private function validateForm() { // The errors array will hold all validation errors discovered $errors = array(); // Do validation -- // Verify the current password $currentPassword = $this->pageState['currentPassword']; if ($_SESSION['password'] != User::generatePassword($currentPassword)) { // Current password is incorrect $errors[] = 'The current password you provided is incorrect. Please enter your current password.'; } // Validate the new password $newPassword = $this->pageState['newPassword']; if (strlen($newPassword) == 0) { // No new password provided $errors[] = 'Your new password cannot be blank. Please enter a new password.'; } // Validate the retyped password $confirmPassword = $this->pageState['confirmPassword']; if (strlen($newPassword) == 0) { // No new password confirmation provided $errors[] = 'Your have not yet re-typed your new password to confirm it. Please do so.'; } if ($newPassword != $confirmPassword) { $errors[] = 'The value in the new password box does not match the re-typed confirmation value. Please enter the new password into both boxes again, so that we can ensure that your password is free of typos.'; } // Return the errors array return $errors; }
public function generatePassword($email, &$new_non_crypted_password) { if (!($user_data = $this->getUserByEmail($email))) { return false; } $this->merge($user_data); $new_non_crypted_password = User::generatePassword(); $crypted_password = SimpleAuthenticator::getCryptedPassword($user_data['identifier'], $new_non_crypted_password); $this->set('generated_password', $crypted_password); $this->update(false); return true; }
private function authenticateUser($username, $password) { // Look up the incoming user $currentUserInfo = User::getUserInfo($username); // Compare the incoming password to the stored password for the user if ($currentUserInfo['password'] == User::generatePassword($password)) { // The user has been authenticated, so start up a session and store user info there session_start(); $_SESSION['auth'] = 'simple'; $_SESSION['username'] = $username; $_SESSION['email'] = $currentUserInfo['email']; $_SESSION['password'] = $currentUserInfo['password']; $_SESSION['userPath'] = trim($currentUserInfo['userPath']); $_SESSION['usernameFriendly'] = trim($currentUserInfo['friendlyName']); $_SESSION['directoryMode'] = trim($currentUserInfo['directoryMode']); $_SESSION['editorMode'] = trim($currentUserInfo['editorMode']); // Set the current working directory $_SESSION['cwd'] = $_SESSION['userPath']; return true; } else { // Authentication failed return false; } }
return; } } /////// /////////////////////////////////////////////////// /////////////////////////////////////////////////// /////// Check email address if (!preg_match($regexmail, $usr->emailAddress->getPrimaryAddress($usr))) { echo $mod_strings['ERR_EMAIL_INCORRECT']; return; } /////// /////////////////////////////////////////////////// $isLink = isset($_POST['link']) && $_POST['link'] == '1'; // if i need to generate a password (not a link) $password = $isLink ? '' : User::generatePassword(); /////////////////////////////////////////////////// /////// Create URL // if i need to generate a link if ($isLink) { global $timedate; $guid = create_guid(); $url = $GLOBALS['sugar_config']['site_url'] . "/index.php?entryPoint=Changenewpassword&guid={$guid}"; $time_now = TimeDate::getInstance()->nowDb(); //$q2="UPDATE `users_password_link` SET `deleted` = '1' WHERE `username` = '".$username."'"; //$usr->db->query($q2); $q = "INSERT INTO users_password_link (id, username, date_generated) VALUES('" . $guid . "','" . $username . "','" . $time_now . "') "; $usr->db->query($q); } /////// ///////////////////////////////////////////////////
