function alter($data)
{
$other = User::by_login($data['login'], false);
if ($other !== false && $other->userid != $this->userid) {
throw new Exception("Another user with that login already exists");
}
if ($data['auth_method'] == 'pass') {
if (isset($data['password'])) {
$data['password'] = make_salted_password_hash($data['password']);
} else {
$data['password'] = $this->password;
}
} else {
if ($data['auth_method'] == 'ldap') {
// keep old password
$data['password'] = $this->password;
} else {
throw new InternalException("Unsupported auth_method: {$auth_method}");
}
}
$data['is_admin'] = $data['is_admin'] ? 1 : 0;
static $query;
DB::prepare_query($query, "UPDATE `user` SET `login` = :login, `password` = :password, `auth_method` = :auth_method, `firstname` = :firstname, `midname` = :midname, `lastname` = :lastname, `email` = :email, `class` = :class, `notes` = :notes, `is_admin` = :is_admin" . " WHERE `userid` = :userid");
$query->execute($data);
$query->closeCursor();
}
static function login($login, $pass)
{
// Authenticate using password
$user = User::by_login($login, false);
if ($user) {
$user->check_password($pass);
} else {
if (LDAP_CREATE_USER) {
$user = User::add_from_ldap($login, $pass);
}
}
if (!$user) {
throw new NotFoundException("User not found: {$login}");
}
// Done
Authentication::set_current_user($user);
}
