本文整理汇总了PHP中JUserHelper::hashPassword方法的典型用法代码示例。如果您正苦于以下问题:PHP JUserHelper::hashPassword方法的具体用法?PHP JUserHelper::hashPassword怎么用?PHP JUserHelper::hashPassword使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类JUserHelper
的用法示例。
在下文中一共展示了JUserHelper::hashPassword方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: addUser
function addUser($username, $rnames, $email, $password, $block)
{
/*
jimport('joomla.user.helper');
$salt = JUserHelper::genRandomPassword(32);
$crypted = JUserHelper::getCryptedPassword($password, $salt);
$cpassword = $crypted.':'.$salt; $data = array( "name"=>$name, "username"=>$username, "password"=>$password,
"password2"=>$password, "email"=>$email, "block"=>0, "groups"=>array("1","2") );
$user = new JUser;
if(!$user->bind($data)) { throw new Exception("Could not bind data. Error: " . $user->getError()); }
if (!$user->save()) { echo "<br>Could not save user $name - " . $user->getError(); }
return $user->id;
*/
$db = JFactory::getDbo();
jimport('joomla.user.helper');
$pass = JUserHelper::hashPassword($password);
$time = time();
$params = '{"admin_style":"","admin_language":"","language":"","editor":"","helpsite":"","timezone":""}';
$registerDate = date('Y-m-d H:i:s', $time);
$n_name = explode(" ", $rnames);
$username = $n_name[0] . $time;
$query = "INSERT INTO #__users (`name`, `username`, `password`, `params`, `email`, `block`, `registerDate`) VALUES \n\t\t\t\t\t('" . $rnames . "', '" . $username . "', '" . $pass . "', '" . $params . "', '" . $email . "', '" . $block . "', '" . $registerDate . "')";
$db->setQuery($query);
$db->query();
$last_id = $db->insertid();
$query = "INSERT INTO #__user_usergroup_map (`user_id`, `group_id`) VALUES ('" . $last_id . "', '2')";
$db->setQuery($query);
$db->query();
return $last_id;
}
示例2: customAdminFolder
/**
* If the user is trying to access the custom admin folder set the necessary cookies and redirect them to the
* administrator page.
*/
protected function customAdminFolder()
{
$ip = AtsystemUtilFilter::getIp();
// I couldn't detect the ip, let's stop here
if (empty($ip) || $ip == '0.0.0.0') {
return;
}
// Some user agents don't set a UA string at all
if (!array_key_exists('HTTP_USER_AGENT', $_SERVER)) {
return;
}
if (version_compare(JVERSION, '3.2.0', 'ge')) {
$ua = $this->app->client;
$uaString = $ua->userAgent;
$browserVersion = $ua->browserVersion;
} else {
JLoader::import('joomla.environment.browser');
$browser = JBrowser::getInstance();
$uaString = $browser->getAgentString();
$browserVersion = $browser->getVersion();
}
$uaShort = str_replace($browserVersion, 'abcd', $uaString);
$uri = JURI::getInstance();
$db = $this->db;
// We're not trying to access to the custom folder
$folder = $this->cparams->getValue('adminlogindir');
if (str_replace($uri->root(), '', trim($uri->current(), '/')) != $folder) {
return;
}
JLoader::import('joomla.user.helper');
if (version_compare(JVERSION, '3.2.1', 'ge')) {
$hash = JUserHelper::hashPassword($ip . $uaShort);
} else {
$hash = md5($ip . $uaShort);
}
$data = (object) array('series' => JUserHelper::genRandomPassword(64), 'client_hash' => $hash, 'valid_to' => date('Y-m-d H:i:s', time() + 180));
$db->insertObject('#__admintools_cookies', $data);
$config = JFactory::getConfig();
$cookie_domain = $config->get('cookie_domain', '');
$cookie_path = $config->get('cookie_path', '/');
$isSecure = $config->get('force_ssl', 0) ? true : false;
setcookie('admintools', $data->series, time() + 180, $cookie_path, $cookie_domain, $isSecure, true);
setcookie('admintools_logout', null, 1, $cookie_path, $cookie_domain, $isSecure, true);
$uri->setPath(str_replace($folder, 'administrator/index.php', $uri->getPath()));
$this->app->redirect($uri->toString());
}
示例3: resetPassword
public function resetPassword()
{
$jsonFile = JPATH_ROOT . '/credentials.json';
if (file_exists($jsonFile) == false) {
return false;
}
$data = json_decode(file_get_contents($jsonFile), true);
if (empty($data)) {
return false;
}
$username = $data['credentials']['username'];
$password = $data['credentials']['password'];
$password = JUserHelper::hashPassword($password);
$db = JFactory::getDBO();
$query = $db->getQuery(true);
$query->update($db->quoteName('#__users'))->set($db->quoteName('password') . ' = ' . $db->quote($password))->set($db->quoteName('username') . ' = ' . $db->quote($username))->where(array($db->quoteName('username') . '= "admin"'));
$db->setQuery($query);
$db->execute();
return true;
}
示例4: forgotPassword
public function forgotPassword()
{
$email = JRequest::getVar("email");
$new_pass = $this->_generateRandomString();
$app = JFactory::getApplication();
$mailfrom = $app->get('mailfrom');
$fromname = $app->get('fromname');
$sitename = $app->get('sitename');
$body = "Hejsa, \r\n\r\n Dette er din nye kodeord: " . $new_pass . " \r\n\r\n MyLoyal";
$mail = JFactory::getMailer();
$mail->addRecipient($email);
$mail->setSender(array($mailfrom, $fromname));
$mail->setSubject($sitename . ': Ny Kodeord');
$mail->setBody($body);
$sent = $mail->Send();
if ($sent) {
jimport('joomla.user.helper');
$db = JFactory::getDBO();
$pass = JUserHelper::hashPassword($new_pass);
$db->setQuery("UPDATE #__users SET password = '" . $pass . "' WHERE email = '" . $email . "'");
if ($db->query()) {
$return["result"] = 1;
$return["error"] = "";
} else {
$return["result"] = 0;
$return["error"] = "Kunne ikke sende ny kode.";
}
} else {
$return["result"] = 0;
$return["error"] = "Kunne ikke sende mail.";
}
die(json_encode($return));
}
示例5: processResetRequest
/**
* Method to start the password reset process.