public function testgeneratePassword() { //generate apsswords and verify they are not same $password1 = User::generatePassword(); $this->assertGreaterThan(0, strlen($password1)); $password2 = User::generatePassword(); $this->assertGreaterThan(0, strlen($password2)); $this->assertNotEquals($password1, $password2); }
/** * Resets password and sends email to user * @param $api * @param array $args * @return bool * @throws SugarApiExceptionRequestMethodFailure * @throws SugarApiExceptionMissingParameter */ public function requestPassword($api, $args) { require_once 'modules/Users/language/en_us.lang.php'; $res = $GLOBALS['sugar_config']['passwordsetting']; $requiredParams = array('email', 'username'); if (!$GLOBALS['sugar_config']['passwordsetting']['forgotpasswordON']) { throw new SugarApiExceptionRequestMethodFailure(translate('LBL_FORGOTPASSORD_NOT_ENABLED', 'Users'), $args); } foreach ($requiredParams as $key => $param) { if (!isset($args[$param])) { throw new SugarApiExceptionMissingParameter('Error: Missing argument.', $args); } } $usr = empty($this->usr) ? new User() : $this->usr; $useremail = $args['email']; $username = $args['username']; if (!empty($username) && !empty($useremail)) { $usr_id = $usr->retrieve_user_id($username); $usr->retrieve($usr_id); if (!$usr->isPrimaryEmail($useremail)) { throw new SugarApiExceptionRequestMethodFailure(translate('LBL_PROVIDE_USERNAME_AND_EMAIL', 'Users'), $args); } if ($usr->portal_only || $usr->is_group) { throw new SugarApiExceptionRequestMethodFailure(translate('LBL_PROVIDE_USERNAME_AND_EMAIL', 'Users'), $args); } // email invalid can not reset password if (!SugarEmailAddress::isValidEmail($usr->emailAddress->getPrimaryAddress($usr))) { throw new SugarApiExceptionRequestMethodFailure(translate('ERR_EMAIL_INCORRECT', 'Users'), $args); } $isLink = !$GLOBALS['sugar_config']['passwordsetting']['SystemGeneratedPasswordON']; // if i need to generate a password (not a link) $password = $isLink ? '' : User::generatePassword(); // Create URL // if i need to generate a link if ($isLink) { $guid = create_guid(); $url = $GLOBALS['sugar_config']['site_url'] . "/index.php?entryPoint=Changenewpassword&guid={$guid}"; $time_now = TimeDate::getInstance()->nowDb(); $q = "INSERT INTO users_password_link (id, username, date_generated) VALUES('" . $guid . "','" . $username . "','" . $time_now . "') "; $usr->db->query($q); } if ($isLink && isset($res['lostpasswordtmpl'])) { $emailTemp_id = $res['lostpasswordtmpl']; } else { $emailTemp_id = $res['generatepasswordtmpl']; } $additionalData = array('link' => $isLink, 'password' => $password); if (isset($url)) { $additionalData['url'] = $url; } $result = $usr->sendEmailForPassword($emailTemp_id, $additionalData); if ($result['status']) { return true; } elseif ($result['message'] != '') { throw new SugarApiExceptionRequestMethodFailure($result['message'], $args); } else { throw new SugarApiExceptionRequestMethodFailure('LBL_EMAIL_NOT_SENT', $args); } } else { throw new SugarApiExceptionMissingParameter('Error: Empty argument', $args); } }
public static function replacePassword($username, $newPassword) { // Generate the new password hash $newPWHash = User::generatePassword($newPassword); // Open the user's config file and parse it $userFile = Constants::$ROOT_DIR . 'config/users/' . $username . '.user'; $handle = @fopen($userFile, "r"); if ($handle) { // Read the line describing the user values $userLine = fgets($handle); // Parse it out $userData = explode("|", $userLine); fclose($handle); } // Replace the old password hash with the new password hash $userData[1] = $newPWHash; // Also put the new password hash into the session data $_SESSION['password'] = $newPWHash; // Reassemble the user data line and write it to the user's config file $userLine = implode("|", $userData); file_put_contents($userFile, $userLine); }
