Exemplos de Elabftw\Elabftw\User::updatePassword em PHP

Exemplo n.º 1

Arquivo: reset.php Projeto: corcre/elabftw

 * SECOND PART
 *
 * Update the passwords.
 */
if (isset($_POST['password']) && isset($_POST['cpassword']) && isset($_POST['key']) && isset($_POST['userid']) && $_POST['password'] === $_POST['cpassword']) {
    // get email of user
    $sql = "SELECT email FROM users WHERE userid = :userid";
    $req = $pdo->prepare($sql);
    $req->bindParam(':userid', $_POST['userid'], PDO::PARAM_INT);
    $req->execute();
    // Validate key
    if ($req->fetchColumn() != $crypto->decrypt($_POST['key'])) {
        die('Bad key.');
    }
    // Get userid
    if (filter_var($_POST['userid'], FILTER_VALIDATE_INT)) {
        $userid = $_POST['userid'];
    } else {
        die(_("Userid is not valid."));
    }
    // Replace new password in database
    if ($user->updatePassword($_POST['password'], $userid)) {
        dblog('Info', $userid, 'Password was changed for this user.');
        $msg_arr[] = _('New password updated. You can now login.');
        $_SESSION['infos'] = $msg_arr;
    } else {
        $msg_arr[] = sprintf(_("There was an unexpected problem! Please %sopen an issue on GitHub%s if you think this is a bug.") . "<br>E#452A" . $error, "<a href='https://github.com/elabftw/elabftw/issues/'>", "</a>");
        $_SESSION['errors'] = $msg_arr;
    }
    header("location: ../login.php");
}

Exemplo n.º 2

Arquivo: ucp-exec.php Projeto: corcre/elabftw

 } else {
     $website = null;
 }
 // PASSWORD CHANGE
 if (isset($_POST['cnewpass']) && !empty($_POST['cnewpass']) && isset($_POST['newpass']) && !empty($_POST['newpass'])) {
     $password = $_POST['newpass'];
     $cpassword = $_POST['cnewpass'];
     // check confirmation password
     if (strcmp($password, $cpassword) != 0) {
         $msg_arr[] = _('The passwords do not match!');
         $errflag = true;
     }
     // update the password only if there is no error before
     if (!$errflag) {
         try {
             $user->updatePassword($password);
         } catch (Exception $e) {
             $msg_arr[] = $e->getMessage();
             $errflag = true;
         }
     }
 }
 // MAIN SQL
 if (!$errflag) {
     // SQL for update preferences
     $sql = "UPDATE users SET\n            email = :email,\n            username = :username,\n            firstname = :firstname,\n            lastname = :lastname,\n            phone = :phone,\n            cellphone = :cellphone,\n            skype = :skype,\n            website = :website\n            WHERE userid = :userid";
     $req = $pdo->prepare($sql);
     $result = $req->execute(array('email' => $email, 'username' => $username, 'firstname' => $firstname, 'lastname' => $lastname, 'phone' => $phone, 'cellphone' => $cellphone, 'skype' => $skype, 'website' => $website, 'userid' => $_SESSION['userid']));
     if ($result) {
         $msg_arr[] = _('Profile updated.');
     } else {