/**
  * Checks if the provided CURRENT password is correct and calls the parent
  * class function if so. Otherwise provides error message.
  *
  * @see the parent class function for parameters and return value
  */
 public function recordUserSettings()
 {
     try {
         $passwordCurrent = Common::getRequestvar('passwordCurrent', false);
         $passwordCurrent = Crypto::decrypt($passwordCurrent);
         // Note: Compare loosely, so both, "" (password input empty; forms send strings)
         //       and "password input not sent" are covered - see
         //       https://secure.php.net/manual/en/types.comparisons.php
         if ($passwordCurrent != "") {
             $userName = Piwik::getCurrentUserLogin();
             // gets username as string or "anonymous"
             // see Piwik\Plugins\Login\Auth for used password hash function
             // (in setPassword()) and access to hashed password (in getTokenAuthSecret())
             if ($userName != 'anonymous') {
                 $model = new Model();
                 $user = $model->getUser($userName);
                 if (UsersManagerEncrypted::getPasswordHash($passwordCurrent) === $user['password']) {
                     $toReturn = parent::recordUserSettings();
                 } else {
                     throw new Exception(Piwik::translate('UsersManagerEncrypted_CurrentPasswordIncorrect'));
                 }
             } else {
                 throw new Exception(Piwik::translate('UsersManagerEncrypted_UserNotAuthenticated'));
             }
         } else {
             throw new Exception(Piwik::translate('UsersManagerEncrypted_CurrentPasswordNotProvided'));
         }
     } catch (Exception $e) {
         $response = new ResponseBuilder(Common::getRequestVar('format'));
         $toReturn = $response->getResponseException($e);
     }
     return $toReturn;
 }
 /**
  * Decrypts the password (if encrypted) and calls the original function on
  * the decrypted value.
  *
  * @see the parent class function for parameters and return value
  */
 public function updateUser($userLogin, $password = false, $email = false, $alias = false, $_isPasswordHashed = false, $directCall = false)
 {
     // check if this function is called directly
     // Reason: updateUser() is called in following situations:
     //         1. With an already decrypted password by:
     //            * Piwik\Plugins\Login\PasswordResetter::confirmNewPassword()
     //              on password change via the form before login
     //            * Controller::processPasswordChange() when any user changes
     //              their own password in their account settings
     //         2. With an encrypted password when called directly by (so,
     //            decryption is needed in this case):
     //            * /plugins/UsersManagerEncrypted/javascripts/usersManager.js::sendUpdateUserAJAX()
     //              when a super user changes someone's password in Piwik user administration.
     if ($directCall == 'true') {
         $password = Crypto::decrypt($password);
     }
     return parent::updateUser($userLogin, $password, $email, $alias, $_isPasswordHashed);
 }
 /**
  * Gets the password from the HTML form, decrypts it and writes the decrypted
  * value back into the _POST request.
  * Note: Writing to _POST directly, as there doesn't seem to be another way. E.g., if
  *       value is replaced as in https://pear.php.net/manual/en/package.html.html-quickform2.qf-migration.php
  *       (using array_unshift()), it would not persist, as a "new" object instance
  *       will re-read its sources (i.e. _POST).
  *
  * @param QuickForm2 $form The HTML form which the password is part of
  * @param string $passwordInputId The input ID of the password field on the HTML form
  * @throws Exception if decryption fails
  */
 protected function decryptPassword($form, $passwordInputId)
 {
     $password = $form->getSubmitValue($passwordInputId);
     // check if a password was submitted
     // Note: Compare loosely, so both, "" (password input empty; forms send strings)
     //       and NULL (password input not sent - see QuickForm2->getSubmitValue())
     //       are covered - see https://secure.php.net/manual/en/types.comparisons.php
     if ($password != "") {
         // decrypt and replace password
         $password = Crypto::decrypt($password);
         if ($password === Crypto::DECRYPTION_FAILED) {
             throw new Exception(Piwik::translate('LoginEncrypted_DecryptionError'));
         }
         $_POST[$passwordInputId] = $password;
     }
 }