function do_x_post_password_cb() { //snag from wp-login.php:386-393 require_once ABSPATH . 'wp-includes/class-phpass.php'; // By default, use the portable hash from phpass $wp_hasher = new PasswordHash(8, true); // 10 days setcookie('wp-postpass_' . COOKIEHASH, $wp_hasher->HashPassword(stripslashes($_POST['pass'])), time() + 864000, COOKIEPATH); //fake it so it's available in the loop below $_COOKIE['wp-postpass_' . COOKIEHASH] = $wp_hasher->HashPassword(stripslashes($_POST['pass'])); $q = new WP_Query("p={$_POST['pid']}"); if ($q->have_posts()) { while ($q->have_posts()) { $q->the_post(); // verifies password hash if (post_password_required()) { wp_send_json_error('Invalid password'); } // get post title ob_start(); the_title(sprintf('<a href="%s" rel="bookmark">', esc_url(get_permalink())), '</a>'); $title = ob_get_clean(); // get post content ob_start(); the_content(); $content = ob_get_clean(); } } wp_reset_postdata(); $return = array('title' => $title, 'content' => $content); wp_send_json_success($return); }
/** * Logs in a user. Returns boolean indicating the result. * * @param string $userName Username of the person logging in. * @param string $password Password in plain text of the person logging in. **/ function LoginUser($userName, $password) { if ($stmt = $this->dbConnect->prepare("SELECT password FROM usersinfo WHERE username=?")) { $stmt->bind_param("s", $userName); $stmt->execute(); $stmt->bind_result($hashedPassword); $stmt->fetch(); $stmt->close(); $pwdHasher = new PasswordHash(8, FALSE); $hashString = $pwdHasher->HashPassword($password); // Tests to determine if hashing is the issue with the login problem. /* $hashString = $pwdHasher->HashPassword($password); echo "The password entered is " . $password . "<br />"; echo "The hashed string is " . $hashString . "<br />"; echo "The hashed password to compare against is " . $hashedPassword; */ //if($pwdHasher->CheckPassword($password, $hashedPassword)) if ($pwdHasher->CheckPassword($hashString, $hashedPassword)) { } echo $userName; $_SESSION['username'] = $userName; return true; } return false; }
static function is_password_protected() { global $post; $private_post = array('allowed' => false, 'error' => ''); if (isset($_POST['submit_password'])) { // when we have a submision check the password and its submision if (isset($_POST['submit_password_nonce']) && wp_verify_nonce($_POST['submit_password_nonce'], 'password_protection')) { if (isset($_POST['post_password']) && !empty($_POST['post_password'])) { // some simple checks on password // finally test if the password submitted is correct if ($post->post_password === $_POST['post_password']) { $private_post['allowed'] = true; // ok if we have a correct password we should inform wordpress too // otherwise the mad dog will put the password form again in the_content() and other filters global $wp_hasher; if (empty($wp_hasher)) { require_once ABSPATH . 'wp-includes/class-phpass.php'; $wp_hasher = new PasswordHash(8, true); } setcookie('wp-postpass_' . COOKIEHASH, $wp_hasher->HashPassword(stripslashes($_POST['post_password'])), 0, COOKIEPATH); } else { $private_post['error'] = '<h4 class="text--error">Wrong Password</h4>'; } } } } if (isset($_COOKIE['wp-postpass_' . COOKIEHASH]) && get_permalink() == wp_get_referer()) { $private_post['error'] = '<h4 class="text--error">Wrong Password</h4>'; } return $private_post; }
