public function test1() { $this->assertEquals(Password::encrypt('salt1', 'salt2', 'test', 'sha512'), 'sha512:84955637ddfc24c7f70b390c52a2a5fec0a02c9e3f34811772563547db18fbaf529f977af3fa59d4a818bfade14a9c04cadda1b3d53a3a0d9790794ef18f1e4d'); }
/** * Sets a new password for the user * * @param $id user id * @param $pwd password to set * @param $algo hash algorithm to use */ public static function setPassword($id, $pwd, $algo = 'sha512') { $u = User::get($id); if (!$u) { throw new \Exception('wat'); } $session = SessionHandler::getInstance(); $u->password = Password::encrypt($id, $session->getEncryptKey(), $pwd, $algo); $u->store(); }
/** * Used by SessionHandler::login() and others */ public static function getExact($type, $id, $name, $pwd) { $q = 'SELECT * FROM tblUsers' . ' WHERE id = ? AND name = ? AND type = ? AND time_deleted IS NULL'; $obj = Sql::pSelectRowToObject(__CLASS__, array($q, 'isi', $id, $name, $type)); if (!$obj) { return false; } $x = explode(':', $obj->password); if (count($x) == 2) { $algo = $x[0]; $pwd2 = $x[1]; } else { // auto fallback to old default (sha1) $algo = 'sha1'; $pwd2 = $obj->password; } $session = SessionHandler::getInstance(); $expected = $algo . ":" . $pwd2; if (Password::encrypt($id, $session->getEncryptKey(), $pwd, $algo) != $expected) { return false; } return $obj; }