示例#1
0
 public function testUpdate()
 {
     $id = DM\Users::toId($this->testName);
     $params = array('id' => $id, 'first_name' => '123', 'last_name' => '231', 'sex' => 'f', 'email' => 'f', 'password' => 'a', 'photo' => '/tmp/q.jpg', 'language_id' => 2, 'recover_hash' => '---', 'enabled' => 0, 'cid' => 1);
     DM\Users::update($params);
     $data = DM\Users::read($id);
     $params['password'] = md5('aero' . $params['password']);
     $this->assertArraySubset($params, $data);
     //updateByName
     unset($params['id']);
     $params['name'] = $this->testName;
     $params['password'] = '******';
     $params['enabled'] = 1;
     DM\Users::updateByName($params);
     $data = DM\Users::read($id);
     $params['password'] = md5('aero' . $params['password']);
     $this->assertArraySubset($params, $data);
     //verify password
     $this->assertTrue(DM\Users::verifyPassword($id, 'b'), 'Wrong password');
     //check id by mail
     $id = DM\Users::getIdByEmail('f');
     $this->assertTrue(is_numeric($id), 'Cant get Id by mail');
     //check id by recover hash
     $id = DM\Users::getIdByRecoveryHash('---');
     $this->assertTrue(is_numeric($id), 'Cant get Id by recover hash');
     //check owner
     $this->assertTrue(DM\Users::getOwnerId($id) == 1, 'different owner set');
 }
示例#2
0
文件: User.php 项目: sebbie42/casebox
 /**
  * set new password for a user by his recovery hash
  * @param varchar $hash
  * @param varchar $password
  */
 public static function setNewPasswordByRecoveryHash($hash, $password)
 {
     $rez = false;
     $id = DM\Users::getIdByRecoveryHash($hash);
     if (!empty($id)) {
         DM\Users::update(array('id' => $id, 'password' => $password, 'recover_hash' => null));
         $rez = true;
     }
     return $rez;
 }
示例#3
0
$coreUrl = Config::get('core_url');
switch ($action) {
    case 'forgot-password':
        break;
    case 'reset-password':
        //check if recover hash is given
        $hash = '';
        if (!empty($_GET['h'])) {
            $hash = $_GET['h'];
        }
        if (!empty($_POST['h'])) {
            $hash = $_POST['h'];
        }
        if (!empty($hash)) {
            //process hash from get and check it
            $user_id = DM\Users::getIdByRecoveryHash($hash);
            if (empty($user_id)) {
                $_SESSION['msg'] = '<div class="alert alert-error">' . L\get('RecoverHashNotFound') . (IS_DEBUG_HOST ? $hash : '') . '</div>';
                break;
            }
            //if recovery hash check passed - check and set new password if specified
            if (isset($_POST['p']) && isset($_POST['p2'])) {
                $p = $_POST['p'];
                $p2 = $_POST['p2'];
                if (empty($p) || $p != $p2) {
                    $_SESSION['p_msg'] = L\get('PasswordMissmatch');
                    break;
                }
                User::setNewPasswordByRecoveryHash($hash, $p);
                $_SESSION['msg'] = '<div class="alert alert-success">' . L\get('PasswordChangedMsg') . '<br /> <br /><a href="' . $coreUrl . '">' . L\get('Login') . '</a></div>';
                break;