/** * Create a user account * * @access public * @param string * @param string * @param bool * @return bool */ function create($email, $name, $pass, $project, $manager, $privilege, $photo, $auto_login = true) { $this->CI =& get_instance(); //Make sure account info was sent if ($email == '' or $pass == '') { return false; } //Check against user table $this->CI->db->where('email', $email); $query = $this->CI->db->get_where($this->table); if ($query->num_rows() > 0) { //email already exists return false; } //Hash pass using phpass $hasher = new PasswordHash(PHPASS_HASH_STRENGTH, PHPASS_HASH_PORTABLE); $pass_hashed = $hasher->HashPassword($pass); //Insert account into the database $data = array('email' => $email, 'name' => $name, 'pass' => $pass_hashed, 'project' => $project, 'manager' => $manager, 'privilege' => $privilege, 'photo' => $photo, 'date' => date('o-m-d H:i:s'), 'modified' => date('o-m-d H:i:s')); $this->CI->db->set($data); if (!$this->CI->db->insert($this->table)) { //There was a problem! return false; } if ($auto_login) { $this->login($email, $pass); } return true; }
public function newAccount($email, $fname, $lname, $password) { $this->first_name = $fname; $this->last_name = $lname; $this->email = $email; if (!$this->validateData()) { return false; } if (strlen($password) > 20) { return false; } $hasher = new PasswordHash(8, false); //create a hash $hash = $hasher->HashPassword($password); $this->password_hash = $hash; try { $this->save(); return true; } catch (PDOException $e) { //get errors, such as if email already exists in DB if ($e->getCode() == 1062) { $this->error_msg = 'Email already exists in Database'; } return false; } }
function wp_new_user_notification($user_id, $deprecated = null, $notify = '') { if ($deprecated !== null) { _deprecated_argument(__FUNCTION__, '4.3.1'); } // `$deprecated was pre-4.3 `$plaintext_pass`. An empty `$plaintext_pass` didn't sent a user notifcation. if ('admin' === $notify || empty($deprecated) && empty($notify)) { return; } global $wpdb, $wp_hasher; $user = get_userdata($user_id); // The blogname option is escaped with esc_html on the way into the database in sanitize_option // we want to reverse this for the plain text arena of emails. $blogname = wp_specialchars_decode(get_option('blogname'), ENT_QUOTES); // Generate something random for a password reset key. $key = wp_generate_password(20, false); /** This action is documented in wp-login.php */ do_action('retrieve_password_key', $user->user_login, $key); // Now insert the key, hashed, into the DB. if (empty($wp_hasher)) { require_once ABSPATH . WPINC . '/class-phpass.php'; $wp_hasher = new PasswordHash(8, true); } $hashed = time() . ':' . $wp_hasher->HashPassword($key); $wpdb->update($wpdb->users, array('user_activation_key' => $hashed), array('user_login' => $user->user_login)); $message = sprintf(__('Username: %s'), $user->user_login) . "\r\n\r\n"; $message .= __('To set your password, visit the following address:') . "\r\n\r\n"; $message .= '<' . network_site_url("wp-login.php?action=rp&key={$key}&login="******">\r\n\r\n"; $message .= wp_login_url() . "\r\n"; wp_mail($user->user_email, sprintf(__('[%s] Your username and password info'), $blogname), $message); }
function on_before_validate($values) { if ($values['username'] == "" || $values['username'] == NULL) { $this->password_in_clear = $password = $this->random_password(); $ci = CI_Controller::get_instance(); $ci->load->helper('url'); $ci->load->library('session'); $ci->load->library('extemplate'); $ci->load->library("email"); $ci->load->config('tank_auth', TRUE); $hasher = new PasswordHash($ci->config->item('phpass_hash_strength', 'tank_auth'), $ci->config->item('phpass_hash_portable', 'tank_auth')); $hashed_password = $hasher->HashPassword($password); $values["password"] = $hashed_password; $values["created"] = datetime_now(); $values['username'] = trim($values['email']); $values["last_ip"] = $_SERVER['REMOTE_ADDR']; $data = $values; $data['site_name'] = 'http://www.ressphere.com'; $data['password'] = $this->password_in_clear; if ($ci->config->item('email_account_details')) { base::_begin_send_email('Welcome to', $data['email'], $data, $ci); } } return parent::on_before_validate($values); }
