private function _setPassword()
{
global $defender;
$locale = fusion_get_locale();
if ($this->_method == 'validate_insert') {
$this->_newUserPassword = self::_getPasswordInput('user_password1');
$this->_newUserPassword2 = self::_getPasswordInput('user_password2');
if (!empty($this->_newUserPassword)) {
$passAuth = new PasswordAuth();
$passAuth->inputNewPassword = $this->_newUserPassword;
$passAuth->inputNewPassword2 = $this->_newUserPassword2;
$_isValidNewPassword = $passAuth->isValidNewPassword();
switch ($_isValidNewPassword) {
case '0':
// New password is valid
$this->_newUserPasswordHash = $passAuth->getNewHash();
$this->_newUserPasswordAlgo = $passAuth->getNewAlgo();
$this->_newUserPasswordSalt = $passAuth->getNewSalt();
$this->data['user_algo'] = $this->_newUserPasswordAlgo;
$this->data['user_salt'] = $this->_newUserPasswordSalt;
$this->data['user_password'] = $this->_newUserPasswordHash;
$this->_isValidCurrentPassword = 1;
if (!defined('ADMIN_PANEL') && !$this->skipCurrentPass) {
Authenticate::setUserCookie($this->userData['user_id'], $passAuth->getNewSalt(), $passAuth->getNewAlgo(), FALSE);
}
break;
case '1':
// New Password equal old password
$defender->stop();
$defender->setInputError('user_password2');
$defender->setInputError('user_password2');
$defender->setErrorText('user_password', $locale['u134'] . $locale['u146'] . $locale['u133']);
$defender->setErrorText('user_password2', $locale['u134'] . $locale['u146'] . $locale['u133']);
break;
case '2':
// The two new passwords are not identical
$defender->stop();
$defender->setInputError('user_password1');
$defender->setInputError('user_password2');
$defender->setErrorText('user_password1', $locale['u148']);
$defender->setErrorText('user_password2', $locale['u148']);
break;
case '3':
// New password contains invalid chars / symbols
$defender->stop();
$defender->setInputError('user_password1');
$defender->setErrorText('user_password1', $locale['u134'] . $locale['u142'] . "<br />" . $locale['u147']);
break;
}
} else {
$defender->stop();
$defender->setInputError('user_password1');
$defender->setErrorText('user_password1', $locale['u134'] . $locale['u143a']);
}
} elseif ($this->_method == 'validate_update') {
$this->_userPassword = self::_getPasswordInput('user_password');
$this->_newUserPassword = self::_getPasswordInput('user_password1');
$this->_newUserPassword2 = self::_getPasswordInput('user_password2');
if ($this->_userPassword) {
/**
* Validation of Password
*/
$passAuth = new PasswordAuth();
$passAuth->inputPassword = $this->_userPassword;
$passAuth->inputNewPassword = $this->_newUserPassword;
$passAuth->inputNewPassword2 = $this->_newUserPassword2;
$passAuth->currentPasswordHash = $this->userData['user_password'];
$passAuth->currentAlgo = $this->userData['user_algo'];
$passAuth->currentSalt = $this->userData['user_salt'];
if ($passAuth->isValidCurrentPassword()) {
// Just for validation purposes for example email change
$this->_isValidCurrentPassword = 1;
// To change password, need to enter password
if (!empty($this->_newUserPassword)) {
$_isValidNewPassword = $passAuth->isValidNewPassword();
switch ($_isValidNewPassword) {
case '0':
// New password is valid
$this->_newUserPasswordHash = $passAuth->getNewHash();
$this->_newUserPasswordAlgo = $passAuth->getNewAlgo();
$this->_newUserPasswordSalt = $passAuth->getNewSalt();
$this->data['user_algo'] = $this->_newUserPasswordAlgo;
$this->data['user_salt'] = $this->_newUserPasswordSalt;
$this->data['user_password'] = $this->_newUserPasswordHash;
if (!defined('ADMIN_PANEL') && !$this->skipCurrentPass) {
//Authenticate::setUserCookie($this->userData['user_id'], $passAuth->getNewSalt(), $passAuth->getNewAlgo(), FALSE);
}
break;
case '1':
// New Password equal old password
$defender->stop();
$defender->setInputError('user_password');
$defender->setInputError('user_password1');
$defender->setErrorText('user_password', $locale['u134'] . $locale['u146'] . $locale['u133']);
$defender->setErrorText('user_password1', $locale['u134'] . $locale['u146'] . $locale['u133']);
break;
case '2':
// The two new passwords are not identical
$defender->stop();
$defender->setInputError('user_password1');
$defender->setInputError('user_password2');
$defender->setErrorText('user_password1', $locale['u148']);
$defender->setErrorText('user_password2', $locale['u148']);
break;
case '3':
// New password contains invalid chars / symbols
$defender->stop();
$defender->setInputError('user_password1');
$defender->setErrorText('user_password1', $locale['u134'] . $locale['u142'] . "<br />" . $locale['u147']);
break;
}
}
} else {
$defender->stop();
$defender->setInputError('user_password');
$defender->setErrorText('user_password', $locale['u149']);
}
}
}
}