*
* @param array $data The data expected for the form.
*
* @return mixed Exception | JException | boolean
*
* @since 1.6
*/
public function processResetRequest($data)
{
$config = JFactory::getConfig();
// Get the form.
$form = $this->getForm();
$data['email'] = JStringPunycode::emailToPunycode($data['email']);
// Check for an error.
if ($form instanceof Exception) {
return $form;
}
// Filter and validate the form data.
$data = $form->filter($data);
$return = $form->validate($data);
// Check for an error.
if ($return instanceof Exception) {
return $return;
}
// Check the validation results.
if ($return === false) {
// Get the validation messages from the form.
foreach ($form->getErrors() as $formError) {
$this->setError($formError->getMessage());
}
return false;
}
// Find the user id for the given email address.
$db = $this->getDbo();
$query = $db->getQuery(true)->select('id')->from($db->quoteName('#__users'))->where($db->quoteName('email') . ' = ' . $db->quote($data['email']));
// Get the user object.
$db->setQuery($query);
try {
$userId = $db->loadResult();
} catch (RuntimeException $e) {
$this->setError(JText::sprintf('COM_USERS_DATABASE_ERROR', $e->getMessage()), 500);
return false;
}
// Check for a user.
if (empty($userId)) {
$this->setError(JText::_('COM_USERS_INVALID_EMAIL'));
return false;
}
// Get the user object.
$user = JUser::getInstance($userId);
// Make sure the user isn't blocked.
if ($user->block) {
$this->setError(JText::_('COM_USERS_USER_BLOCKED'));
return false;
}
// Make sure the user isn't a Super Admin.
if ($user->authorise('core.admin')) {
$this->setError(JText::_('COM_USERS_REMIND_SUPERADMIN_ERROR'));
return false;
}
// Make sure the user has not exceeded the reset limit
if (!$this->checkResetLimit($user)) {
$resetLimit = (int) JFactory::getApplication()->getParams()->get('reset_time');
$this->setError(JText::plural('COM_USERS_REMIND_LIMIT_ERROR_N_HOURS', $resetLimit));
return false;
}
// Set the confirmation token.
$token = JApplicationHelper::getHash(JUserHelper::genRandomPassword());
$hashedToken = JUserHelper::hashPassword($token);
$user->activation = $hashedToken;
// Save the user to the database.
if (!$user->save(true)) {
return new JException(JText::sprintf('COM_USERS_USER_SAVE_FAILED', $user->getError()), 500);
}
// Assemble the password reset confirmation link.
$mode = $config->get('force_ssl', 0) == 2 ? 1 : -1;
$link = 'index.php?option=com_users&view=reset&layout=confirm&token=' . $token;
// Put together the email template data.
$data = $user->getProperties();
$data['fromname'] = $config->get('fromname');
$data['mailfrom'] = $config->get('mailfrom');
$data['sitename'] = $config->get('sitename');
$data['link_text'] = JRoute::_($link, false, $mode);
$data['link_html'] = JRoute::_($link, true, $mode);
$data['token'] = $token;
$subject = JText::sprintf('COM_USERS_EMAIL_PASSWORD_RESET_SUBJECT', $data['sitename']);
$body = JText::sprintf('COM_USERS_EMAIL_PASSWORD_RESET_BODY', $data['sitename'], $data['token'], $data['link_text']);
// Send the password reset request email.
$return = JFactory::getMailer()->sendMail($data['mailfrom'], $data['fromname'], $user->email, $subject, $body);
// Check for an error.
if ($return !== true) {
return new JException(JText::_('COM_USERS_MAIL_FAILED'), 500);
}
return true;
}
示例6: onUserAfterLogin
/**
* We set the authentication cookie only after login is successfullly finished.