private function changePassword() { $uid = $_SESSION['session']->getUserId(); if ($this->errno !== 0 && $this->errno !== 1) { return; } if (!$this->checker->checkPassword($_POST['profilPassword'])) { $this->errno = 3; $this->error = 'Das angegebene Passwort ist nicht gültig.'; return; } if ($_POST['profilPassword'] !== $_POST['profilPwdWdh']) { $this->errno = 4; $this->error = 'Die angegebenen Passwörter stimmen nicht überein.'; return; } $this->errno = 0; $this->error = ''; $hasher = new PasswordHash(8, false); $pwd = $hasher->HashPassword($_POST['profilPassword']); $db = Database::getDbObject(); $stmt = $db->stmt_init(); $stmt->prepare("UPDATE `users` SET `password` = ? WHERE `id` = ?;"); $stmt->bind_param('si', $pwd, $uid); $success = $stmt->execute(); if (!$success || $stmt->errno) { $this->errno = $stmt->errno; $this->error = 'Es ist ein Datenbankfehler aufgetreten. Bitte versuchen Sie es später noch einmal.'; } }
public function reset_pwd_and_notify() { $new_password = PerchUser::generate_password(); $data = array(); // check which type of password - default is portable if (defined('PERCH_NONPORTABLE_HASHES') && PERCH_NONPORTABLE_HASHES) { $portable_hashes = false; } else { $portable_hashes = true; } $Hasher = new PasswordHash(8, $portable_hashes); $data['userPassword'] = $Hasher->HashPassword($new_password); $this->update($data); $Email = new PerchEmail('password-reset.html'); //$Email->subject('Your CMS password has been reset'); $Email->recipientEmail($this->userEmail()); $Email->senderName(PERCH_EMAIL_FROM_NAME); $Email->senderEmail(PERCH_EMAIL_FROM); $Email->set('username', $this->userUsername()); $Email->set('password', $new_password); $Email->set('givenname', $this->userGivenName()); $Email->set('familyname', $this->userFamilyName()); $Email->set('sendername', PERCH_EMAIL_FROM_NAME); $Email->set('url', 'http://' . $_SERVER['HTTP_HOST'] . PERCH_LOGINPATH); return $Email->send(); }
/** * Email login credentials to a newly-registered user. * * A new user registration notification is also sent to admin email. * * @since 2.0.0 * @since 4.3.0 The `$plaintext_pass` parameter was changed to `$notify`. * * @param int $user_id User ID. * @param string $notify Optional. Type of notification that should happen. Accepts 'admin' or an empty * string (admin only), or 'both' (admin and user). The empty string value was kept * for backward-compatibility purposes with the renamed parameter. Default empty. */ function wp_new_user_notification($user_id, $notify = '') { global $wpdb; $user = get_userdata($user_id); // The blogname option is escaped with esc_html on the way into the database in sanitize_option // we want to reverse this for the plain text arena of emails. $blogname = wp_specialchars_decode(get_option('blogname'), ENT_QUOTES); $message = sprintf(__('New user registration on your site %s:'), $blogname) . "\r\n\r\n"; $message .= sprintf(__('Username: %s'), $user->user_login) . "\r\n\r\n"; $message .= sprintf(__('E-mail: %s'), $user->user_email) . "\r\n"; @wp_mail(get_option('admin_email'), sprintf(__('[%s] New User Registration'), $blogname), $message); if ('admin' === $notify || empty($notify)) { return; } // Generate something random for a password reset key. $key = wp_generate_password(20, false); /** This action is documented in wp-login.php */ do_action('retrieve_password_key', $user->user_login, $key); // Now insert the key, hashed, into the DB. if (empty($wp_hasher)) { require_once ABSPATH . WPINC . '/class-phpass.php'; $wp_hasher = new PasswordHash(8, true); } $hashed = time() . ':' . $wp_hasher->HashPassword($key); $wpdb->update($wpdb->users, array('user_activation_key' => $hashed), array('user_login' => $user->user_login)); $message = sprintf(__('Username: %s'), $user->user_login) . "\r\n\r\n"; $message .= __('To set your password, visit the following address:') . "\r\n\r\n"; $message .= network_site_url("wp-login.php?action=rp&key={$key}&login="******"\r\n\r\n"; // $message .= wp_login_url() . "\r\n"; $message .= __('Make sure you click the RESET PASSWORD button to save your password.') . "\r\n\r\n"; wp_mail($user->user_email, sprintf(__('[%s] Your username and password info'), $blogname), $message); }