/** * Get user information. * * @return array */ public function getUserInfo() { $res = $this->apiRequest('getProfiles', array('uids' => $this->m_uid, "fields" => "uid,first_name,last_name,sex,city,country,photo")); if (is_array($res['response'])) { $userInfo = array('u_name' => $res['response'][0]['uid'] . '@vk.com', 'u_vkid' => $res['response'][0]['uid'], 'u_password' => User::generatePassword(), 'u_city' => isset($res['response'][0]['city']) ? $res['response'][0]['city'] : '', 'u_country' => isset($res['response'][0]['country']) ? $res['response'][0]['country'] : '', 'u_fullname' => $res['response'][0]['first_name'] . ' ' . $res['response'][0]['last_name']); if (isset($res['response'][0]['city'])) { $userInfo['u_city'] = $res['response'][0]['city']; $userInfo['u_country'] = $res['response'][0]['country']; } } else { $userInfo = false; } return $userInfo; }
} } } /////// /////////////////////////////////////////////////// /////////////////////////////////////////////////// /////// Check email address if (!preg_match($regexmail, $usr->emailAddress->getPrimaryAddress($usr))) { echo $mod_strings['ERR_EMAIL_INCORRECT']; return; } /////// /////////////////////////////////////////////////// // if i need to generate a password (not a link) if (!isset($_POST['link'])) { $password = User::generatePassword(); } /////////////////////////////////////////////////// /////// Create URL // if i need to generate a link if (isset($_POST['link']) && $_POST['link'] == '1') { global $timedate; $guid = create_guid(); $url = $GLOBALS['sugar_config']['site_url'] . "/index.php?entryPoint=Changenewpassword&guid={$guid}"; $time_now = TimeDate::getInstance()->nowDb(); //$q2="UPDATE `users_password_link` SET `deleted` = '1' WHERE `username` = '".$username."'"; //$usr->db->query($q2); $q = "INSERT INTO users_password_link (id, username, date_generated) VALUES('" . $guid . "','" . $username . "',' " . $time_now . "' ) "; $usr->db->query($q); } ///////
protected function proccessRequest($model = null) { if (Yii::app()->request->getPost('User') !== null) { if (!$model) { $model = new User('register'); $model->makeForm('register', $this->params['content']->fields, $this->params['content']->fields_req); } $tpldata = array(); $model->attributes = Yii::app()->request->getPost('User'); if ($model->password == '') { $model->password = $model->password_repeat = $tpldata['generatedPassword'] = User::generatePassword(); $model->askfill = true; } if ($model->validate()) { $model->save(false); $cfg = ContentUnit::loadConfig(); $viewFileDir = $cfg['UnitRegister'] . '.register.templates.mail.'; $tpldata['model'] = $model->getAttributes(); $tpldata['settings'] = Yii::app()->settings->model->getAttributes(); $tpldata['page'] = $this->params['content']->getWidgetPageArray(); if ($this->params['content']->notify_admin) { // send 'to_admin_notify' mail Yii::app()->messenger->send('email', Yii::app()->settings->getValue('adminEmail'), '[' . $_SERVER['HTTP_HOST'] . '] ' . Yii::t('UnitRegister.main', 'New user registration'), Yii::app()->controller->renderPartial($viewFileDir . 'to_admin_notify', $tpldata, true)); } if ($this->params['content']->is_emailauth_req) { $model->saveAttributes(array('authcode' => User::hash($model->id . $model->login . time() . rand()))); $tpldata['model'] = $model; // send 'to_user_confirm' mail Yii::app()->messenger->send('email', $model->email, Yii::t('UnitRegister.main', 'Registration confirm'), Yii::app()->controller->renderPartial($viewFileDir . 'to_user_confirm', $tpldata, true)); return true; } else { $model->saveAttributes(array('active' => true)); if ($this->params['content']->notify_user || $tpldata['generatedPassword']) { // send 'to_user_notify' mail Yii::app()->messenger->send('email', $model->email, Yii::t('UnitRegister.main', 'Registration completed'), Yii::app()->controller->renderPartial($viewFileDir . 'to_user_notify', $tpldata, true)); } $loginForm = new LoginForm(); $loginForm->username = $model->email; $loginForm->password = !empty($_POST['User']['password']) ? $_POST['User']['password'] : $tpldata['generatedPassword']; if ($loginForm->login()) { return true; } } } } return false; }
