game/_incl_data/class/User/Password.php

85 lines
2.6 KiB
PHP

<?php
namespace User;
use Core\Db;
use PassGen;
use User;
class Password
{
private array $info = [];
public function __construct(array $userinfo)
{
$this->info = $userinfo ?? User::start()->info;
}
public function changeFirst(string $old, string $new): string
{
if ($old === $new && password_verify($old, $this->info['pass'])) {
if ($this->info['emailconfirmation'] === 1) {
$query = 'insert into emailconfirmation (id, code, pa_em, pass) values (?,?,?,1)';
$args = [
$this->info['id'],
PassGen::intCode(10),
password_hash($new, PASSWORD_DEFAULT)
];
Confirmation::byEmail($this->info, 'пароль', $new, $args[1]);
$hashedPass = $args[2];
} else {
$query = 'update users set pass = ?, repass = 0, securetime = unix_timestamp() + 259200 where id = ?';
$args = [
password_hash($new, PASSWORD_DEFAULT),
$this->info['id']
];
$hashedPass = $args[0];
}
Db::sql($query, $args);
return $hashedPass;
}
return $this->info['pass'];
}
public function changeSecond(?int $passLength): array
{
if (in_array($passLength, [4,6,8])) {
$query = 'update users set pass2 = ? where id = ?';
$pass2 = PassGen::intCode($passLength);
$args = [
password_hash($pass2, PASSWORD_DEFAULT),
$this->info['id']
];
Confirmation::byEmail($this->info, 'pass2', $pass2);
$hash = $args[0];
} else {
$query = 'update users set pass2 = default where id = ?';
$args = [$this->info['id']];
}
Db::sql($query, $args);
return [
'pass2' => $pass2 ?? '',
'hash' => $hash ?? null,
];
}
public static function isGood(string $password, string $passwordHash, string $login): bool
{
if (password_verify($password, $passwordHash)) { // check password
return true;
} else {
if (
md5($password) === $passwordHash || // convert old md5() password
password_needs_rehash($passwordHash, PASSWORD_DEFAULT) //rehash if PASSWORD_DEFAULT changed
) {
$hash = password_hash($password, PASSWORD_DEFAULT);
Db::sql('update users set pass = ? where login = ?', [$hash, $login]);
return true;
}
return false;
}
}
}