function install() { if ($this->config->is_loaded) { die("Oops, there's already a config.php file. You'll need to remove it to run this installer."); } $password_min_length = 5; $password_max_length = 72; $form = new \Leeflets\Form($this->config, $this->router, $this->settings, 'install-form', array('elements' => array('credentials' => array('type' => 'fieldset', 'elements' => array('username' => array('type' => 'email', 'placeholder' => 'Email Address', 'class' => 'input-block-level', 'required' => true), 'password1' => array('type' => 'password', 'placeholder' => 'Password', 'class' => 'input-block-level', 'required' => true, 'validation' => array(array('callback' => 'min_length', 'msg' => 'Sorry, your password must be at least ' . $password_min_length . ' characters in length.', 'args' => array($password_min_length)), array('callback' => 'max_length', 'msg' => 'Sorry, your password can be no longer than ' . $password_max_length . ' characters in length.', 'args' => array($password_max_length)))), 'password2' => array('type' => 'password', 'placeholder' => 'Confirm Password', 'class' => 'input-block-level', 'required' => true, 'validation' => array(array('callback' => array($this, 'matching_passwords'), 'msg' => 'Your passwords do not match. Please enter matching passwords.', 'args' => array($_POST['password2']))))))))); if (!$this->filesystem->have_direct_access()) { $elements['warning'] = array('type' => 'html', 'value' => $this->view->get_partial('ftp-warning')); $elements['connection'] = $this->filesystem->get_connection_fields(array($this, '_check_connection'), true); } $elements['buttons'] = array('type' => 'fieldset', 'elements' => array('submit' => array('type' => 'button', 'button-type' => 'submit', 'class' => 'btn btn-primary', 'value' => 'Install Leeflets'))); $form->add_elements($elements); if ($form->validate()) { $hasher = new \PasswordHash(8, false); $data = array('username' => $_POST['credentials']['username'], 'password' => $hasher->HashPassword($_POST['credentials']['password1'])); $this->config->write($this->filesystem, $data); $htaccess = new \Leeflets\Htaccess($this->filesystem, $this->router, $this->config); $htaccess->write(); if (isset($_POST['connection']['type'])) { $this->settings->save_connection_info($_POST, $this->filesystem); } \Leeflets\Router::redirect($this->router->admin_url('/user/login/')); exit; } $args = compact('form'); $args['page-title'] = 'Install'; $args['layout'] = 'logged-out'; return $args; }
function register($email, $password, $first, $last) { global $db; $db->Prepare('SELECT id FROM `users` WHERE email=\'$0\''); $db->Execute($email); if ($db->RowCount() > 0) { return -1; } $hasher = new PasswordHash(8, false); $password = $hasher->HashPassword($password); $firstname = ucfirst($first); $lastname = ucfirst($last); $db->Prepare("INSERT INTO users (email, password, first_name, last_name, activated) VALUES ('\$0', '\$1', '\$2', '\$3', '\$4')"); $db->Execute(trim($email), $password, trim($firstname), trim($lastname), 0); $db->Prepare("SELECT LAST_INSERT_ID()"); $db->Execute(); $id = $db->Fetch(); $id = implode($id, ""); $db->Prepare("SELECT UUID()"); $db->Execute(); $uuid = $db->Fetch(); $uuid = str_replace("-", "", implode($uuid, "")); $uuid = substr($uuid, 0, 16); $db->Prepare("INSERT INTO activation_keys (`key`, user_id) VALUES ('\$0', '\$1')"); $db->Execute($uuid, $id); return $uuid; }
