/** * Set a user's password * * @return bool * @since 1.8.0 * @access private */ function elgg_set_user_password() { $current_password = get_input('current_password', null, false); $password = get_input('password', null, false); $password2 = get_input('password2', null, false); $user_guid = get_input('guid'); if (!$user_guid) { $user = elgg_get_logged_in_user_entity(); } else { $user = get_entity($user_guid); } if ($user && $password) { // let admin user change anyone's password without knowing it except his own. if (!elgg_is_admin_logged_in() || elgg_is_admin_logged_in() && $user->guid == elgg_get_logged_in_user_guid()) { $credentials = array('username' => $user->username, 'password' => $current_password); try { pam_auth_userpass($credentials); } catch (LoginException $e) { register_error(elgg_echo('LoginException:ChangePasswordFailure')); return false; } } try { $result = validate_password($password); } catch (RegistrationException $e) { register_error($e->getMessage()); return false; } if ($result) { if ($password == $password2) { $user->salt = _elgg_generate_password_salt(); $user->password = generate_user_password($user, $password); $user->code = ''; if ($user->guid == elgg_get_logged_in_user_guid() && !empty($_COOKIE['elggperm'])) { // regenerate remember me code so no other user could // use it to authenticate later $code = _elgg_generate_remember_me_token(); $_SESSION['code'] = $code; $user->code = md5($code); setcookie("elggperm", $code, time() + 86400 * 30, "/"); } if ($user->save()) { system_message(elgg_echo('user:password:success')); return true; } else { register_error(elgg_echo('user:password:fail')); } } else { register_error(elgg_echo('user:password:fail:notsame')); } } else { register_error(elgg_echo('user:password:fail:tooshort')); } } else { // no change return null; } return false; }
/** * Set a user's password * * @return bool * @since 1.8.0 * @access private */ function elgg_set_user_password() { $current_password = get_input('current_password'); $password = get_input('password'); $password2 = get_input('password2'); $user_guid = get_input('guid'); if (!$user_guid) { $user = elgg_get_logged_in_user_entity(); } else { $user = get_entity($user_guid); } if ($user && $password) { // let admin user change anyone's password without knowing it except his own. if (!elgg_is_admin_logged_in() || elgg_is_admin_logged_in() && $user->guid == elgg_get_logged_in_user_guid()) { $credentials = array('username' => $user->username, 'password' => $current_password); try { pam_auth_userpass($credentials); } catch (LoginException $e) { register_error(elgg_echo('LoginException:ChangePasswordFailure')); return false; } } try { $result = validate_password($password); } catch (RegistrationException $e) { register_error($e->getMessage()); return false; } if ($result) { if ($password == $password2) { $user->salt = generate_random_cleartext_password(); // Reset the salt $user->password = generate_user_password($user, $password); if ($user->save()) { system_message(elgg_echo('user:password:success')); return true; } else { register_error(elgg_echo('user:password:fail')); } } else { register_error(elgg_echo('user:password:fail:notsame')); } } else { register_error(elgg_echo('user:password:fail:tooshort')); } } else { // no change return null; } return false; }
/** * Validate the login attempt of the user * * @param array $credentials the user credentials * * @throws LoginException * @see register_pam_handler() * * @return null|bool */ function uservalidationbyadmin_pam_handler($credentials) { $result = null; if (!empty($credentials) && is_array($credentials)) { $username = elgg_extract("username", $credentials); if (!empty($username)) { $result = false; // make sure we can see all users $hidden = access_get_show_hidden_status(); access_show_hidden_entities(true); $user = get_user_by_username($username); if (!empty($user)) { // check if the user is enabled if ($user->isEnabled()) { if ($user->isAdmin()) { // admins can always login $result = true; } elseif (isset($user->admin_validated)) { if (!$user->admin_validated) { // this user should be admin validated access_get_show_hidden_status($hidden); // throw exception throw new LoginException(elgg_echo("uservalidationbyadmin_pam_handler:failed")); } else { // user is validated $result = true; } } else { // user register before this plugin was activated $result = true; } } } else { // throw exception throw new LoginException(elgg_echo("login:baduser")); } // restore hidden status access_get_show_hidden_status($hidden); } } // user is validated, but does the password checkout? if ($result) { pam_auth_userpass($credentials); } return $result; }
/** * Set a user's password * * @return bool * @since 1.8.0 */ function elgg_set_user_password() { $current_password = get_input('current_password'); $password = get_input('password'); $password2 = get_input('password2'); $user_id = get_input('guid'); if (!$user_id) { $user = elgg_get_logged_in_user_entity(); } else { $user = get_entity($user_id); } if ($user && $password != "") { // let admin user change anyone's password without knowing it except his own. if (!elgg_is_admin_logged_in() || elgg_is_admin_logged_in() && $user->guid == elgg_get_logged_in_user_guid()) { $credentials = array('username' => $user->username, 'password' => $current_password); if (!pam_auth_userpass($credentials)) { register_error(elgg_echo('user:password:fail:incorrect_current_password')); return false; } } if (strlen($password) >= 4) { if ($password == $password2) { $user->salt = generate_random_cleartext_password(); // Reset the salt $user->password = generate_user_password($user, $password); if ($user->save()) { system_message(elgg_echo('user:password:success')); return true; } else { register_error(elgg_echo('user:password:fail')); } } else { register_error(elgg_echo('user:password:fail:notsame')); } } else { register_error(elgg_echo('user:password:fail:tooshort')); } } else { // no change return null; } return false; }