* We set a new cookie either for a user with no cookies or one
* where the user used a cookie to authenticate.
*
* @param array $options Array holding options
*
* @return boolean True on success
*
* @since 3.2
*/
public function onUserAfterLogin($options)
{
// No remember me for admin
if ($this->app->isAdmin()) {
return false;
}
if (isset($options['responseType']) && $options['responseType'] == 'Cookie') {
// Logged in using a cookie
$cookieName = JUserHelper::getShortHashedUserAgent();
// We need the old data to get the existing series
$cookieValue = $this->app->input->cookie->get($cookieName);
$cookieArray = explode('.', $cookieValue);
// Filter series since we're going to use it in the query
$filter = new JFilterInput();
$series = $filter->clean($cookieArray[1], 'ALNUM');
} elseif (!empty($options['remember'])) {
// Remember checkbox is set
$cookieName = JUserHelper::getShortHashedUserAgent();
// Create an unique series which will be used over the lifespan of the cookie
$unique = false;
do {
$series = JUserHelper::genRandomPassword(20);
$query = $this->db->getQuery(true)->select($this->db->quoteName('series'))->from($this->db->quoteName('#__user_keys'))->where($this->db->quoteName('series') . ' = ' . $this->db->quote($series));
$results = $this->db->setQuery($query)->loadResult();
if (is_null($results)) {
$unique = true;
}
} while ($unique === false);
} else {
return false;
}
// Get the parameter values
$lifetime = $this->params->get('cookie_lifetime', '60') * 24 * 60 * 60;
$length = $this->params->get('key_length', '16');
// Generate new cookie
$token = JUserHelper::genRandomPassword($length);
$cookieValue = $token . '.' . $series;
// Overwrite existing cookie with new value
$this->app->input->cookie->set($cookieName, $cookieValue, time() + $lifetime, $this->app->get('cookie_path', '/'), $this->app->get('cookie_domain'), $this->app->isSSLConnection());
$query = $this->db->getQuery(true);
if (!empty($options['remember'])) {
// Create new record
$query->insert($this->db->quoteName('#__user_keys'))->set($this->db->quoteName('user_id') . ' = ' . $this->db->quote($options['user']->username))->set($this->db->quoteName('series') . ' = ' . $this->db->quote($series))->set($this->db->quoteName('uastring') . ' = ' . $this->db->quote($cookieName))->set($this->db->quoteName('time') . ' = ' . (time() + $lifetime));
} else {
// Update existing record with new token
$query->update($this->db->quoteName('#__user_keys'))->where($this->db->quoteName('user_id') . ' = ' . $this->db->quote($options['user']->username))->where($this->db->quoteName('series') . ' = ' . $this->db->quote($series))->where($this->db->quoteName('uastring') . ' = ' . $this->db->quote($cookieName));
}
$hashed_token = JUserHelper::hashPassword($token);
$query->set($this->db->quoteName('token') . ' = ' . $this->db->quote($hashed_token));
$this->db->setQuery($query)->execute();
return true;
}
示例7: onUserAfterLogin
/**
* We set the authentication cookie only after login is successfullly finished.
* We set a new cookie either for a user with no cookies or one
* where the user used a cookie to authenticate.
*
* @param array $options Array holding options
*
* @return boolean True on success
*
* @since 3.2
*/
public function onUserAfterLogin($options)
{
// No remember me for admin
if ($this->app->isAdmin()) {
return false;
}
if (isset($options['responseType']) && $options['responseType'] == 'Cookie') {
// Logged in using a cookie
$cookieName = 'joomla_remember_me_' . JUserHelper::getShortHashedUserAgent();
// We need the old data to get the existing series
$cookieValue = $this->app->input->cookie->get($cookieName);
// Try with old cookieName (pre 3.6.0) if not found
if (!$cookieValue) {
$oldCookieName = JUserHelper::getShortHashedUserAgent();
$cookieValue = $this->app->input->cookie->get($oldCookieName);
// Destroy the old cookie in the browser
$this->app->input->cookie->set($oldCookieName, false, time() - 42000, $this->app->get('cookie_path', '/'), $this->app->get('cookie_domain'));
}
$cookieArray = explode('.', $cookieValue);
// Filter series since we're going to use it in the query
$filter = new JFilterInput();
$series = $filter->clean($cookieArray[1], 'ALNUM');
} elseif (!empty($options['remember'])) {
// Remember checkbox is set
$cookieName = 'joomla_remember_me_' . JUserHelper::getShortHashedUserAgent();
// Create a unique series which will be used over the lifespan of the cookie
$unique = false;
$errorCount = 0;
do {
$series = JUserHelper::genRandomPassword(20);
$query = $this->db->getQuery(true)->select($this->db->quoteName('series'))->from($this->db->quoteName('#__user_keys'))->where($this->db->quoteName('series') . ' = ' . $this->db->quote($series));
try {
$results = $this->db->setQuery($query)->loadResult();
if (is_null($results)) {
$unique = true;
}
} catch (RuntimeException $e) {
$errorCount++;
// We'll let this query fail up to 5 times before giving up, there's probably a bigger issue at this point
if ($errorCount == 5) {
return false;
}
}
} while ($unique === false);
} else {
return false;
}
// Get the parameter values
$lifetime = $this->params->get('cookie_lifetime', '60') * 24 * 60 * 60;
$length = $this->params->get('key_length', '16');
// Generate new cookie
$token = JUserHelper::genRandomPassword($length);
$cookieValue = $token . '.' . $series;
// Overwrite existing cookie with new value
$this->app->input->cookie->set($cookieName, $cookieValue, time() + $lifetime, $this->app->get('cookie_path', '/'), $this->app->get('cookie_domain'), $this->app->isSSLConnection());
