game/_incl_data/class/User/Password.php

62 lines
1.9 KiB
PHP
Raw Normal View History

<?php
namespace User;
use Core\Db;
use PassGen;
use User;
class Password
{
private array $info = [];
public function __construct(array $userinfo)
{
$this->info = $userinfo ?? User::start()->info;
}
2023-08-15 22:48:29 +00:00
public static function isGood(string $password, string $passwordHash, string $login): bool
{
if (password_verify($password, $passwordHash)) { // check password
return true;
} else {
if (
md5($password) === $passwordHash || // convert old md5() password
password_needs_rehash($passwordHash, PASSWORD_DEFAULT) //rehash if PASSWORD_DEFAULT changed
) {
$hash = password_hash($password, PASSWORD_DEFAULT);
Db::sql('update users set pass = ? where login = ?', [$hash, $login]);
return true;
}
return false;
}
}
public function changeFirst(string $old, string $new): string
{
if ($old === $new && password_verify($old, $this->info['pass'])) {
if ($this->info['emailconfirmation'] === 1) {
$query = 'insert into emailconfirmation (id, code, pa_em, pass) values (?,?,?,1)';
$args = [
$this->info['id'],
PassGen::intCode(10),
2023-08-15 22:48:29 +00:00
password_hash($new, PASSWORD_DEFAULT),
];
2023-01-10 16:29:32 +00:00
Confirmation::byEmail($this->info, 'пароль', $new, $args[1]);
$hashedPass = $args[2];
} else {
2023-08-15 22:48:29 +00:00
$query = 'update users set pass = ?, securetime = unix_timestamp() + 259200 where id = ?';
$args = [
password_hash($new, PASSWORD_DEFAULT),
2023-08-15 22:48:29 +00:00
$this->info['id'],
];
$hashedPass = $args[0];
}
Db::sql($query, $args);
return $hashedPass;
}
return $this->info['pass'];
}
}