function admin_reset_user_password($uid, $password)
{
if (!($db = db::get())) {
return false;
}
if (!is_numeric($uid)) {
return false;
}
$salt = user_password_salt();
$passhash = user_password_encrypt($password, $salt);
$salt = $db->escape($salt);
$passhash = $db->escape($passhash);
$sql = "UPDATE USER SET PASSWD = '{$passhash}', SALT = '{$salt}' ";
$sql .= "WHERE UID = '{$uid}'";
if (!$db->query($sql)) {
return false;
}
return true;
}
function user_logon($logon, $password)
{
if (!($db = db::get())) {
return false;
}
$logon = $db->escape(mb_strtoupper($logon));
$email = $db->escape($logon);
$ipaddress = get_ip_address();
$ipaddress = $db->escape($ipaddress);
$sql = "SELECT UID, PASSWD, SALT FROM USER WHERE LOGON = '{$logon}' OR EMAIL = '{$email}'";
if (!($result = $db->query($sql))) {
return false;
}
if ($result->num_rows == 0) {
return false;
}
list($uid, $passhash, $salt) = $result->fetch_row();
if (md5($password) == $passhash && strlen(trim($salt)) == 0) {
if (!user_reset_password($uid, $password, $passhash)) {
return false;
}
return $uid;
}
if (user_password_encrypt($password, $salt) != $passhash) {
return false;
}
$sql = "UPDATE LOW_PRIORITY USER SET IPADDRESS = '{$ipaddress}' WHERE UID = '{$uid}'";
if (!($result = $db->query($sql))) {
return false;
}
user_prune_expired_tokens($uid);
return $uid;
}