/**
* Set a user's password
*
* @return bool
* @since 1.8.0
* @access private
*/
function elgg_set_user_password()
{
$current_password = get_input('current_password', null, false);
$password = get_input('password', null, false);
$password2 = get_input('password2', null, false);
$user_guid = get_input('guid');
if (!$user_guid) {
$user = elgg_get_logged_in_user_entity();
} else {
$user = get_entity($user_guid);
}
if ($user && $password) {
// let admin user change anyone's password without knowing it except his own.
if (!elgg_is_admin_logged_in() || elgg_is_admin_logged_in() && $user->guid == elgg_get_logged_in_user_guid()) {
$credentials = array('username' => $user->username, 'password' => $current_password);
try {
pam_auth_userpass($credentials);
} catch (LoginException $e) {
register_error(elgg_echo('LoginException:ChangePasswordFailure'));
return false;
}
}
try {
$result = validate_password($password);
} catch (RegistrationException $e) {
register_error($e->getMessage());
return false;
}
if ($result) {
if ($password == $password2) {
$user->salt = _elgg_generate_password_salt();
$user->password = generate_user_password($user, $password);
$user->code = '';
if ($user->guid == elgg_get_logged_in_user_guid() && !empty($_COOKIE['elggperm'])) {
// regenerate remember me code so no other user could
// use it to authenticate later
$code = _elgg_generate_remember_me_token();
$_SESSION['code'] = $code;
$user->code = md5($code);
setcookie("elggperm", $code, time() + 86400 * 30, "/");
}
if ($user->save()) {
system_message(elgg_echo('user:password:success'));
return true;
} else {
register_error(elgg_echo('user:password:fail'));
}
} else {
register_error(elgg_echo('user:password:fail:notsame'));
}
} else {
register_error(elgg_echo('user:password:fail:tooshort'));
}
} else {
// no change
return null;
}
return false;
}
/**
* Set a user's password
*
* @return bool
* @since 1.8.0
* @access private
*/
function elgg_set_user_password()
{
$current_password = get_input('current_password');
$password = get_input('password');
$password2 = get_input('password2');
$user_guid = get_input('guid');
if (!$user_guid) {
$user = elgg_get_logged_in_user_entity();
} else {
$user = get_entity($user_guid);
}
if ($user && $password) {
// let admin user change anyone's password without knowing it except his own.
if (!elgg_is_admin_logged_in() || elgg_is_admin_logged_in() && $user->guid == elgg_get_logged_in_user_guid()) {
$credentials = array('username' => $user->username, 'password' => $current_password);
try {
pam_auth_userpass($credentials);
} catch (LoginException $e) {
register_error(elgg_echo('LoginException:ChangePasswordFailure'));
return false;
}
}
try {
$result = validate_password($password);
} catch (RegistrationException $e) {
register_error($e->getMessage());
return false;
}
if ($result) {
if ($password == $password2) {
$user->salt = generate_random_cleartext_password();
// Reset the salt
$user->password = generate_user_password($user, $password);
if ($user->save()) {
system_message(elgg_echo('user:password:success'));
return true;
} else {
register_error(elgg_echo('user:password:fail'));
}
} else {
register_error(elgg_echo('user:password:fail:notsame'));
}
} else {
register_error(elgg_echo('user:password:fail:tooshort'));
}
} else {
// no change
return null;
}
return false;
}
/**
* Validate the login attempt of the user
*
* @param array $credentials the user credentials
*
* @throws LoginException
* @see register_pam_handler()
*
* @return null|bool
*/
function uservalidationbyadmin_pam_handler($credentials)
{
$result = null;
if (!empty($credentials) && is_array($credentials)) {
$username = elgg_extract("username", $credentials);
if (!empty($username)) {
$result = false;
// make sure we can see all users
$hidden = access_get_show_hidden_status();
access_show_hidden_entities(true);
$user = get_user_by_username($username);
if (!empty($user)) {
// check if the user is enabled
if ($user->isEnabled()) {
if ($user->isAdmin()) {
// admins can always login
$result = true;
} elseif (isset($user->admin_validated)) {
if (!$user->admin_validated) {
// this user should be admin validated
access_get_show_hidden_status($hidden);
// throw exception
throw new LoginException(elgg_echo("uservalidationbyadmin_pam_handler:failed"));
} else {
// user is validated
$result = true;
}
} else {
// user register before this plugin was activated
$result = true;
}
}
} else {
// throw exception
throw new LoginException(elgg_echo("login:baduser"));
}
// restore hidden status
access_get_show_hidden_status($hidden);
}
}
// user is validated, but does the password checkout?
if ($result) {
pam_auth_userpass($credentials);
}
return $result;
}
/**
* Set a user's password
*
* @return bool
* @since 1.8.0
*/
function elgg_set_user_password()
{
$current_password = get_input('current_password');
$password = get_input('password');
$password2 = get_input('password2');
$user_id = get_input('guid');
if (!$user_id) {
$user = elgg_get_logged_in_user_entity();
} else {
$user = get_entity($user_id);
}
if ($user && $password != "") {
// let admin user change anyone's password without knowing it except his own.
if (!elgg_is_admin_logged_in() || elgg_is_admin_logged_in() && $user->guid == elgg_get_logged_in_user_guid()) {
$credentials = array('username' => $user->username, 'password' => $current_password);
if (!pam_auth_userpass($credentials)) {
register_error(elgg_echo('user:password:fail:incorrect_current_password'));
return false;
}
}
if (strlen($password) >= 4) {
if ($password == $password2) {
$user->salt = generate_random_cleartext_password();
// Reset the salt
$user->password = generate_user_password($user, $password);
if ($user->save()) {
system_message(elgg_echo('user:password:success'));
return true;
} else {
register_error(elgg_echo('user:password:fail'));
}
} else {
register_error(elgg_echo('user:password:fail:notsame'));
}
} else {
register_error(elgg_echo('user:password:fail:tooshort'));
}
} else {
// no change
return null;
}
return false;
}
