/** * Updates the password of a given user, this is the second and last step * in order to reset the password. This operation is done if and only if * the correct parameters are suplied. * @param Request $r * @return array * @throws InvalidParameterException */ public static function apiUpdate(Request $r) { self::ValidateUpdateRequest($r); $user = UsersDAO::FindByEmail($r['email']); $user->setPassword(SecurityTools::hashString($r['password'])); $user->setResetDigest(null); $user->setResetSentAt(null); UsersDAO::save($user); global $smarty; return array('status' => 'ok', 'message' => IS_TEST ? 'message' : $smarty->getConfigVariable('passwordResetResetSuccess')); }
/** * Update basic user profile info when logged with fb/gool * * @param Request $r * @return array * @throws InvalidDatabaseOperationException * @throws InvalidParameterException */ public static function apiUpdateBasicInfo(Request $r) { self::authenticateRequest($r); //Buscar que el nuevo username no este ocupado si es que selecciono uno nuevo if ($r['username'] != $r['current_user']->getUsername()) { $testu = UsersDAO::FindByUsername($r['username']); if (!is_null($testu)) { throw new InvalidParameterException('parameterUsernameInUse', 'username'); } Validators::isValidUsername($r['username'], 'username'); $r['current_user']->setUsername($r['username']); } SecurityTools::testStrongPassword($r['password']); $hashedPassword = SecurityTools::hashString($r['password']); $r['current_user']->setPassword($hashedPassword); UsersDAO::save($r['current_user']); return array('status' => 'ok'); }
<?php require_once 'SecurityTools.php'; require_once 'Controller.php'; $password = Controller::randomString(8); echo "{$password}\n"; echo SecurityTools::hashString($password) . "\n";