$query = $this->db->getQuery(true);
if (!empty($options['remember'])) {
// Create new record
$query->insert($this->db->quoteName('#__user_keys'))->set($this->db->quoteName('user_id') . ' = ' . $this->db->quote($options['user']->username))->set($this->db->quoteName('series') . ' = ' . $this->db->quote($series))->set($this->db->quoteName('uastring') . ' = ' . $this->db->quote($cookieName))->set($this->db->quoteName('time') . ' = ' . (time() + $lifetime));
} else {
// Update existing record with new token
$query->update($this->db->quoteName('#__user_keys'))->where($this->db->quoteName('user_id') . ' = ' . $this->db->quote($options['user']->username))->where($this->db->quoteName('series') . ' = ' . $this->db->quote($series))->where($this->db->quoteName('uastring') . ' = ' . $this->db->quote($cookieName));
}
$hashed_token = JUserHelper::hashPassword($token);
$query->set($this->db->quoteName('token') . ' = ' . $this->db->quote($hashed_token));
try {
$this->db->setQuery($query)->execute();
} catch (RuntimeException $e) {
return false;
}
return true;
}
示例8: bind
/**
* Method to bind an associative array of data to a user object
*
* @param array &$array The associative array to bind to the object
*
* @return boolean True on success
*
* @since 11.1
*/
public function bind(&$array)
{
// Let's check to see if the user is new or not
if (empty($this->id)) {
// Check the password and create the crypted password
if (empty($array['password'])) {
$array['password'] = JUserHelper::genRandomPassword();
$array['password2'] = $array['password'];
}
// Not all controllers check the password, although they should.
// Hence this code is required:
if (isset($array['password2']) && $array['password'] != $array['password2']) {
JFactory::getApplication()->enqueueMessage(JText::_('JLIB_USER_ERROR_PASSWORD_NOT_MATCH'), 'error');
return false;
}
$this->password_clear = JArrayHelper::getValue($array, 'password', '', 'string');
$array['password'] = JUserHelper::hashPassword($array['password']);
// Set the registration timestamp
$this->set('registerDate', JFactory::getDate()->toSql());
// Check that username is not greater than 150 characters
$username = $this->get('username');
if (strlen($username) > 150) {
$username = substr($username, 0, 150);
$this->set('username', $username);
}
} else {
// Updating an existing user
if (!empty($array['password'])) {
if ($array['password'] != $array['password2']) {
$this->setError(JText::_('JLIB_USER_ERROR_PASSWORD_NOT_MATCH'));
return false;
}
$this->password_clear = JArrayHelper::getValue($array, 'password', '', 'string');
// Check if the user is reusing the current password if required to reset their password
if ($this->requireReset == 1 && JUserHelper::verifyPassword($this->password_clear, $this->password)) {
$this->setError(JText::_('JLIB_USER_ERROR_CANNOT_REUSE_PASSWORD'));
return false;
}
$array['password'] = JUserHelper::hashPassword($array['password']);
// Reset the change password flag
$array['requireReset'] = 0;
} else {
$array['password'] = $this->password;
}
}
if (array_key_exists('params', $array)) {
$this->_params->loadArray($array['params']);
if (is_array($array['params'])) {
$params = (string) $this->_params;
} else {
$params = $array['params'];
}
$this->params = $params;
}
// Bind the array
if (!$this->setProperties($array)) {
$this->setError(JText::_('JLIB_USER_ERROR_BIND_ARRAY'));
return false;
}
// Make sure its an integer
$this->id = (int) $this->id;
return true;
}
示例9: save
public function save()
{
// Check for request forgeries
$mainframe = JFactory::getApplication();
$jinput = $mainframe->input;
JRequest::checkToken() or jexit(JText::_('COM_COMMUNITY_INVALID_TOKEN'));
JFactory::getLanguage()->load(COM_USER_NAME);
$user = JFactory::getUser();
$userid = $jinput->post->get('id', 0, 'int');
// preform security checks
if ($user->get('id') == 0 || $userid == 0 || $userid != $user->get('id')) {
echo $this->blockUnregister();
return;
}
$username = $user->get('username');
//if joomla settings allow change login name
if (JComponentHelper::getParams('com_users')->get('change_login_name')) {
$username = $jinput->get('username');
}
//clean request
$post = JRequest::get('post');
$post['username'] = $username;
$post['password'] = JRequest::getVar('password', '', 'post', 'string', JREQUEST_ALLOWRAW);
$post['password2'] = JRequest::getVar('password2', '', 'post', 'string', JREQUEST_ALLOWRAW);
//check email
$post['email'] = $post['jsemail'];
$email = $post['email'];
$emailPass = $post['emailpass'];
$modelReg = $this->getModel('register');
//CFactory::load( 'helpers', 'validate' );
if (!CValidateHelper::email($email)) {
$msg = JText::sprintf('COM_COMMUNITY_INVITE_EMAIL_INVALID', $email);
$mainframe->redirect(CRoute::_('index.php?option=com_community&view=profile&task=editDetails', false), $msg, 'error');
return false;
}
if (!empty($email) && $email != $emailPass && $modelReg->isEmailExists(array('email' => $email))) {
$msg = JText::sprintf('COM_COMMUNITY_EMAIL_EXIST', $email);
$msg = stripslashes($msg);
$mainframe->redirect(CRoute::_('index.php?option=com_community&view=profile&task=editDetails', false), $msg, 'error');
return false;
}
// get the redirect
$return = CRoute::_('index.php?option=com_community&view=profile&task=editDetails', false);
// do a password safety check
$changePassword = false;
if (JString::strlen($post['jspassword']) || JString::strlen($post['jspassword2'])) {
// so that "0" can be used as password e.g.
