function password_reset_link($account)
{
require_once 'AMP/Auth/Handler.inc.php';
$auth = new AMP_Authentication_Handler(AMP_dbcon(), 'content');
$secret = $auth->get_seed();
$auth_token = $auth->build_cookie_value($account->id, $account->getData('custom3'), $secret);
$auth->userid = $account->id;
$auth->save_session($auth_token, $secret);
return AMP_SITE_URL . "reset_password.php?authtype=temp&ContentLoginCredentials={$auth_token}";
}
function execute($options = array())
{
$options = array_merge($this->getOptions(), $options);
require_once 'AMP/Auth/Handler.inc.php';
$AMP_Auth_Handler = new AMP_Authentication_Handler($this->udm->dbcon, 'user');
$this->notice('just created auth handler');
$this->_handler = $AMP_Auth_Handler;
$this->notice('just set handler');
$AMP_Auth_Handler->userid = $options['uid'];
$authenticated = $AMP_Auth_Handler->is_authenticated();
$this->notice('just checked is_authenticated');
if (!$authenticated) {
$this->notice('not authenticated, doing login');
$AMP_Auth_Handler->do_login();
}
$this->udm->authorized = $authenticated;
$this->notice('we are authenticated');
/*
$authStatus = false;
$uid = $options[ 'uid' ];
$pass = $options[ 'pass' ];
$dbcon = $this->udm->dbcon;
if ( $uid && $pass ) {
$encrypted_pass = sha1( $pass );
$sql = "SELECT id, password from userdata WHERE".
$sql .= " id=". $dbcon->qstr( $uid );
$sql .= " AND password="******"Couldn't obtain login information: " . $dbcon->ErrorMsg() );
if ( !$rs ) return $this->_failAuth( );
} elseif ( $uid ) {
if ( !$this->readAuthCookie( )) return $this->_failAuth( );
}
$authStatus = true;
$this->udm->authorized = true;
*/
$this->notice('setting udm->uid to auth handlers - ' . $AMP_Auth_Handler->userid);
$this->udm->uid = $AMP_Auth_Handler->userid;
return $this->udm->uid;
/*
* $this->udm->pass = $pass;
$this->_setAuthCookie( $uid, $pass );
*/
}
<?php
require 'AMP/Base/Config.php';
require_once 'AMP/System/User/Profile/Profile.php';
require_once 'AMP/UserData/Input.inc.php';
require_once 'AMP/Auth/Handler.inc.php';
$AMP_Authen_Handler = new AMP_Authentication_Handler(AMP_Registry::getDbcon(), 'content');
if (!$AMP_Authen_Handler->is_authenticated()) {
$AMP_Authen_Handler->do_login();
}
$udm = new UserDataInput(AMP_dbcon(), 20);
$udm->getUser($AMP_Authen_Handler->getUserId());
// Hide fields that should be present on the signup form, but not on the edit form
// Custom1 = username
// Custom2 = password
// remember users email field so we can use it later when we save
$email = $udm->fields['Email'];
// Remove non-editable fields so that they don't display on the form
$non_editable_fields = array('custom1', 'custom2', 'Email');
foreach ($non_editable_fields as $field_name) {
unset($udm->fields[$field_name]);
}
// if there is POST data, save and redirect back to self.
if (isset($_POST['btnUdmSubmit'])) {
// add email field back in so DIA syncing works
if (empty($udm->fields['Email'])) {
$udm->fields['Email'] = $email;
//add the email back in the post so that the udm save function doesn't throw a validation error.
$_POST['Email'] = $email['value'];
}
$udm->saveUser();
function AMP_Authenticate($loginType = 'content', $do_login = false)
{
static $auth_status = array();
if (isset($auth_status[$loginType]) && $auth_status[$loginType]) {
return $auth_status[$loginType];
}
require_once 'AMP/Auth/Handler.inc.php';
$AMP_Authen_Handler = new AMP_Authentication_Handler(AMP_Registry::getDbcon(), $loginType);
if (!($auth_status[$loginType] = $AMP_Authen_Handler->is_authenticated())) {
if ($do_login) {
$AMP_Authen_Handler->do_login();
}
}
return $auth_status[$loginType];
}
<?php
require_once 'AMP/Base/Config.php';
require_once 'AMP/Auth/Password/Reset/Form.php';
require_once 'AMP/System/User/Profile/Profile.php';
require_once 'AMP/Auth/Handler.inc.php';
#require_once( 'AMP/BaseTemplate.php' );
#require_once( 'AMP/BaseModuleIntro.php' );
// define('AMP_AUTHENTICATION_DEBUG',true);
$AMP_Authen_Handler = new AMP_Authentication_Handler(AMP_Registry::getDbcon(), 'content');
if (!$AMP_Authen_Handler->is_authenticated()) {
AMP_flashMessage('You need to submit another password reset request, as yours has expired');
$AMP_Authen_Handler->do_login();
}
$password_reset_form = new AMP_Auth_Password_Reset_Form();
$password_reset_form->Build();
if ($_POST['new_password']) {
$passwords = $password_reset_form->getValues();
$user = new AMP_System_User_Profile(AMP_dbcon(), $AMP_Authen_Handler->userid);
if ($user->reset_password($passwords, 'custom2')) {
global $dbcon;
$dbcon->Execute('DELETE FROM users_sessions where hash=' . $dbcon->qstr($hash));
AMP_flashMessage('Password reset successful');
AMP_redirect('profile.php');
} else {
AMP_flashMessage('Passwords do not match');
}
}
echo $password_reset_form->execute();
require_once 'AMP/BaseFooter.php';
<?php
/*****
*
* AMP Authentication Handler
*
* The inclusion of this file will require authentication to succeed before
* allowing access to any pages. It provides username and password information
* by setting the $_SYSTEM['REMOTE_USER'] and $_SYSTEM['REMOTE_GROUP']
*
*****/
//ob_start();
require_once 'AMP/Auth/Handler.inc.php';
$AMP_Authen_Handler = new AMP_Authentication_Handler($dbcon);
// we have disabled old school default passwords
if (isset($_POST['AMPLogin_password']) && ($_POST['AMPLogin_password'] == 'changeme' || $_POST['AMPLogin_password'] == 'chang#th1s')) {
$AMP_Authen_Handler->set_message('Default Passwords are no longer available. Please contact <a style="color:#a5e2ff" href="mailto:help@radicaldesigns.org">help@radicaldesigns.org</a> for a new password.');
$AMP_Authen_Handler->do_login();
}
if (!$AMP_Authen_Handler->is_authenticated()) {
$AMP_Authen_Handler->do_login();
} else {
define('AMP_USERMODE_ADMIN', true);
}
AMP_init_user();
$AMP_Authen_Handler->redirect_page();
if (!empty($_POST)) {
AMP_flush_common_cache();
}
