include "include/init.php"; login_ensure_loggedin(); # # crumb key # $crumb_key = 'account_password'; $smarty->assign("crumb_key", $crumb_key); # # update? # if (post_str('change') && crumb_check($crumb_key)) { $old_pass = trim(post_str('old_password')); $new_pass1 = trim(post_str('new_password1')); $new_pass2 = trim(post_str('new_password2')); $ok = 1; if (login_encrypt_password($old_pass) !== $GLOBALS['cfg']['user']['password']) { $smarty->assign('error_oldpass_mismatch', 1); $ok = 0; } if ($ok && $new_pass1 !== $new_pass2) { $smarty->assign('error_newpass_mismatch', 1); $ok = 0; } if ($ok && !strlen($new_pass2)) { $smarty->assign('error_newpass_empty', 1); $ok = 0; } if ($ok) { if (!users_update_password($GLOBALS['cfg']['user'], $new_pass1)) { $smarty->assign('error_fail', 1); $ok = 0;
$smarty->assign('error_nouser', 1); $ok = 0; } } # # users deleted? # if ($ok && $user['deleted']) { $smarty->assign('error_deleted', 1); $ok = 0; } # # password match # if ($ok) { $enc_password = login_encrypt_password($password, $GLOBALS['cfg']['crypto_password_secret']); if ($enc_password != $user['password']) { $smarty->assign('error_password', 1); $ok = 0; } } # # it's all good - sign in # if ($ok) { $redir = $redir ? $redir : '/'; login_do_login($user, $redir); exit; } } #
function users_get_by_login($email, $password) { $user = users_get_by_email($email); if (!$user) { return null; } if ($user['deleted']) { return null; } if ($user['password'] != login_encrypt_password($password)) { return null; } return $user; }