/** * Store a newly created resource in storage. * * @return Response */ public function store() { //guest send request if (!Sentry::check()) { $rules = array('title' => 'required', 'first_name' => 'required', 'last_name' => 'required', 'email' => 'required|email', 'service_type_id' => 'required|numeric', 'requirement' => 'required', 'link' => 'required|url', 'info' => 'required', 'budget_id' => 'required', 'deliver_in' => 'required|numeric', 'attachment' => 'mimes:pdf,doc,docx,txt'); $validator = Validator::make(Input::all(), $rules); //validate the input if ($validator->fails()) { return Redirect::route('items.create')->withErrors($validator)->withInput(); } /** * Create account login for guest from email */ try { // Create the user $password = User::generatePassword(); $userData = array('email' => Input::get('email'), 'password' => $password, 'activated' => 1, 'first_name' => Input::get('first_name'), 'last_name' => Input::get('last_name')); $user = Sentry::createUser($userData); // Find the group using the group id $userGroup = Sentry::findGroupByName('user'); // Assign the group to the user $user->addGroup($userGroup); //insert request $itemData = Input::except('_token', 'first_name', 'last_name', 'email'); $itemData['user_id'] = $user->id; if (!is_null(Input::file('attachment'))) { $fileName = time() . Input::file('attachment')->getClientOriginalName(); $destinationPath = 'public/uploads/items'; Input::file('attachment')->move($destinationPath, $fileName); $attach_path = $destinationPath . '/' . $fileName; } if (isset($attach_path)) { $itemData['attachment'] = $attach_path; } $item = Item::create($itemData); return Redirect::route('users.index')->with('message', 'Your request had been submited! Our has create your account.<br />Please check your email and login with username, password for check your request.<br />' . 'Email:' . $user->email . '/' . $password); /**send mail **/ /* Mail::send('emails.welcome', array('key' => 'value'), function($message) { $message->to('*****@*****.**', 'John Smith')->subject('Welcome!'); }); */ } catch (Cartalyst\Sentry\Users\LoginRequiredException $e) { return Redirect::route('items.create')->withErrors('Login field is required.')->withInput(); } catch (Cartalyst\Sentry\Users\PasswordRequiredException $e) { return Redirect::route('items.create')->withErrors('Password field is required.')->withInput(); } catch (Cartalyst\Sentry\Users\UserExistsException $e) { return Redirect::route('items.create')->withErrors('Email with this login already exists.')->withInput(); } catch (Cartalyst\Sentry\Groups\GroupNotFoundException $e) { return Redirect::route('items.create')->withErrors('Group was not found.')->withInput(); } } else { //member has login //current user $user = Sentry::getUser(); //validate the input $rules = array('title' => 'required', 'service_type_id' => 'required|numeric', 'requirement' => 'required', 'link' => 'required', 'info' => 'required', 'budget_id' => 'required', 'deliver_in' => 'required|numeric', 'attachment' => 'mimes:pdf,doc,docx,txt'); $validator = Validator::make(Input::all(), $rules); if ($validator->fails()) { return Redirect::route('items.create')->withErrors($validator)->withInput(); } //insert request $itemData = Input::except('_token'); $itemData['user_id'] = $user->id; if (!is_null(Input::file('attachment'))) { $fileName = time() . Input::file('attachment')->getClientOriginalName(); $destinationPath = 'public/uploads'; Input::file('attachment')->move($destinationPath, $fileName); $attach_path = $destinationPath . '/' . $fileName; } if (isset($attach_path)) { $itemData['attachment'] = $attach_path; } $item = Item::create($itemData); return Redirect::route('users.index')->with('message', 'Your request had been submited!'); } }
