0
1
Fork 0
hedera-web-mindshore/rest/core/recover-password.php

64 lines
1.4 KiB
PHP
Executable File

<?php
class RecoverPassword extends Vn\Web\JsonRequest
{
const PARAMS = ['user'];
const LOWERS = 'abcdefghijklmnopqrstuvwxyz';
const UPPERS = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ';
const DIGITS = '1234567890';
const SYMBOLS = '!$%&()=.';
function run ($db)
{
$isEnabled = $db->getValue (
'SELECT active FROM account.user WHERE name = #',
[$_REQUEST['user']]);
if (!$isEnabled)
return TRUE;
$restrictions = $db->getRow (
'SELECT length, nUpper, nDigits, nPunct FROM account.userPassword');
$pass = [];
$newPass = '';
$nAlpha = $restrictions['length'] - (
$restrictions['nUpper'] +
$restrictions['nDigits'] +
$restrictions['nPunct']);
$this->genRands ($pass, self::LOWERS, $nAlpha);
$this->genRands ($pass, self::UPPERS, $restrictions['nUpper']);
$this->genRands ($pass, self::DIGITS, $restrictions['nDigits']);
$this->genRands ($pass, self::SYMBOLS, $restrictions['nPunct']);
for ($i = count ($pass) - 1; $i >= 0; $i--)
{
$rand = rand (0, $i);
$newPass .= $pass[$rand];
array_splice ($pass, $rand, 1);
}
// XXX: Debug
error_log ($newPass);
return TRUE;
$db->query (
'UPDATE account.user SET password = MD5(#) WHERE name = #',
[$randomPass, $_REQUEST['user']]);
return TRUE;
}
function genRands (&$pass, $chars, $max)
{
$len = strlen ($chars) - 1;
for ($i = 0; $i < $max; $i++)
$pass[] = $chars[rand (0, $len)];
}
}