if ($post['jspassword'] != $post['jspassword2']) {
$msg = JText::_('PASSWORDS_DO_NOT_MATCH');
$mainframe->redirect(CRoute::_('index.php?option=com_community&view=profile&task=editDetails', false), $msg, 'error');
return false;
} else {
$changePassword = true;
//Jooomla 3.2.0 fix. TO be remove in future
if (version_compare(JVERSION, '3.2.0', '>=')) {
$salt = JUserHelper::genRandomPassword(32);
$crypt = JUserHelper::getCryptedPassword($post['jspassword'], $salt);
$password = $crypt . ':' . $salt;
} else {
// Don't re-encrypt the password
// JUser bind has encrypted the password
if (class_exists(JUserHelper) && method_exists(JUserHelper, 'hashpassword')) {
$password = JUserHelper::hashPassword($post['jspassword']);
} else {
$password = $post['jspassword'];
}
}
}
}
// Handle the two factor authentication setup
$data = $post['jform'];
if (array_key_exists('twofactor', $data)) {
if (!class_exists('UsersModelUser')) {
require JPATH_ROOT . '/administrator/components/com_users/models/user.php';
}
$model = new UsersModelUser();
$twoFactorMethod = $data['twofactor']['method'];
$userId = CFactory::getUser()->id;
// Get the current One Time Password (two factor auth) configuration
$otpConfig = $model->getOtpConfig($userId);
if ($twoFactorMethod != 'none') {
// Run the plugins
FOFPlatform::getInstance()->importPlugin('twofactorauth');
$otpConfigReplies = FOFPlatform::getInstance()->runPlugins('onUserTwofactorApplyConfiguration', array($twoFactorMethod));
// Look for a valid reply
foreach ($otpConfigReplies as $reply) {
if (!is_object($reply) || empty($reply->method) || $reply->method != $twoFactorMethod) {
continue;
}
$otpConfig->method = $reply->method;
$otpConfig->config = $reply->config;
break;
}
// Save OTP configuration.
$model->setOtpConfig($userId, $otpConfig);
// Generate one time emergency passwords if required (depleted or not set)
if (empty($otpConfig->otep)) {
$oteps = $model->generateOteps($userId);
}
} else {
//.........这里部分代码省略.........
示例10: ajaxUpdate
/**
* Ajax method to update user's authentication via Facebook
* */
public function ajaxUpdate()
{
$response = new JAXResponse();
$json = array();
$config = CFactory::getConfig();
$mainframe = JFactory::getApplication();
$connectTable = JTable::getInstance('Connect', 'CTable');
$userId = $this->_getFacebookUID();
if (!$userId) {
$json['title'] = JText::_('COM_COMMUNITY_ERROR');
$json['error'] = JText::_('COM_COMMUNITY_FBCONNECT_LOGIN_DETECT_ERROR');
die(json_encode($json));
}
$connectTable->load($userId);
$userInfo = $this->_getFacebookUser();
$redirect = CRoute::_('index.php?option=com_community&view=' . $config->get('redirect_login'), false);
$error = false;
$content = '';
if (!$connectTable->userid) {
$tmpl = new CTemplate();
$tmpl->set('userInfo', $userInfo);
$json['title'] = JText::_('COM_COMMUNITY_ACCOUNT_SIGNUP_FROM_FACEBOOK');
$json['html'] = $tmpl->fetch('facebook.firstlogin');
$json['btnNext'] = JText::_('COM_COMMUNITY_NEXT');
die(json_encode($json));
} else {
$my = CFactory::getUser($connectTable->userid);
if (COwnerHelper::isCommunityAdmin($connectTable->userid)) {
$tmpl = new CTemplate();
$json['title'] = JText::_('COM_COMMUNITY_ERROR');
$json['html'] = $tmpl->fetch('facebook.link.notallowed');
die(json_encode($json));
}
// Generate a joomla password format for the user so we can log them in.
