/** * Modification du mot de passe d'un utilisateur * * @param $aParams * @return boolean */ public function changeUserPassword($aParams = array()) { $this->checkPassword($aParams); if (!$this->error->isEmpty()) { return false; } $password_hash = password::hash($aParams['password'], PASSWORD_DEFAULT); $sQuery = 'UPDATE ' . $this->t_users . ' SET ' . 'password=\'' . $this->db->escapeStr($password_hash) . '\', ' . 'salt=\'' . $this->db->escapeStr(util::random_key(12)) . '\' ' . 'WHERE id=' . (int) $aParams['id']; if (!$this->db->execute($sQuery)) { return false; } return true; }
$errors->set(__('i_supa_must_admin_password')); } if ($admin_email == '') { $errors->set(__('i_supa_must_admin_email')); } $current_timestamp = time(); # si pas d'erreur on ajoutent les utilisateurs if ($errors->isEmpty()) { # insertion invité id 1 $query = 'INSERT INTO `' . OKT_DB_PREFIX . 'core_users` (`id`, `username`, `group_id`, `password`) ' . 'VALUES ( 1, \'Guest\', 3, \'Guest\' );'; $db->query($query); # insertion superadmin (id 2) $query = 'INSERT INTO `' . OKT_DB_PREFIX . 'core_users` (' . '`id`, `username`, `group_id`, `salt`, `password`, `language`, `timezone`, `email`, `registered`, `last_visit`' . ') VALUES ( ' . '2, ' . '\'' . $db->escapeStr($sudo_user) . '\', ' . '1, ' . '\'' . $db->escapeStr(util::random_key(12)) . '\', ' . '\'' . $db->escapeStr(password::hash($sudo_password, PASSWORD_DEFAULT)) . '\', ' . '\'fr\', ' . '\'Europe/Paris\', ' . '\'' . $db->escapeStr($sudo_email) . '\', ' . $current_timestamp . ', ' . $current_timestamp . ' ' . ');'; $db->query($query); # insertion admin id 3 $query = 'INSERT INTO `' . OKT_DB_PREFIX . 'core_users` (' . '`id`, `username`, `group_id`, `salt`, `password`, `language`, `timezone`, `email`, `registered`, `last_visit`' . ') VALUES ( ' . '3, ' . '\'' . $db->escapeStr($admin_user) . '\', ' . '2, ' . '\'' . $db->escapeStr(util::random_key(12)) . '\', ' . '\'' . $db->escapeStr(password::hash($admin_password, PASSWORD_DEFAULT)) . '\', ' . '\'fr\', ' . '\'Europe/Paris\', ' . '\'' . $db->escapeStr($admin_email) . '\', ' . $current_timestamp . ', ' . $current_timestamp . ' ' . ');'; $db->query($query); $_SESSION['okt_install_sudo_user'] = $sudo_user; $_SESSION['okt_install_sudo_password'] = $sudo_password; $_SESSION['okt_install_admin_user'] = $admin_user; $_SESSION['okt_install_admin_password'] = $admin_password; # Inclusion du prepend require_once __DIR__ . '/../../../oktInc/prepend.php'; # login $okt->user->login($sudo_user, $sudo_password, 1); http::redirect('index.php?step=' . $stepper->getNextStep()); } } /* Affichage ------------------------------------------------------------*/ # En-tête
/** * Envoi un email avec un nouveau mot de passe. * * @param string $sEmail L'adresse email où envoyer le nouveau mot de passe * @param string $sActivateUrl L'URL de la page de validation * @return boolean */ public function forgetPassword($sEmail, $sActivateUrl) { $sEmail = strtolower(trim($sEmail)); # validation de l'adresse fournie if (!text::isEmail($sEmail)) { $this->oError->set(__('c_c_auth_invalid_email')); return false; } # récupération des infos de l'utilisateur $sQuery = 'SELECT id, username, lastname, firstname, salt ' . 'FROM ' . $this->t_users . ' ' . 'WHERE email=\'' . $this->oDb->escapeStr($sEmail) . '\''; if (($rs = $this->oDb->select($sQuery)) === false) { return false; } if ($rs->isEmpty()) { $this->oError->set(__('c_c_auth_unknown_email')); return false; } while ($rs->fetch()) { # génération du nouveau mot de passe et du code d'activation $sNewPassword = util::random_key(8, true); $sNewPasswordKey = util::random_key(8); $sPasswordHash = password::hash($sNewPassword, PASSWORD_DEFAULT); $sQuery = 'UPDATE ' . $this->t_users . ' SET ' . 'activate_string=\'' . $sPasswordHash . '\', ' . 'activate_key=\'' . $sNewPasswordKey . '\' ' . 'WHERE id=' . (int) $rs->id; if (!$this->oDb->execute($sQuery)) { return false; } # Initialisation du mailer et envoi du mail $oMail = new oktMail($this->okt); $oMail->setFrom(); $oMail->message->setTo($sEmail); $oMail->useFile(OKT_LOCALES_PATH . '/' . $this->okt->user->language . '/templates/activate_password.tpl', array('SITE_TITLE' => util::getSiteTitle(), 'SITE_URL' => $this->okt->config->app_url, 'USERNAME' => self::getUserCN($rs->username, $rs->lastname, $rs->firstname), 'NEW_PASSWORD' => $sNewPassword, 'ACTIVATION_URL' => $sActivateUrl . '?action=validate_password&uid=' . $rs->id . '&key=' . rawurlencode($sNewPasswordKey))); $oMail->send(); } return true; }