != 0) { $Pw = $PasswordHash->hashPassword($Password); Gdn::userModel()->setField(val('UserID', $User), array('Password' => $Pw, 'HashMethod' => 'Vanilla')); } Gdn::session()->start(val('UserID', $User), true, (bool) $this->Form->getFormValue('RememberMe')); if (!Gdn::session()->checkPermission('Garden.SignIn.Allow')) { $this->Form->addError('ErrorPermission'); Gdn::session()->end(); } else { $ClientHour = $this->Form->getFormValue('ClientHour'); $HourOffset = Gdn::session()->User->HourOffset; if (is_numeric($ClientHour) && $ClientHour >= 0 && $ClientHour < 24) { $HourOffset = $ClientHour - date('G', time()); } if ($HourOffset != Gdn::session()->User->HourOffset) { Gdn::userModel()->setProperty(Gdn::session()->UserID, 'HourOffset', $HourOffset); } Gdn::userModel()->fireEvent('AfterSignIn'); $this->_setRedirect(); } } else { $this->Form->addError('Invalid password.'); Logger::event('signin_failure', Logger::WARNING, '{username} failed to sign in. Invalid password.', array('InsertName' => $User->Name)); } } catch (Gdn_UserException $Ex) { $this->Form->addError($Ex); } } } } else { if ($Target = $this->Request->get('Target')) { $this->Form->addHidden('Target', $Target); } $this->Form->setValue('RememberMe', true); } return $this->render(); }
public function AuthenticateAdminUser() { $OverwriteEmail = GetValue('OverwriteEmail', $this->Data); $OverwritePassword = GetValue('OverwritePassword', $this->Data); $Data = Gdn::SQL()->GetWhere('zUser', array('Email' => $OverwriteEmail)); if ($Data->NumRows() == 0) { $Result = FALSE; } else { $Data = $Data->FirstRow(); $PasswordHash = new Gdn_PasswordHash(); $Result = $PasswordHash->CheckPassword($OverwritePassword, GetValue('Password', $Data), $this->GetPasswordHashMethod()); } if (!$Result) { $this->Validation->AddValidationResult('Email', T('ErrorCredentials')); $this->ErrorType = 'Credentials'; } return $Result; }
/** * * * @return bool */ public function insertUserTable() { $CurrentUser = $this->SQL->getWhere('User', array('UserID' => Gdn::session()->UserID))->firstRow(DATASET_TYPE_ARRAY); $CurrentPassword = $CurrentUser['Password']; $CurrentHashMethod = $CurrentUser['HashMethod']; $CurrentTransientKey = gdn::session()->transientKey(); // Delete the current user table. $this->SQL->Truncate('User'); // Load the new user table. $UserTableInfo =& $this->Data['Tables']['User']; if (!$this->importExists('User', 'HashMethod')) { $this->_InsertTable('User', array('HashMethod' => $this->GetPasswordHashMethod())); } else { $this->_InsertTable('User'); } $UserTableInfo['Inserted'] = true; $AdminEmail = val('OverwriteEmail', $this->Data); $SqlArgs = array(':Email' => $AdminEmail); $SqlSet = ''; $SqlArgs[':Password'] = $CurrentPassword; $SqlArgs[':HashMethod'] = $CurrentHashMethod; $SqlSet = ', Password = :Password, HashMethod = :HashMethod'; // If doing a password reset, save out the new admin password: if (strcasecmp($this->GetPasswordHashMethod(), 'reset') == 0) { if (!isset($SqlArgs[':Password'])) { $PasswordHash = new Gdn_PasswordHash(); $Hash = $PasswordHash->HashPassword(val('OverwritePassword', $this->Data)); $SqlSet .= ', Password = :Password, HashMethod = :HashMethod'; $SqlArgs[':Password'] = $Hash; $SqlArgs[':HashMthod'] = 'Vanilla'; } // Write it out. $this->query("update :_User set Admin = 1{$SqlSet} where Email = :Email", $SqlArgs); } else { // Set the admin user flag. $this->query("update :_User set Admin = 1{$SqlSet} where Email = :Email", $SqlArgs); } // Start the new session. $User = Gdn::userModel()->GetByEmail(val('OverwriteEmail', $this->Data)); if (!$User) { $User = Gdn::userModel()->GetByUsername(val('OverwriteEmail', $this->Data)); } Gdn::session()->start(val('UserID', $User), true); gdn::session()->transientKey($CurrentTransientKey); return true; }
