/**
* Modification du mot de passe d'un utilisateur
*
* @param $aParams
* @return boolean
*/
public function changeUserPassword($aParams = array())
{
$this->checkPassword($aParams);
if (!$this->error->isEmpty()) {
return false;
}
$password_hash = password::hash($aParams['password'], PASSWORD_DEFAULT);
$sQuery = 'UPDATE ' . $this->t_users . ' SET ' . 'password=\'' . $this->db->escapeStr($password_hash) . '\', ' . 'salt=\'' . $this->db->escapeStr(util::random_key(12)) . '\' ' . 'WHERE id=' . (int) $aParams['id'];
if (!$this->db->execute($sQuery)) {
return false;
}
return true;
}
$errors->set(__('i_supa_must_admin_password'));
}
if ($admin_email == '') {
$errors->set(__('i_supa_must_admin_email'));
}
$current_timestamp = time();
# si pas d'erreur on ajoutent les utilisateurs
if ($errors->isEmpty()) {
# insertion invité id 1
$query = 'INSERT INTO `' . OKT_DB_PREFIX . 'core_users` (`id`, `username`, `group_id`, `password`) ' . 'VALUES ( 1, \'Guest\', 3, \'Guest\' );';
$db->query($query);
# insertion superadmin (id 2)
$query = 'INSERT INTO `' . OKT_DB_PREFIX . 'core_users` (' . '`id`, `username`, `group_id`, `salt`, `password`, `language`, `timezone`, `email`, `registered`, `last_visit`' . ') VALUES ( ' . '2, ' . '\'' . $db->escapeStr($sudo_user) . '\', ' . '1, ' . '\'' . $db->escapeStr(util::random_key(12)) . '\', ' . '\'' . $db->escapeStr(password::hash($sudo_password, PASSWORD_DEFAULT)) . '\', ' . '\'fr\', ' . '\'Europe/Paris\', ' . '\'' . $db->escapeStr($sudo_email) . '\', ' . $current_timestamp . ', ' . $current_timestamp . ' ' . ');';
$db->query($query);
# insertion admin id 3
$query = 'INSERT INTO `' . OKT_DB_PREFIX . 'core_users` (' . '`id`, `username`, `group_id`, `salt`, `password`, `language`, `timezone`, `email`, `registered`, `last_visit`' . ') VALUES ( ' . '3, ' . '\'' . $db->escapeStr($admin_user) . '\', ' . '2, ' . '\'' . $db->escapeStr(util::random_key(12)) . '\', ' . '\'' . $db->escapeStr(password::hash($admin_password, PASSWORD_DEFAULT)) . '\', ' . '\'fr\', ' . '\'Europe/Paris\', ' . '\'' . $db->escapeStr($admin_email) . '\', ' . $current_timestamp . ', ' . $current_timestamp . ' ' . ');';
$db->query($query);
$_SESSION['okt_install_sudo_user'] = $sudo_user;
$_SESSION['okt_install_sudo_password'] = $sudo_password;
$_SESSION['okt_install_admin_user'] = $admin_user;
$_SESSION['okt_install_admin_password'] = $admin_password;
# Inclusion du prepend
require_once __DIR__ . '/../../../oktInc/prepend.php';
# login
$okt->user->login($sudo_user, $sudo_password, 1);
http::redirect('index.php?step=' . $stepper->getNextStep());
}
}
/* Affichage
------------------------------------------------------------*/
# En-tête
/**
* Envoi un email avec un nouveau mot de passe.
*
* @param string $sEmail L'adresse email où envoyer le nouveau mot de passe
* @param string $sActivateUrl L'URL de la page de validation
* @return boolean
*/
public function forgetPassword($sEmail, $sActivateUrl)
{
$sEmail = strtolower(trim($sEmail));
# validation de l'adresse fournie
if (!text::isEmail($sEmail)) {
$this->oError->set(__('c_c_auth_invalid_email'));
return false;
}
# récupération des infos de l'utilisateur
$sQuery = 'SELECT id, username, lastname, firstname, salt ' . 'FROM ' . $this->t_users . ' ' . 'WHERE email=\'' . $this->oDb->escapeStr($sEmail) . '\'';
if (($rs = $this->oDb->select($sQuery)) === false) {
return false;
}
if ($rs->isEmpty()) {
$this->oError->set(__('c_c_auth_unknown_email'));
return false;
}
while ($rs->fetch()) {
# génération du nouveau mot de passe et du code d'activation
$sNewPassword = util::random_key(8, true);
$sNewPasswordKey = util::random_key(8);
$sPasswordHash = password::hash($sNewPassword, PASSWORD_DEFAULT);
$sQuery = 'UPDATE ' . $this->t_users . ' SET ' . 'activate_string=\'' . $sPasswordHash . '\', ' . 'activate_key=\'' . $sNewPasswordKey . '\' ' . 'WHERE id=' . (int) $rs->id;
if (!$this->oDb->execute($sQuery)) {
return false;
}
# Initialisation du mailer et envoi du mail
$oMail = new oktMail($this->okt);
$oMail->setFrom();
$oMail->message->setTo($sEmail);
$oMail->useFile(OKT_LOCALES_PATH . '/' . $this->okt->user->language . '/templates/activate_password.tpl', array('SITE_TITLE' => util::getSiteTitle(), 'SITE_URL' => $this->okt->config->app_url, 'USERNAME' => self::getUserCN($rs->username, $rs->lastname, $rs->firstname), 'NEW_PASSWORD' => $sNewPassword, 'ACTIVATION_URL' => $sActivateUrl . '?action=validate_password&uid=' . $rs->id . '&key=' . rawurlencode($sNewPasswordKey)));
$oMail->send();
}
return true;
}