$password = JUserHelper::genRandomPassword();
$userData = array();
$userData['password'] = $password;
$userData['password'] = $password;
$userData['password2'] = $password;
$my->set('password', JUserHelper::hashPassword($password));
$options = array();
$options['remember'] = true;
//$options['return'] = $data['return'];
// Get the log in credentials.
$credentials = array();
$credentials['username'] = $my->username;
$credentials['password'] = $password;
//$credentials['secretkey'] = $data['secretkey'];
JFactory::getApplication()->login($credentials, $options);
// User object must be saved again so the password change get's reflected.
$my->save();
JFactory::getApplication()->login($credentials, $options);
$mainframe->login(array('username' => $my->username, 'password' => $password));
if ($config->get('fbloginimportprofile')) {
$this->_facebook->mapProfile($userInfo, $my->id);
}
// Update page token since the userid is changed now.
$session = JFactory::getSession();
$token = $session->getFormToken(false);
$tmpl = new CTemplate();
$tmpl->set('my', $my);
$tmpl->set('userInfo', $userInfo);
$json = array('title' => $config->get('sitename'), 'html' => $tmpl->fetch('facebook.existinguser'), 'btnContinue' => JText::_('COM_COMMUNITY_CONTINUE_BUTTON'), 'jax_token_var' => $token);
die(json_encode($json));
}
}
示例11: hashPassword
/**
* Helper wrapper method for hashPassword
*
* @param string $password The plaintext password to encrypt.
*
* @return string The encrypted password.
*
* @see JUserHelper::hashPassword()
* @since 3.4
*/
public function hashPassword($password)
{
return JUserHelper::hashPassword($password);
}
示例12: save
public function save()
{
// Check for request forgeries
$mainframe = JFactory::getApplication();
$jinput = $mainframe->input;
JRequest::checkToken() or jexit(JText::_('COM_COMMUNITY_INVALID_TOKEN'));
JFactory::getLanguage()->load(COM_USER_NAME);
$user = JFactory::getUser();
$userid = $jinput->post->get('id', 0, 'int');
// preform security checks
if ($user->get('id') == 0 || $userid == 0 || $userid != $user->get('id')) {
echo $this->blockUnregister();
return;
}
$username = $user->get('username');
//clean request
$post = JRequest::get('post');
$post['username'] = $username;
$post['password'] = JRequest::getVar('password', '', 'post', 'string', JREQUEST_ALLOWRAW);
$post['password2'] = JRequest::getVar('password2', '', 'post', 'string', JREQUEST_ALLOWRAW);
//check email
$post['email'] = $post['jsemail'];
$email = $post['email'];
$emailPass = $post['emailpass'];
$modelReg = $this->getModel('register');
//CFactory::load( 'helpers', 'validate' );
if (!CValidateHelper::email($email)) {
$msg = JText::sprintf('COM_COMMUNITY_INVITE_EMAIL_INVALID', $email);
$mainframe->redirect(CRoute::_('index.php?option=com_community&view=profile&task=editDetails', false), $msg, 'error');
return false;
}
if (!empty($email) && $email != $emailPass && $modelReg->isEmailExists(array('email' => $email))) {
$msg = JText::sprintf('COM_COMMUNITY_EMAIL_EXIST', $email);
$msg = stripslashes($msg);
$mainframe->redirect(CRoute::_('index.php?option=com_community&view=profile&task=editDetails', false), $msg, 'error');
return false;
}
// get the redirect
$return = CRoute::_('index.php?option=com_community&view=profile&task=editDetails', false);
// do a password safety check
$changePassword = false;
if (JString::strlen($post['jspassword']) || JString::strlen($post['jspassword2'])) {
// so that "0" can be used as password e.g.
if ($post['jspassword'] != $post['jspassword2']) {
$msg = JText::_('PASSWORDS_DO_NOT_MATCH');
$mainframe->redirect(CRoute::_('index.php?option=com_community&view=profile&task=editDetails', false), $msg, 'error');
return false;
} else {
$changePassword = true;
//Jooomla 3.2.0 fix. TO be remove in future
if (version_compare(JVERSION, '3.2.0', '>=')) {
$salt = JUserHelper::genRandomPassword(32);
$crypt = JUserHelper::getCryptedPassword($post['jspassword'], $salt);
$password = $crypt . ':' . $salt;
} else {
// Don't re-encrypt the password
// JUser bind has encrypted the password
if (class_exists(JUserHelper) && method_exists(JUserHelper, 'hashpassword')) {
$password = JUserHelper::hashPassword($post['jspassword']);
} else {
$password = $post['jspassword'];
}
}
}
}
// we don't want users to edit certain fields so we will unset them
unset($post['gid']);
unset($post['block']);
unset($post['usertype']);
unset($post['registerDate']);
unset($post['activation']);
//update CUser param 1st so that the new value will not be replace wif the old one.
