/**
* Checks a person's login information.
*
* @since 6.2.0
* @param string $login Person's username or email address.
* @param string $password Person's password.
* @param string $rememberme Whether to remember the person.
*/
function etsis_authenticate_person($login, $password, $rememberme)
{
$app = \Liten\Liten::getInstance();
if (empty($login) || empty($password)) {
if (empty($login)) {
$app->flash('error_message', _t('<strong>ERROR</strong>: The username/email field is empty.'));
}
if (empty($password)) {
$app->flash('error_message', _t('<strong>ERROR</strong>: The password field is empty.'));
}
redirect(get_base_url() . 'login' . '/');
return;
}
if (filter_var($login, FILTER_VALIDATE_EMAIL)) {
$person = get_person_by('email', $login);
if (false == $person->email) {
$app->flash('error_message', _t('<strong>ERROR</strong>: Invalid email address.'));
redirect(get_base_url() . 'login' . '/');
return;
}
} else {
$person = get_person_by('uname', $login);
if (false == $person->uname) {
$app->flash('error_message', _t('<strong>ERROR</strong>: Invalid username.'));
redirect(get_base_url() . 'login' . '/');
return;
}
}
if (!etsis_check_password($password, $person->password, _h($person->personID))) {
$app->flash('error_message', _t('<strong>ERROR</strong>: The password you entered is incorrect.'));
redirect(get_base_url() . 'login' . '/');
return;
}
/**
* Filters log in details.
*
* @since 6.2.0
* @param string $login Person's username or email address.
* @param string $password Person's password.
* @param string $rememberme Whether to remember the person.
*/
$person = $app->hook->apply_filter('etsis_authenticate_person', $login, $password, $rememberme);
return $person;
}
/**
* Checks a plain text password against a hashed password.
*
* @deprecated since release 6.2.0
* @since 1.0.0
* @param string $password
* Plain test password.
* @param string $hash
* Hashed password in the database to check against.
* @param int $person_id
* Person ID.
* @return mixed
*/
function et_check_password($password, $hash, $person_id = '')
{
_deprecated_function(__FUNCTION__, '6.2.0', 'etsis_check_password');
return etsis_check_password($password, $hash, $person_id);
}
});
$app->match('GET|POST', '/password/', function () use($app, $flashNow) {
if ($app->req->isPost()) {
$pass = $app->db->person()->select('personID,password')->where('personID = ?', get_persondata('personID'));
$q = $pass->find(function ($data) {
$array = [];
foreach ($data as $d) {
$array[] = $d;
}
return $array;
});
$a = [];
foreach ($q as $r) {
$a[] = $r;
}
if (etsis_check_password($_POST['currPass'], $r['password'], $r['personID'])) {
$sql = $app->db->person();
$sql->password = etsis_hash_password($_POST['newPass']);
$sql->where('personID = ?', get_persondata('personID'));
if ($sql->update()) {
/**
* @since 6.1.07
*/
$pass = [];
$pass['pass'] = $_POST['newPass'];
$pass['personID'] = get_persondata('personID');
$pass['uname'] = get_persondata('uname');
$pass['fname'] = get_persondata('fname');
$pass['lname'] = get_persondata('lname');
$pass['email'] = get_persondata('email');
/**
