/** * Checks a person's login information. * * @since 6.2.0 * @param string $login Person's username or email address. * @param string $password Person's password. * @param string $rememberme Whether to remember the person. */ function etsis_authenticate_person($login, $password, $rememberme) { $app = \Liten\Liten::getInstance(); if (empty($login) || empty($password)) { if (empty($login)) { $app->flash('error_message', _t('<strong>ERROR</strong>: The username/email field is empty.')); } if (empty($password)) { $app->flash('error_message', _t('<strong>ERROR</strong>: The password field is empty.')); } redirect(get_base_url() . 'login' . '/'); return; } if (filter_var($login, FILTER_VALIDATE_EMAIL)) { $person = get_person_by('email', $login); if (false == $person->email) { $app->flash('error_message', _t('<strong>ERROR</strong>: Invalid email address.')); redirect(get_base_url() . 'login' . '/'); return; } } else { $person = get_person_by('uname', $login); if (false == $person->uname) { $app->flash('error_message', _t('<strong>ERROR</strong>: Invalid username.')); redirect(get_base_url() . 'login' . '/'); return; } } if (!etsis_check_password($password, $person->password, _h($person->personID))) { $app->flash('error_message', _t('<strong>ERROR</strong>: The password you entered is incorrect.')); redirect(get_base_url() . 'login' . '/'); return; } /** * Filters log in details. * * @since 6.2.0 * @param string $login Person's username or email address. * @param string $password Person's password. * @param string $rememberme Whether to remember the person. */ $person = $app->hook->apply_filter('etsis_authenticate_person', $login, $password, $rememberme); return $person; }
/** * Checks a plain text password against a hashed password. * * @deprecated since release 6.2.0 * @since 1.0.0 * @param string $password * Plain test password. * @param string $hash * Hashed password in the database to check against. * @param int $person_id * Person ID. * @return mixed */ function et_check_password($password, $hash, $person_id = '') { _deprecated_function(__FUNCTION__, '6.2.0', 'etsis_check_password'); return etsis_check_password($password, $hash, $person_id); }
}); $app->match('GET|POST', '/password/', function () use($app, $flashNow) { if ($app->req->isPost()) { $pass = $app->db->person()->select('personID,password')->where('personID = ?', get_persondata('personID')); $q = $pass->find(function ($data) { $array = []; foreach ($data as $d) { $array[] = $d; } return $array; }); $a = []; foreach ($q as $r) { $a[] = $r; } if (etsis_check_password($_POST['currPass'], $r['password'], $r['personID'])) { $sql = $app->db->person(); $sql->password = etsis_hash_password($_POST['newPass']); $sql->where('personID = ?', get_persondata('personID')); if ($sql->update()) { /** * @since 6.1.07 */ $pass = []; $pass['pass'] = $_POST['newPass']; $pass['personID'] = get_persondata('personID'); $pass['uname'] = get_persondata('uname'); $pass['fname'] = get_persondata('fname'); $pass['lname'] = get_persondata('lname'); $pass['email'] = get_persondata('email'); /**