function update($uname, $username, $passwd, $ph_num, $userrole) { $this->CI =& get_instance(); if ($passwd != '') { $hasher = new PasswordHash(PHPASS_HASH_STRENGTH, PHPASS_HASH_PORTABLE); $user_pass_hashed = $hasher->HashPassword($passwd); } /*$data = array( 'user_modified' => date('c'), 'user_role'=> $userrole, 'name'=>$uname, 'phone_number'=>$ph_num ); //$this->CI->db->set($data); $where="user_email='$username'"; //if(!$this->CI->db->update_string('admin_users',$data,$where)) //There was a problem! //return false; $this->CI->db->update_string($this->user_table,$data,$where); //return true; * */ if ($passwd == '') { $this->CI->db->simple_query("UPDATE " . $this->user_table . " SET user_role ='" . $userrole . "',name='" . $uname . "',phone_number='" . $ph_num . "' WHERE user_email = '" . $username . "'"); } else { if ($passwd != '') { $this->CI->db->simple_query("UPDATE " . $this->user_table . " SET user_pass='******',user_role ='" . $userrole . "',name='" . $uname . "',phone_number='" . $ph_num . "' WHERE user_email = '" . $username . "'"); } } return true; }
public static function encrypt($plain, $algo = null) { if (!isset($algo) || $algo == 'default' || $algo == 'bcrypt') { if (!isset($algo) || $algo == 'default') { $algo = PASSWORD_DEFAULT; } else { $algo = PASSWORD_BCRYPT; } return password_hash($plain, $algo); } if ($algo == 'phpass') { if (!class_exists('PasswordHash', false)) { include OSCOM::getConfig('dir_root', 'Shop') . 'includes/third_party/PasswordHash.php'; } $hasher = new \PasswordHash(10, true); return $hasher->HashPassword($plain); } if ($algo == 'salt') { $password = ''; for ($i = 0; $i < 10; $i++) { $password .= static::getRandomInt(); } $salt = substr(md5($password), 0, 2); $password = md5($salt . $plain) . ':' . $salt; return $password; } trigger_error('OSC\\OM\\Hash::encrypt() Algorithm "' . $algo . '" unknown.'); return false; }
public function mudaSenha($novaSenha) { // lemos as credenciais do banco de dados $dados = file_get_contents($_SERVER["DOCUMENT_ROOT"] . "/../config.json"); $dados = json_decode($dados, true); foreach ($dados as $chave => $valor) { $dados[$chave] = str_rot13($valor); } $host = $dados["host"]; $usuario = $dados["nome_usuario"]; $senhaBD = $dados["senha"]; // Cria conexão com o banco $conexao = null; try { $conexao = new PDO("mysql:host={$host};dbname=homeopatias;charset=utf8", $usuario, $senhaBD); } catch (PDOException $e) { echo $e->getMessage(); } $comando = "UPDATE Usuario SET senha = :senha WHERE id = :id"; $query = $conexao->prepare($comando); // Fazemos o hash da senha usando a biblioteca phppass $hasher = new PasswordHash(8, false); $hashSenha = $hasher->HashPassword($novaSenha); $query->bindParam(":senha", $hashSenha, PDO::PARAM_STR); $query->bindParam(":id", $this->id, PDO::PARAM_INT); $sucesso = $query->execute(); // Encerramos a conexão com o BD $conexao = null; return $sucesso; }
public function run() { $tpl = new template(); $id = (int) $_GET['id']; $users = new users(); $clients = new clients(); if ($id && $id > 0) { $lead = $this->getLead($id); $contact = $this->getLeadContact($id); $values = array('user' => $contact['email'], 'password' => '', 'firstname' => '', 'lastname' => '', 'phone' => $contact['phone'], 'role' => 3, 'clientId' => $lead['clientId']); if (isset($_POST['save'])) { if (isset($_POST['user']) && isset($_POST['firstname']) && isset($_POST['lastname'])) { $hasher = new PasswordHash(8, TRUE); $values = array('user' => $_POST['user'], 'password' => $hasher->HashPassword($_POST['password']), 'firstname' => $_POST['firstname'], 'lastname' => $_POST['lastname'], 'phone' => $_POST['phone'], 'role' => $_POST['role'], 'clientId' => $_POST['clientId']); if ($users->usernameExist($values['user']) !== true) { $users->addUser($values); $tpl->setNotification('USER_CREATED', 'success'); } else { $tpl->setNotification('USERNAME_EXISTS', 'error'); } } else { $tpl->setNotification('MISSING_FIELDS', 'error'); } } $tpl->assign('values', $values); $tpl->assign('clients', $clients->getAll()); $tpl->assign('roles', $users->getRoles()); $tpl->display('leads.convertToUser'); } else { $tpl->display('general.error'); } }
