function users_get_by_login($email, $password) { $user = users_get_by_email($email); if (!$user) { return null; } if ($user['deleted']) { return null; } if (!passwords_validate_password_for_user($password, $user)) { return null; } return $user; }
include "include/init.php"; login_ensure_loggedin(); # # crumb key # $crumb_key = 'account_password'; $smarty->assign("crumb_key", $crumb_key); # # update? # if (post_str('change') && crumb_check($crumb_key)) { $old_pass = trim(post_str('old_password')); $new_pass1 = trim(post_str('new_password1')); $new_pass2 = trim(post_str('new_password2')); $ok = 1; if (!passwords_validate_password_for_user($old_pass, $GLOBALS['cfg']['user'])) { $smarty->assign('error_oldpass_mismatch', 1); $ok = 0; } if ($ok && $new_pass1 !== $new_pass2) { $smarty->assign('error_newpass_mismatch', 1); $ok = 0; } if ($ok && !strlen($new_pass2)) { $smarty->assign('error_newpass_empty', 1); $ok = 0; } if ($ok) { if (!users_update_password($GLOBALS['cfg']['user'], $new_pass1)) { $smarty->assign('error_fail', 1); $ok = 0;
# if ($ok && $user['deleted']){ $smarty->assign('error_deleted', 1); $ok = 0; } # # password match # if ($ok){ if (! passwords_validate_password_for_user($password, $user)){ $smarty->assign('error_password', 1); $ok = 0; } } # # it's all good - sign in # if ($ok){ $redir = ($redir) ? $redir : '/'; login_do_login($user, $redir); exit;