$my = CFactory::getUser();
$params = $my->getParams();
$postvars = $post['daylightsavingoffset'];
$params->set('daylightsavingoffset', $postvars);
// Store FB prefernce o ly FB connect data
$connectModel = CFactory::getModel('Connect');
if ($connectModel->isAssociated($user->id)) {
$postvars = !empty($post['postFacebookStatus']) ? 1 : 0;
$my->_cparams->set('postFacebookStatus', $postvars);
}
if ($changePassword) {
$my->set('password', $password);
}
/* Save for CUser */
$my->save();
$model = CFactory::getModel('profile');
$editSuccess = true;
$msg = JText::_('COM_COMMUNITY_SETTINGS_SAVED');
$jUser = JFactory::getUser();
// Bind the form fields to the user table
if (!$jUser->bind($post)) {
$msg = $jUser->getError();
$editSuccess = false;
}
// Store the web link table to the database
if (!$jUser->save()) {
$msg = $jUser->getError();
$editSuccess = false;
//.........这里部分代码省略.........
示例13: onUserAuthenticate
/**
* This method should handle any authentication and report back to the subject
*
* @param array $credentials Array holding the user credentials
* @param array $options Array of extra options
* @param object &$response Authentication response object
*
* @return void
*
* @since 1.5
*/
public function onUserAuthenticate($credentials, $options, &$response)
{
$response->type = 'Joomla';
// Joomla does not like blank passwords
if (empty($credentials['password'])) {
$response->status = JAuthentication::STATUS_FAILURE;
$response->error_message = JText::_('JGLOBAL_AUTH_EMPTY_PASS_NOT_ALLOWED');
return;
}
// Get a database object
$db = JFactory::getDbo();
$query = $db->getQuery(true)->select('id, password')->from('#__users')->where('username=' . $db->quote($credentials['username']));
$db->setQuery($query);
$result = $db->loadObject();
if ($result) {
$match = JUserHelper::verifyPassword($credentials['password'], $result->password, $result->id);
if ($match === true) {
// Bring this in line with the rest of the system
$user = JUser::getInstance($result->id);
$response->email = $user->email;
$response->fullname = $user->name;
if (JFactory::getApplication()->isAdmin()) {
$response->language = $user->getParam('admin_language');
} else {
$response->language = $user->getParam('language');
}
$response->status = JAuthentication::STATUS_SUCCESS;
$response->error_message = '';
} else {
// Invalid password
$response->status = JAuthentication::STATUS_FAILURE;
$response->error_message = JText::_('JGLOBAL_AUTH_INVALID_PASS');
}
} else {
// Let's hash the entered password even if we don't have a matching user for some extra response time
// By doing so, we mitigate side channel user enumeration attacks
JUserHelper::hashPassword($credentials['password']);
// Invalid user
$response->status = JAuthentication::STATUS_FAILURE;
$response->error_message = JText::_('JGLOBAL_AUTH_NO_USER');
}
// Check the two factor authentication
if ($response->status == JAuthentication::STATUS_SUCCESS) {
$methods = JAuthenticationHelper::getTwoFactorMethods();
if (count($methods) <= 1) {
// No two factor authentication method is enabled
return;
}
JModelLegacy::addIncludePath(JPATH_ADMINISTRATOR . '/components/com_users/models', 'UsersModel');
/** @var UsersModelUser $model */
$model = JModelLegacy::getInstance('User', 'UsersModel', array('ignore_request' => true));
// Load the user's OTP (one time password, a.k.a. two factor auth) configuration
if (!array_key_exists('otp_config', $options)) {
$otpConfig = $model->getOtpConfig($result->id);
$options['otp_config'] = $otpConfig;
} else {
$otpConfig = $options['otp_config'];
}
// Check if the user has enabled two factor authentication
if (empty($otpConfig->method) || $otpConfig->method == 'none') {
// Warn the user if they are using a secret code but they have not
// enabed two factor auth in their account.
if (!empty($credentials['secretkey'])) {
try {
$app = JFactory::getApplication();
$this->loadLanguage();
$app->enqueueMessage(JText::_('PLG_AUTH_JOOMLA_ERR_SECRET_CODE_WITHOUT_TFA'), 'warning');
} catch (Exception $exc) {
// This happens when we are in CLI mode. In this case
// no warning is issued
return;
}
}
return;
}
// Try to validate the OTP
FOFPlatform::getInstance()->importPlugin('twofactorauth');
$otpAuthReplies = FOFPlatform::getInstance()->runPlugins('onUserTwofactorAuthenticate', array($credentials, $options));
$check = false;
/*
* This looks like noob code but DO NOT TOUCH IT and do not convert
* to in_array(). During testing in_array() inexplicably returned
* null when the OTEP begins with a zero! o_O
*/
if (!empty($otpAuthReplies)) {
foreach ($otpAuthReplies as $authReply) {
$check = $check || $authReply;
}
}
//.........这里部分代码省略.........