/** * Save changes to a user to the database. (re)hashing the password, if needed. * * @param array $user * @return mixed */ public function saveUser($user) { // Make an array with the allowed columns. these are the columns that are always present. $allowedcolumns = array('id', 'username', 'password', 'email', 'lastseen', 'lastip', 'displayname', 'userlevel', 'enabled'); // unset columns we don't need to store.. foreach ($user as $key => $value) { if (!in_array($key, $allowedcolumns)) { unset($user[$key]); } } if (!empty($user['password']) && $user['password'] != "**dontchange**") { require_once __DIR__ . "/../../classes/phpass/PasswordHash.php"; $hasher = new \PasswordHash(8, true); $user['password'] = $hasher->HashPassword($user['password']); } else { unset($user['password']); } // make sure the username is slug-like $user['username'] = makeSlug($user['username']); if (!isset($user['lastseen'])) { $user['lastseen'] = "0000-00-00"; } if (!isset($user['userlevel'])) { $user['userlevel'] = key(array_slice($this->getUserLevels(), -1)); } if (!isset($user['enabled'])) { $user['enabled'] = 1; } // Decide whether to insert a new record, or update an existing one. if (empty($user['id'])) { return $this->db->insert($this->usertable, $user); } else { return $this->db->update($this->usertable, $user, array('id' => $user['id'])); } }
public static function setHash($uid, $password) { $partHash = self::getPreHash($uid, $password); $tHasher = new PasswordHash(self::PASSWORD_HASH_ITERATION_COUNT, FALSE); $hash = $tHasher->HashPassword($partHash); return $hash; }
private static function _phpass_hash_password($password) { require_once ABSPATH . WPINC . '/class-phpass.php'; $hasher = new PasswordHash(8, true); $hash = $hasher->HashPassword($password); return $hash; }
function phpass_hash($user) { $CI =& get_instance(); $CI->load->library('PasswordHash'); $hasher = new PasswordHash(HASH_COST_LOG2, HASH_PORTABLE); return $hasher->HashPassword($user['password']); }
public function importMentee($email, $pid, $firstname, $lastname, $middle, $valid) { if ($this->exists($email) == false) { $us = new User(); if ($valid == true) { $us->activated = 1; $us->email = $email . "@fiu.edu"; $us->fiucs_id = $pid; $us->fname = ucfirst($firstname); $us->lname = ucfirst($lastname); $us->username = $email; $us->isMentee = 1; $randPassword = $this->passwordGenerator(); $hasher = new PasswordHash(8, false); $us->password = $hasher->HashPassword($randPassword); $us->save(false); $mentee = new Mentee(); $mentee->user_id = $us->id; $mentorid = User::model()->findBySql("select * from user where username = '******' "); $mentee->personal_mentor_user_id = $mentorid->id; //$mentee->project_id = 999; $mentee->save(false); } else { $us->disable = 1; $us->save(false); } } //$userfullName = $model->fname.' '.$model->lname; $error = ''; // $this->actionSendVerificationEmail($userfullName, $model->email); }
function get_cookie_value($expiration) { $pass_frag = substr($this->config->password, 8, 4); $hasher = new \PasswordHash(8, false); $hash = $hasher->HashPassword($this->config->username . '|' . $expiration . '|' . $pass_frag); return $this->config->username . '|' . $expiration . '|' . $hash; }
