2016-09-06 14:25:02 +00:00
|
|
|
<?php
|
|
|
|
|
|
|
|
class RecoverPassword extends Vn\Web\JsonRequest
|
|
|
|
{
|
|
|
|
const PARAMS = ['user'];
|
|
|
|
|
|
|
|
const LOWERS = 'abcdefghijklmnopqrstuvwxyz';
|
|
|
|
const UPPERS = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ';
|
|
|
|
const DIGITS = '1234567890';
|
|
|
|
const SYMBOLS = '!$%&()=.';
|
|
|
|
|
|
|
|
function run ($db)
|
|
|
|
{
|
|
|
|
$isEnabled = $db->getValue (
|
|
|
|
'SELECT active FROM account.user WHERE name = #',
|
|
|
|
[$_REQUEST['user']]);
|
|
|
|
|
|
|
|
if (!$isEnabled)
|
|
|
|
return TRUE;
|
|
|
|
|
|
|
|
$restrictions = $db->getRow (
|
2016-09-23 22:47:34 +00:00
|
|
|
'SELECT length, nUpper, nDigits, nPunct FROM account.userPassword');
|
2016-09-06 14:25:02 +00:00
|
|
|
|
|
|
|
$pass = [];
|
|
|
|
$newPass = '';
|
|
|
|
|
|
|
|
$nAlpha = $restrictions['length'] - (
|
2016-09-23 22:47:34 +00:00
|
|
|
$restrictions['nUpper'] +
|
|
|
|
$restrictions['nDigits'] +
|
|
|
|
$restrictions['nPunct']);
|
2016-09-06 14:25:02 +00:00
|
|
|
|
|
|
|
$this->genRands ($pass, self::LOWERS, $nAlpha);
|
2016-09-23 22:47:34 +00:00
|
|
|
$this->genRands ($pass, self::UPPERS, $restrictions['nUpper']);
|
|
|
|
$this->genRands ($pass, self::DIGITS, $restrictions['nDigits']);
|
|
|
|
$this->genRands ($pass, self::SYMBOLS, $restrictions['nPunct']);
|
2016-09-06 14:25:02 +00:00
|
|
|
|
|
|
|
for ($i = count ($pass) - 1; $i >= 0; $i--)
|
|
|
|
{
|
|
|
|
$rand = rand (0, $i);
|
|
|
|
$newPass .= $pass[$rand];
|
|
|
|
array_splice ($pass, $rand, 1);
|
|
|
|
}
|
|
|
|
|
|
|
|
// XXX: Debug
|
|
|
|
error_log ($newPass);
|
|
|
|
return TRUE;
|
|
|
|
|
|
|
|
$db->query (
|
2016-09-19 06:40:18 +00:00
|
|
|
'UPDATE account.user SET password = MD5(#) WHERE name = #',
|
2016-09-06 14:25:02 +00:00
|
|
|
[$randomPass, $_REQUEST['user']]);
|
|
|
|
|
|
|
|
return TRUE;
|
|
|
|
}
|
|
|
|
|
|
|
|
function genRands (&$pass, $chars, $max)
|
|
|
|
{
|
|
|
|
$len = strlen ($chars) - 1;
|
|
|
|
|
|
|
|
for ($i = 0; $i < $max; $i++)
|
|
|
|
$pass[] = $chars[rand (0, $len)];
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|