2023-01-06 14:57:25 +00:00
|
|
|
<?php
|
|
|
|
|
|
|
|
|
|
namespace User;
|
|
|
|
|
|
|
|
|
|
use Core\Db;
|
|
|
|
|
use PassGen;
|
|
|
|
|
use User;
|
|
|
|
|
|
|
|
|
|
class Password
|
|
|
|
|
{
|
|
|
|
|
private array $info = [];
|
|
|
|
|
|
|
|
|
|
public function __construct(array $userinfo)
|
|
|
|
|
{
|
|
|
|
|
$this->info = $userinfo ?? User::start()->info;
|
|
|
|
|
}
|
|
|
|
|
|
2023-08-15 22:48:29 +00:00
|
|
|
public static function isGood(string $password, string $passwordHash, string $login): bool
|
|
|
|
|
{
|
|
|
|
|
if (password_verify($password, $passwordHash)) { // check password
|
|
|
|
|
return true;
|
|
|
|
|
} else {
|
|
|
|
|
if (
|
|
|
|
|
md5($password) === $passwordHash || // convert old md5() password
|
|
|
|
|
password_needs_rehash($passwordHash, PASSWORD_DEFAULT) //rehash if PASSWORD_DEFAULT changed
|
|
|
|
|
) {
|
|
|
|
|
$hash = password_hash($password, PASSWORD_DEFAULT);
|
|
|
|
|
Db::sql('update users set pass = ? where login = ?', [$hash, $login]);
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2023-01-06 14:57:25 +00:00
|
|
|
public function changeFirst(string $old, string $new): string
|
|
|
|
|
{
|
|
|
|
|
if ($old === $new && password_verify($old, $this->info['pass'])) {
|
|
|
|
|
if ($this->info['emailconfirmation'] === 1) {
|
|
|
|
|
$query = 'insert into emailconfirmation (id, code, pa_em, pass) values (?,?,?,1)';
|
|
|
|
|
$args = [
|
|
|
|
|
$this->info['id'],
|
|
|
|
|
PassGen::intCode(10),
|
2023-08-15 22:48:29 +00:00
|
|
|
password_hash($new, PASSWORD_DEFAULT),
|
2023-01-06 14:57:25 +00:00
|
|
|
];
|
2023-01-10 16:29:32 +00:00
|
|
|
Confirmation::byEmail($this->info, 'пароль', $new, $args[1]);
|
2023-01-06 14:57:25 +00:00
|
|
|
$hashedPass = $args[2];
|
|
|
|
|
} else {
|
2023-08-15 22:48:29 +00:00
|
|
|
$query = 'update users set pass = ?, securetime = unix_timestamp() + 259200 where id = ?';
|
2023-01-06 14:57:25 +00:00
|
|
|
$args = [
|
|
|
|
|
password_hash($new, PASSWORD_DEFAULT),
|
2023-08-15 22:48:29 +00:00
|
|
|
$this->info['id'],
|
2023-01-06 14:57:25 +00:00
|
|
|
];
|
|
|
|
|
$hashedPass = $args[0];
|
|
|
|
|
}
|
|
|
|
|
Db::sql($query, $args);
|
|
|
|
|
return $hashedPass;
|
|
|
|
|
}
|
|
|
|
|
return $this->info['pass'];
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function changeSecond(?int $passLength): array
|
|
|
|
|
{
|
2023-08-15 22:48:29 +00:00
|
|
|
if (in_array($passLength, [4, 6, 8])) {
|
2023-01-06 14:57:25 +00:00
|
|
|
$query = 'update users set pass2 = ? where id = ?';
|
|
|
|
|
$pass2 = PassGen::intCode($passLength);
|
|
|
|
|
$args = [
|
|
|
|
|
password_hash($pass2, PASSWORD_DEFAULT),
|
2023-08-15 22:48:29 +00:00
|
|
|
$this->info['id'],
|
2023-01-06 14:57:25 +00:00
|
|
|
];
|
|
|
|
|
Confirmation::byEmail($this->info, 'pass2', $pass2);
|
|
|
|
|
$hash = $args[0];
|
|
|
|
|
} else {
|
|
|
|
|
$query = 'update users set pass2 = default where id = ?';
|
|
|
|
|
$args = [$this->info['id']];
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
Db::sql($query, $args);
|
|
|
|
|
return [
|
|
|
|
|
'pass2' => $pass2 ?? '',
|
|
|
|
|
'hash' => $hash ?? null,
|
|
|
|
|
];
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