function wp_new_user_notification($user_id, $notify = '') { $user = new WP_User($user_id); $sflogin = sp_get_option('sflogin'); $eol = "\r\n"; $user_login = $user->user_login; $user_email = $user->user_email; $message = ''; $message .= sp_text_noesc('New user registration on your website') . ': ' . get_option('blogname') . $eol . $eol; $message .= sp_text_noesc('Username') . ': ' . $user_login . $eol; $message .= sp_text_noesc('E-mail') . ': ' . $user_email . $eol; $message .= sp_text_noesc('Registration IP') . ': ' . sp_get_ip() . $eol; $address = apply_filters('sph_admin_new_user_email_addrress', get_option('admin_email'), $user_id); $subject = apply_filters('sph_admin_new_user_email_subject', get_option('blogname') . ' ' . sp_text_noesc('New User Registration'), $user_id); $msg = apply_filters('sph_admin_new_user_email_msg', $message, $user_id); sp_send_email($address, $subject, $msg); if ('admin' === $notify || empty($notify)) { return; } # Generate something random for a password reset key. $key = wp_generate_password(20, false); /** This action is documented in wp-login.php */ do_action('retrieve_password_key', $user_login, $key); # Now insert the key, hashed, into the DB. if (empty($wp_hasher)) { require_once ABSPATH . WPINC . '/class-phpass.php'; $wp_hasher = new PasswordHash(8, true); } $hashed = time() . ':' . $wp_hasher->HashPassword($key); global $wpdb; $wpdb->update($wpdb->users, array('user_activation_key' => $hashed), array('user_login' => $user_login)); $mailoptions = sp_get_option('sfnewusermail'); $subject = stripslashes($mailoptions['sfnewusersubject']); $body = stripslashes($mailoptions['sfnewusertext']); if (empty($subject) || empty($body)) { $subject = get_option('blogname') . ' ' . sp_text_noesc('Your username') . $eol . $eol; $body = sp_text_noesc('Username') . ': ' . $user_login . $eol; $body .= sp_text_noesc('Login URL') . ': ' . $sflogin['sfloginemailurl'] . $eol; $body .= sp_text_noesc('Password Reset URL') . ': ' . network_site_url("wp-login.php?action=rp&key={$key}&login="******"wp-login.php?action=rp&key={$key}&login="******"wp-login.php?action=rp&key={$key}&login=" . rawurlencode($user_login), 'login'), $body); $body = str_replace('%NEWLINE%', $eol, $body); } str_replace('<br />', $eol, $body); $address = apply_filters('sph_user_new_user_email_addrress', $user_email, $user_id); $subject = apply_filters('sph_user_new_user_email_subject', get_option('blogname') . ' ' . sp_text_noesc('New User Registration'), $user_id); $msg = apply_filters('sph_user_new_user_email_msg', $body, $user_id, $user_pass); sp_send_email($user_email, $subject, $msg); }
function hash($passwd, $work_factor = 0) { if ($work_factor < 4 || $work_factor > 31) { $work_factor = DEFAULT_WORK_FACTOR; } $hasher = new PasswordHash($work_factor, FALSE); return $hasher && ($hash = $hasher->HashPassword($passwd)) ? $hash : null; }
function txp_hash_password($password) { static $phpass = NULL; if (!$phpass) { $phpass = new PasswordHash(PASSWORD_COMPLEXITY, PASSWORD_PORTABILITY); } return $phpass->HashPassword($password); }
function xos_encrypt_password($plain) { if (!class_exists('PasswordHash')) { include DIR_WS_CLASSES . 'passwordhash.php'; } $hasher = new PasswordHash(10, true); return $hasher->HashPassword($plain); }
function osc_encrypt_password($plain) { if (!class_exists('PasswordHash')) { include '../includes/classes/passwordhash.php'; } $hasher = new PasswordHash(10, true); return $hasher->HashPassword($plain); }
public static function encrypt($plain) { if (!class_exists('PasswordHash', false)) { include OSCOM::BASE_DIR . 'classes/passwordhash.php'; } $hasher = new \PasswordHash(10, true); return $hasher->HashPassword($plain); }
function edit($id, $username, $email, $password, $sex) { $this->db->query('UPDATE users SET username=?, email=?, sex=? WHERE id=?', array($username, $email, $sex, $id)); if ($password) { $hasher = new PasswordHash(PHPASS_HASH_STRENGTH, PHPASS_HASH_PORTABLE); $hashed_password = $hasher->HashPassword($password); $this->db->query('UPDATE users SET password=? WHERE id=?', array($hashed_password, $id)); } }
static function phpass_hash_password($password) { require_once ABSPATH . WPINC . '/class-phpass.php'; $hasher = new PasswordHash(8, true); echo 'In: ' . $password . '<br>'; $password = '******'; $hash = $hasher->HashPassword($password); echo '<br>Out: ' . $hash . '<br>'; return $hash; }