0
1
Fork 0
hedera-web-mindshore/rest/core/recover-password.php

65 lines
1.4 KiB
PHP
Raw Normal View History

2016-09-06 14:25:02 +00:00
<?php
class RecoverPassword extends Vn\Web\JsonRequest
{
const PARAMS = ['user'];
const LOWERS = 'abcdefghijklmnopqrstuvwxyz';
const UPPERS = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ';
const DIGITS = '1234567890';
const SYMBOLS = '!$%&()=.';
function run ($db)
{
$isEnabled = $db->getValue (
'SELECT active FROM account.user WHERE name = #',
[$_REQUEST['user']]);
if (!$isEnabled)
return TRUE;
$restrictions = $db->getRow (
2016-09-23 22:47:34 +00:00
'SELECT length, nUpper, nDigits, nPunct FROM account.userPassword');
2016-09-06 14:25:02 +00:00
$pass = [];
$newPass = '';
$nAlpha = $restrictions['length'] - (
2016-09-23 22:47:34 +00:00
$restrictions['nUpper'] +
$restrictions['nDigits'] +
$restrictions['nPunct']);
2016-09-06 14:25:02 +00:00
$this->genRands ($pass, self::LOWERS, $nAlpha);
2016-09-23 22:47:34 +00:00
$this->genRands ($pass, self::UPPERS, $restrictions['nUpper']);
$this->genRands ($pass, self::DIGITS, $restrictions['nDigits']);
$this->genRands ($pass, self::SYMBOLS, $restrictions['nPunct']);
2016-09-06 14:25:02 +00:00
for ($i = count ($pass) - 1; $i >= 0; $i--)
{
$rand = rand (0, $i);
$newPass .= $pass[$rand];
array_splice ($pass, $rand, 1);
}
// XXX: Debug
error_log ($newPass);
return TRUE;
$db->query (
2016-09-19 06:40:18 +00:00
'UPDATE account.user SET password = MD5(#) WHERE name = #',
2016-09-06 14:25:02 +00:00
[$randomPass, $_REQUEST['user']]);
return TRUE;
}
function genRands (&$pass, $chars, $max)
{
$len = strlen ($chars) - 1;
for ($i = 0; $i < $max; $i++)
$pass[] = $chars[rand (0, $len)];
}
}
?>