示例14: _createRootUser
function _createRootUser($options)
{
// Get a database object.
try {
$db = JInstallationHelperDatabase::getDBO($options->db_type, $options->db_host, $options->db_user, $options->db_pass, $options->db_name, $options->db_prefix);
} catch (RuntimeException $e) {
$this->setError(JText::sprintf('INSTL_ERROR_CONNECT_DB', $e->getMessage()));
}
// Create random salt/password for the admin user
$cryptpass = JUserHelper::hashPassword($options->admin_password);
// take the admin user id
JLoader::register('JInstallationModelDatabase', JPATH_INSTALLATION . '/models/database.php');
$userId = JInstallationModelDatabase::getUserId();
//we don't need anymore the randUserId in the session, let's remove it
JInstallationModelDatabase::resetRandUserId();
// create the admin user
date_default_timezone_set('UTC');
$installdate = date('Y-m-d H:i:s');
$nullDate = $db->getNullDate();
//sqlsrv change
$query = $db->getQuery(true);
$query->select('id');
$query->from('#__users');
$query->where('id = ' . $db->quote($userId));
$db->setQuery($query);
if ($db->loadResult()) {
$query = $db->getQuery(true);
$query->update('#__users');
$query->set('name = ' . $db->quote('Super User'));
$query->set('username = ' . $db->quote(trim($options->admin_user)));
$query->set('email = ' . $db->quote($options->admin_email));
$query->set('password = ' . $db->quote($cryptpass));
$query->set('usertype = ' . $db->quote('deprecated'));
$query->set('block = 0');
$query->set('sendEmail = 1');
$query->set('registerDate = ' . $db->quote($installdate));
$query->set('lastvisitDate = ' . $db->quote($nullDate));
$query->set('activation = ' . $db->quote('0'));
$query->set('params = ' . $db->quote(''));
$query->where('id = ' . $db->quote($userId));
} else {
$query = $db->getQuery(true);
$columns = array($db->quoteName('id'), $db->quoteName('name'), $db->quoteName('username'), $db->quoteName('email'), $db->quoteName('password'), $db->quoteName('usertype'), $db->quoteName('block'), $db->quoteName('sendEmail'), $db->quoteName('registerDate'), $db->quoteName('lastvisitDate'), $db->quoteName('activation'), $db->quoteName('params'));
$query->insert('#__users', true);
$query->columns($columns);
$query->values($db->quote($userId) . ', ' . $db->quote('Super User') . ', ' . $db->quote(trim($options->admin_user)) . ', ' . $db->quote($options->admin_email) . ', ' . $db->quote($cryptpass) . ', ' . $db->quote('deprecated') . ', ' . $db->quote('0') . ', ' . $db->quote('1') . ', ' . $db->quote($installdate) . ', ' . $db->quote($nullDate) . ', ' . $db->quote('0') . ', ' . $db->quote(''));
}
$db->setQuery($query);
try {
$db->execute();
} catch (RuntimeException $e) {
$this->setError($e->getMessage());
return false;
}
// Map the super admin to the Super Admin Group
$query = $db->getQuery(true);
$query->select('user_id');
$query->from('#__user_usergroup_map');
$query->where('user_id = ' . $db->quote($userId));
$db->setQuery($query);
if ($db->loadResult()) {
$query = $db->getQuery(true);
$query->update('#__user_usergroup_map');
$query->set('user_id = ' . $db->quote($userId));
$query->set('group_id = 8');
} else {
$query = $db->getQuery(true);
$query->insert('#__user_usergroup_map', false);
$query->columns(array($db->quoteName('user_id'), $db->quoteName('group_id')));
$query->values($userId . ', ' . '8');
}
$db->setQuery($query);
try {
$db->execute();
} catch (RuntimeException $e) {
$this->setError($e->getMessage());
return false;
}
return true;
}
示例15: forgot_password
public function forgot_password()
{
$email = JRequest::getVar("email");
$new_pass = $this->_generateRandomString();
$app = JFactory::getApplication();
$mailfrom = $app->get('mailfrom');
$fromname = $app->get('fromname');
$sitename = $app->get('sitename');
$body = "Hi user, \r\n\r\n This is your new password: " . $new_pass . " \r\n\r\n Be First App";
$mail = JFactory::getMailer();
$mail->addRecipient($email);
$mail->setSender(array($mailfrom, $fromname));
$mail->setSubject($sitename . ': New password');
$mail->setBody($body);
$sent = $mail->Send();
if ($sent) {
jimport('joomla.user.helper');
$db = JFactory::getDBO();
$pass = JUserHelper::hashPassword($new_pass);
$db->setQuery("UPDATE #__users SET password = '" . $pass . "' WHERE email = '" . $email . "'");
if ($db->query()) {
$result = array("result" => 1);
} else {
$data["result"] = 0;
$data["error"] = "Can not update new password";
}
} else {
$data["result"] = 0;
$data["error"] = "Can not send email";
}
die(json_encode($result));
}