forked from verdnatura/hedera-web
67 lines
1.4 KiB
PHP
Executable File
67 lines
1.4 KiB
PHP
Executable File
<?php
|
|
|
|
require_once ('vn/web/json-request.php');
|
|
|
|
class RecoverPassword extends Vn\Web\JsonRequest
|
|
{
|
|
const PARAMS = ['user'];
|
|
|
|
const LOWERS = 'abcdefghijklmnopqrstuvwxyz';
|
|
const UPPERS = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ';
|
|
const DIGITS = '1234567890';
|
|
const SYMBOLS = '!$%&()=.';
|
|
|
|
function run ($db)
|
|
{
|
|
$isEnabled = $db->getValue (
|
|
'SELECT active FROM account.user WHERE name = #',
|
|
[$_REQUEST['user']]);
|
|
|
|
if (!$isEnabled)
|
|
return TRUE;
|
|
|
|
$restrictions = $db->getRow (
|
|
'SELECT length, nupper, ndigits, npunct FROM account.user_password');
|
|
|
|
$pass = [];
|
|
$newPass = '';
|
|
|
|
$nAlpha = $restrictions['length'] - (
|
|
$restrictions['nupper'] +
|
|
$restrictions['ndigits'] +
|
|
$restrictions['npunct']);
|
|
|
|
$this->genRands ($pass, self::LOWERS, $nAlpha);
|
|
$this->genRands ($pass, self::UPPERS, $restrictions['nupper']);
|
|
$this->genRands ($pass, self::DIGITS, $restrictions['ndigits']);
|
|
$this->genRands ($pass, self::SYMBOLS, $restrictions['npunct']);
|
|
|
|
for ($i = count ($pass) - 1; $i >= 0; $i--)
|
|
{
|
|
$rand = rand (0, $i);
|
|
$newPass .= $pass[$rand];
|
|
array_splice ($pass, $rand, 1);
|
|
}
|
|
|
|
// XXX: Debug
|
|
error_log ($newPass);
|
|
return TRUE;
|
|
|
|
$db->query (
|
|
'UPDATE account.user SET password = MD5(#) WHERE name = #',
|
|
[$randomPass, $_REQUEST['user']]);
|
|
|
|
return TRUE;
|
|
}
|
|
|
|
function genRands (&$pass, $chars, $max)
|
|
{
|
|
$len = strlen ($chars) - 1;
|
|
|
|
for ($i = 0; $i < $max; $i++)
|
|
$pass[] = $chars[rand (0, $len)];
|
|
}
|
|
}
|
|
|
|
?>
|