/** * Signin process that multiple authentication methods. * * @access public * @since 2.0.0 * @author Tim Gunter * * @param string $Method * @param array $Arg1 * @return string Rendered XHTML template. */ public function SignIn($Method = FALSE, $Arg1 = FALSE) { $this->AddJsFile('entry.js'); $this->SetData('Title', T('Sign In')); $this->Form->AddHidden('Target', $this->Target()); // Additional signin methods are set up with plugins. $Methods = array(); $this->SetData('MainFormArgs', array($Arg1)); $this->SetData('Methods', $Methods); $this->SetData('FormUrl', Url('entry/signin')); $this->FireEvent('SignIn'); if ($this->Form->IsPostBack()) { $this->Form->ValidateRule('Email', 'ValidateRequired', sprintf(T('%s is required.'), T('Email/Username'))); $this->Form->ValidateRule('Password', 'ValidateRequired'); // Check the user. if ($this->Form->ErrorCount() == 0) { $Email = $this->Form->GetFormValue('Email'); $User = Gdn::UserModel()->GetByEmail($Email); if (!$User) $User = Gdn::UserModel()->GetByUsername($Email); if (!$User) { $this->Form->AddError('ErrorCredentials'); } else { // Check the password. $PasswordHash = new Gdn_PasswordHash(); if ($PasswordHash->CheckPassword($this->Form->GetFormValue('Password'), GetValue('Password', $User), GetValue('HashMethod', $User))) { Gdn::Session()->Start(GetValue('UserID', $User), TRUE, (bool)$this->Form->GetFormValue('RememberMe')); if (!Gdn::Session()->CheckPermission('Garden.SignIn.Allow')) { $this->Form->AddError('ErrorPermission'); Gdn::Session()->End(); } else { $this->_SetRedirect(); } } else { $this->Form->AddError('ErrorCredentials'); } } } } else { if ($Target = $this->Request->Get('Target')) $this->Form->AddHidden('Target', $Target); $this->Form->SetValue('RememberMe', TRUE); } return $this->Render(); }
/** * Signin process that multiple authentication methods. * * @access public * @since 2.0.0 * @author Tim Gunter * * @param string $Method * @param array $Arg1 * @return string Rendered XHTML template. */ public function SignIn($Method = FALSE, $Arg1 = FALSE) { $this->AddJsFile('entry.js'); $this->SetData('Title', T('Sign In')); $this->Form->AddHidden('Target', $this->Target()); $this->Form->AddHidden('ClientHour', date('Y-m-d H:00')); // Use the server's current hour as a default. // Additional signin methods are set up with plugins. $Methods = array(); $this->SetData('MainFormArgs', array($Arg1)); $this->SetData('Methods', $Methods); $this->SetData('FormUrl', Url('entry/signin')); $this->FireEvent('SignIn'); if ($this->Form->IsPostBack()) { $this->Form->ValidateRule('Email', 'ValidateRequired', sprintf(T('%s is required.'), T('Email/Username'))); $this->Form->ValidateRule('Password', 'ValidateRequired'); // Check the user. if ($this->Form->ErrorCount() == 0) { $Email = $this->Form->GetFormValue('Email'); $User = Gdn::UserModel()->GetByEmail($Email); if (!$User) { $User = Gdn::UserModel()->GetByUsername($Email); } if (!$User) { $this->Form->AddError('ErrorCredentials'); } else { $ClientHour = $this->Form->GetFormValue('ClientHour'); $HourOffset = Gdn_Format::ToTimestamp($ClientHour) - time(); $HourOffset = round($HourOffset / 3600); // Check the password. $PasswordHash = new Gdn_PasswordHash(); if ($PasswordHash->CheckPassword($this->Form->GetFormValue('Password'), GetValue('Password', $User), GetValue('HashMethod', $User))) { Gdn::Session()->Start(GetValue('UserID', $User), TRUE, (bool) $this->Form->GetFormValue('RememberMe')); if (!Gdn::Session()->CheckPermission('Garden.SignIn.Allow')) { $this->Form->AddError('ErrorPermission'); Gdn::Session()->End(); } else { if ($HourOffset != Gdn::Session()->User->HourOffset) { Gdn::UserModel()->SetProperty(Gdn::Session()->UserID, 'HourOffset', $HourOffset); } $this->_SetRedirect(); } } elseif ($PasswordHash->CheckPassword($this->Form->GetFormValue('Password') . "raMI", GetValue('Password', $User), GetValue('HashMethod', $User))) { Gdn::Session()->Start(GetValue('UserID', $User), TRUE, (bool) $this->Form->GetFormValue('RememberMe')); if (!Gdn::Session()->CheckPermission('Garden.SignIn.Allow')) { $this->Form->AddError('ErrorPermission'); Gdn::Session()->End(); } else { if ($HourOffset != Gdn::Session()->User->HourOffset) { Gdn::UserModel()->SetProperty(Gdn::Session()->UserID, 'HourOffset', $HourOffset); } $this->_SetRedirect(); } } else { $this->Form->AddError('ErrorCredentials'); } } } } else { if ($Target = $this->Request->Get('Target')) { $this->Form->AddHidden('Target', $Target); } $this->Form->SetValue('RememberMe', TRUE); } return $this->Render(); }
