62 lines
1.9 KiB
PHP
62 lines
1.9 KiB
PHP
<?php
|
|
|
|
namespace User;
|
|
|
|
use Core\Db;
|
|
use PassGen;
|
|
use User;
|
|
|
|
class Password
|
|
{
|
|
private array $info = [];
|
|
|
|
public function __construct(array $userinfo)
|
|
{
|
|
$this->info = $userinfo ?? User::start()->info;
|
|
}
|
|
|
|
public static function isGood(string $password, string $passwordHash, string $login): bool
|
|
{
|
|
if (password_verify($password, $passwordHash)) { // check password
|
|
return true;
|
|
} else {
|
|
if (
|
|
md5($password) === $passwordHash || // convert old md5() password
|
|
password_needs_rehash($passwordHash, PASSWORD_DEFAULT) //rehash if PASSWORD_DEFAULT changed
|
|
) {
|
|
$hash = password_hash($password, PASSWORD_DEFAULT);
|
|
Db::sql('update users set pass = ? where login = ?', [$hash, $login]);
|
|
return true;
|
|
}
|
|
return false;
|
|
}
|
|
}
|
|
|
|
public function changeFirst(string $old, string $new): string
|
|
{
|
|
if ($old === $new && password_verify($old, $this->info['pass'])) {
|
|
if ($this->info['emailconfirmation'] === 1) {
|
|
$query = 'insert into emailconfirmation (id, code, pa_em, pass) values (?,?,?,1)';
|
|
$args = [
|
|
$this->info['id'],
|
|
PassGen::intCode(10),
|
|
password_hash($new, PASSWORD_DEFAULT),
|
|
];
|
|
Confirmation::byEmail($this->info, 'пароль', $new, $args[1]);
|
|
$hashedPass = $args[2];
|
|
} else {
|
|
$query = 'update users set pass = ?, securetime = unix_timestamp() + 259200 where id = ?';
|
|
$args = [
|
|
password_hash($new, PASSWORD_DEFAULT),
|
|
$this->info['id'],
|
|
];
|
|
$hashedPass = $args[0];
|
|
}
|
|
Db::sql($query, $args);
|
|
return $hashedPass;
|
|
}
|
|
return $this->info['pass'];
|
|
}
|
|
}
|
|
|