/** * Update password * * @param object $userinfo User info * @param object &$existinguser Existing user * @param array &$status Status * * @return void */ function updatePassword($userinfo, &$existinguser, &$status) { $db = JFusionFactory::getDatabase($this->getJname()); require_once JPATH_ADMINISTRATOR . '/components/com_jfusion/models/model.factory.php'; $JFusionAuth = JFusionFactory::getAuth($this->getJname()); $helper =& JFusionFactory::getHelper($this->getJname()); $existinguser->remember_key = $helper->generateRandomString(40); $existinguser->password_salt = $helper->generateRandomString(64); $authinfo['salt'] = $existinguser->password_salt; $authinfo['hashFunc'] = 'sha256'; $authinfo['hash'] = $JFusionAuth->generateEncryptedPassword($existinguser); $data = $db->getEscaped(serialize($authinfo)); // Store updated password $query = "UPDATE xf_user_authenticate\n\t\tSET scheme_class = 'XenForo_Authentication_Core',\n\t\tdata = '{$data}',\n\t\tremember_key = '{$existinguser->remember_key}'\n\t\tWHERE user_id = {$existinguser->userid}"; $db->setQuery($query); if (!$db->query()) { $status['error'][] = JText::_('PASSWORD_UPDATE_ERROR') . $db->stderr(); } else { $status['debug'][] = JText::_('PASSWORD_UPDATE') . ' ' . substr($authinfo['hash'], 0, 6) . '********'; } }
/** * Create the user authorisation record for XenForum * * @param object $userinfo User info * * @return stdClass */ private function createAuthObject($userinfo) { $authRecord = new stdClass(); $authRecord->user_id = $userinfo->user_id; $authRecord->remember_key = $this->generateRandomString(40); if (!empty($userinfo->password_clear)) { //require_once JPATH_ADMINISTRATOR . '/components/com_jfusion/models/model.factory.php'; $JFusionAuth = JFusionFactory::getAuth($this->getJname()); // We have the original password, so use the xenforo encoding $authRecord->scheme_class = 'XenForo_Authentication_Core'; $userinfo->scheme_class = $authRecord->scheme_class; $userinfo->hashFunc = 'sha256'; $userinfo->password_salt = $this->generateRandomString(64); /* {hash, salt, hashFunc) */ $data['hash'] = $JFusionAuth->generateEncryptedPassword($userinfo); $data['hashFunc'] = $userinfo->hashFunc; $data['salt'] = $userinfo->password_salt; } else { /* {hash, salt) */ // No original password, so use the Joomla class for authentication $authRecord->scheme_class = 'JoomlaBridge_Authentication_Joomla'; $data['hash'] = $userinfo->password; $data['salt'] = $userinfo->password_salt; } $authRecord->data = serialize($data); return $authRecord; }