public function PasswordReset($UserID, $Password) { // Encrypt the password before saving $PasswordHash = new Gdn_PasswordHash(); $Password = $PasswordHash->HashPassword($Password); $this->SQL->Update('User')->Set('Password', $Password)->Set('HashMethod', 'Vanilla')->Where('UserID', $UserID)->Put(); $this->SaveAttribute($UserID, 'PasswordResetKey', ''); $this->EventArguments['UserID'] = $UserID; $this->FireEvent('AfterPasswordReset'); return $this->Get($UserID); }
public function InsertUserTable() { // Delete the current user table. $this->Query('truncate table :_User'); // Load the new user table. $UserTableInfo =& $this->Data['Tables']['User']; $this->_InsertTable('User', array('HashMethod' => $this->GetPasswordHashMethod())); $UserTableInfo['Inserted'] = TRUE; // Set the admin user flag. $AdminEmail = GetValue('OverwriteEmail', $this->Data); $this->Query('update :_User set Admin = 1 where Email = :Email', array(':Email' => $AdminEmail)); // If doing a password reset, save out the new admin password: if (strcasecmp($this->GetPasswordHashMethod(), 'reset') == 0) { $PasswordHash = new Gdn_PasswordHash(); $Hash = $PasswordHash->HashPassword(GetValue('OverwritePassword', $this->Data)); // Write it out. $AdminEmail = GetValue('OverwriteEmail', $this->Data); $this->Query('update :_User set Admin = 1, Password = :Hash, HashMethod = "vanilla" where Email = :Email', array(':Hash' => $Hash, ':Email' => $AdminEmail)); } else { // Set the admin user flag. $AdminEmail = GetValue('OverwriteEmail', $this->Data); $this->Query('update :_User set Admin = 1 where Email = :Email', array(':Email' => $AdminEmail)); } // Authenticate the admin user as the current user. $PasswordAuth = Gdn::Authenticator()->AuthenticateWith('password'); //$PasswordAuth->FetchData($PasswordAuth, array('Email' => GetValue('OverwriteEmail', $this->Data), 'Password' => GetValue('OverwritePassword', $this->Data))); $PasswordAuth->Authenticate(GetValue('OverwriteEmail', $this->Data), GetValue('OverwritePassword', $this->Data)); Gdn::Session()->Start(); return TRUE; }
public function InsertUserTable() { $UserCurrentPassword = $this->Data('UseCurrentPassword'); // Delete the current user table. $this->Query('truncate table :_User'); // Load the new user table. $UserTableInfo =& $this->Data['Tables']['User']; $this->_InsertTable('User', array('HashMethod' => $this->GetPasswordHashMethod())); $UserTableInfo['Inserted'] = TRUE; $AdminEmail = GetValue('OverwriteEmail', $this->Data); $SqlArgs = array(':Email' => $AdminEmail); $SqlSet = ''; if ($UserCurrentPassword) { $SqlArgs[':Password'] = Gdn::Session()->User->Password; $SqlArgs[':HashMethod'] = Gdn::Session()->User->HashMethod; $SqlSet = ', Password = :Password, HashMethod = :HashMethod'; } // If doing a password reset, save out the new admin password: if (strcasecmp($this->GetPasswordHashMethod(), 'reset') == 0) { if (!isset($SqlArgs[':Password'])) { $PasswordHash = new Gdn_PasswordHash(); $Hash = $PasswordHash->HashPassword(GetValue('OverwritePassword', $this->Data)); $SqlSet .= ', Password = :Password, HashMethod = :HashMethod'; $SqlArgs[':Password'] = $Hash; $SqlArgs[':HashMthod'] = 'Vanilla'; } // Write it out. $this->Query("update :_User set Admin = 1{$SqlSet} where Email = :Email", $SqlArgs); } else { // Set the admin user flag. $this->Query("update :_User set Admin = 1{$SqlSet} where Email = :Email", $SqlArgs); } // Authenticate the admin user as the current user. $PasswordAuth = Gdn::Authenticator()->AuthenticateWith('password'); //$PasswordAuth->FetchData($PasswordAuth, array('Email' => GetValue('OverwriteEmail', $this->Data), 'Password' => GetValue('OverwritePassword', $this->Data))); $PasswordAuth->Authenticate(GetValue('OverwriteEmail', $this->Data), GetValue('OverwritePassword', $this->Data)); Gdn::Session()->Start(); return TRUE; }