[Mapbender-commits] r5897 - branches/3_dev/core/lib
svn_mapbender at osgeo.org
svn_mapbender at osgeo.org
Sat Apr 10 11:55:05 EDT 2010
Author: verenadiewald
Date: 2010-04-10 11:55:04 -0400 (Sat, 10 Apr 2010)
New Revision: 5897
Modified:
branches/3_dev/core/lib/class_User.php
Log:
new methods for setting password and password ticket
Modified: branches/3_dev/core/lib/class_User.php
===================================================================
--- branches/3_dev/core/lib/class_User.php 2010-04-10 15:39:18 UTC (rev 5896)
+++ branches/3_dev/core/lib/class_User.php 2010-04-10 15:55:04 UTC (rev 5897)
@@ -313,17 +313,38 @@
}
/*
+ * @param $userId the Mapbender user id
+ * @param $userTicket a user password ticket
+ */
+ public function validUserPasswordTicket($userTicket) {
+ $sql = "SELECT * FROM mb_user ";
+ $sql .= "WHERE mb_user_id = $1 AND mb_user_password_ticket = $2";
+ $v = array($this->id,$userTicket);
+ $t = array("i","s");
+ $res = db_prep_query($sql,$v,$t);
+
+ if($row = db_fetch_array($res)){
+ if($row['mb_user_password_ticket'] == '' || $row['mb_user_password_ticket'] != $userTicket) {
+ return false;
+ }
+ }
+ else {
+ throw new Exception("Database error validating user ticket.");
+ }
+ return true;
+ }
+
+ /*
* @param $newPassword values of the new password
+ * @param $newPassword Mapbender user id
+ * @param $newPassword Mapbender user ticket
*/
- public function setPassword($newPassword)
- {
+ public function setPassword($newPassword,$userTicket) {
//set new password in db
- $sql_update = "UPDATE mb_user SET mb_user_password = $1";
- $sql_update .= " WHERE mb_user_id = $2";
- #echo $sql_update;
- $v = array(md5($sql_password),$this->id);
- $t = array('s','i');
- $update_result = db_prep_query($sql_update,$v,$t);
+ $sql = "UPDATE mb_user SET mb_user_password = $1, mb_user_password_ticket = '' WHERE mb_user_id = $2 AND mb_user_password_ticket = $3";
+ $v = array(md5($newPassword),$this->id,$userTicket);
+ $t = array('s','i','s');
+ $update_result = db_prep_query($sql,$v,$t);
if(!$update_result)
{
@@ -332,6 +353,23 @@
return true;
}
+
+ public function setNewUserPasswordTicket () {
+ $sql = "UPDATE mb_user SET mb_user_password_ticket = $1";
+ $sql.=" WHERE mb_user_id = $2";
+
+ $passwordTicket = substr(md5(uniqid(rand())),0,30);
+
+ $v = array($passwordTicket,$this->id);
+ $t = array('s','i');
+ $res = db_prep_query($sql,$v,$t);
+ if(!$res){
+ $e= new mb_exception(1);
+ throw new Exception("Error setting new user password ticket");
+ }
+ return true;
+ }
+
/*
* @return Array of Users
* @param $filter UNUSED! string that must be contained in the username
More information about the Mapbender_commits
mailing list