function beforeInsert(array &$values, User $record, Am_Grid_Editable $grid) { if ($values['_pass']) { $record->setPass($values['_pass']); } if ($record->get('login') == '') { $record->generateLogin(); } if ($record->get('pass') == '') { $record->generatePassword(); } $record->data()->set('signup_email_sent', 1); $record->set('subusers_parent_id', $this->reseller->pk()); $record->is_approved = 1; }
public function sendForgotPasswordEmail() { $password = User::generatePassword(); $this->setPassword(md5($password)); $this->save(); $to = $this->getEmail(); $subject = 'Forgot Password - ' . Tools::get('name'); $message = 'Unbelievable! You forgot your password. ' . "\n" . 'Here\'s a newly generated one: ' . $password . '' . "\n" . 'Go login and change your password immediately.' . "\n" . Tools::get('url'); $headers = 'From: ' . Tools::get('webmaster_email') . "\n" . 'Reply-To: ' . Tools::get('webmaster_email') . "\n" . 'X-Mailer: ' . Tools::get('name') . ' Mailer'; mail($to, $subject, $message, $headers); }
private function createNewUser() { // Get data $uname = $this->pageState['username']; $pw = $this->pageState['password']; $fname = $this->pageState['fullname']; $email = $this->pageState['email']; $home = $this->pageState['homefolder']; $dm = $this->pageState['foldermgr']; $em = $this->pageState['adveditor']; // If the user is an admin, make their home folder blank if ($home == '/') { $home = ''; } // Place the given data into the user's information $userInfo['username'] = $uname; $userInfo['password'] = User::generatePassword($pw); $userInfo['friendlyName'] = $fname; $userInfo['email'] = $email; $userInfo['userPath'] = $home; $userInfo['directoryMode'] = strtolower($dm) == 'foldermgr' ? 'ADVANCED' : 'BASIC'; $userInfo['editorMode'] = strtolower($em) == 'adveditor' ? 'ADVANCED' : 'BASIC'; // Save the information to the user's config file if (User::saveUserInfo($uname, $userInfo)) { // Now save the username and fullname to the user file if (User::addNewUser($uname, $fname)) { // Redirect to userMgmt page header('Location:/manage/userMgmt/showMessage/msg/newUserAdded/user/' . $uname); } else { $errors[] = 'There was a problem adding the new user to the users file. Please check file permissions on the users file (make sure the file is writeable) and try again.'; showForm($pageState, $errors); } } else { $errors[] = 'There was a problem creating a new user file for the user. Please check permissions on the config/users folder (make sure the folder is writeable) and try again.'; $this->view->errors = $errors; $this->get(); } }
if (mysqli_connect_errno()) { echo 'Error : could not connect to database. Try again'; exit; } //select the user by email and get user ID $sql = "select `user_id`,`username` from `{$tprefix}" . "_users` where `email` = '{$email}'"; //echo $sql.'<br />'; $get_user_id = $db->query($sql); if ($get_user_id) { $row = $get_user_id->fetch_assoc(); $user_id = $row["user_id"]; //echo 'user id = '. $user_id .'<br />'; $username = $row["username"]; } if (isset($user_id)) { $newpassword = $myUser->generatePassword(); $md5password = md5($newpassword); //update password field in DB $updateQuery = "UPDATE `{$tprefix}" . "_users` SET `password`='" . $md5password . "' WHERE `user_id` = {$user_id}"; //echo $updateQuery; $db->query($updateQuery) or die("Echec de la MAJ, veuillez contacter l'administrateur du site {$masteremail}"); //==========send new password by email================= //configure SMTP ini_set('SMTP', 'smtp.free.fr'); ini_set('smtp_port', '25'); $to = $email; $subject = 'Votre nouveau mot de passe'; //the important part The Headers //this enable the email in HTML type $headers = 'MIME-Version: 1.0' . "\r\n"; $headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";