PasswordResetModel::saveNewUserPassword PHP Method

PasswordResetModel Class Documentation Usage Examples Of PasswordResetModel::saveNewUserPassword 显示文件 Open project: panique/huge

saveNewUserPassword() public static method

Writes the new password to the database
public static saveNewUserPassword ( string $user_name, string $user_password_hash, string $user_password_reset_hash ) : boolean
$user_name string username
$user_password_hash string
$user_password_reset_hash string
return boolean 
    public static function saveNewUserPassword($user_name, $user_password_hash, $user_password_reset_hash)
    {
        $database = DatabaseFactory::getFactory()->getConnection();
        $sql = "UPDATE users SET user_password_hash = :user_password_hash, user_password_reset_hash = NULL,\n                       user_password_reset_timestamp = NULL\n                 WHERE user_name = :user_name AND user_password_reset_hash = :user_password_reset_hash\n                       AND user_provider_type = :user_provider_type LIMIT 1";
        $query = $database->prepare($sql);
        $query->execute(array(':user_password_hash' => $user_password_hash, ':user_name' => $user_name, ':user_password_reset_hash' => $user_password_reset_hash, ':user_provider_type' => 'DEFAULT'));
        // if one result exists, return true, else false. Could be written even shorter btw.
        return $query->rowCount() == 1 ? true : false;
    }

Usage Example

示例#1
0
 /**
  * Set the new password (for DEFAULT user, FACEBOOK-users don't have a password)
  * Please note: At this point the user has already pre-verified via verifyPasswordReset() (within one hour),
  * so we don't need to check again for the 60min-limit here. In this method we authenticate
  * via username & password-reset-hash from (hidden) form fields.
  *
  * @param string $user_name
  * @param string $user_password_reset_hash
  * @param string $user_password_new
  * @param string $user_password_repeat
  *
  * @return bool success state of the password reset
  */
 public static function setNewPassword($user_name, $user_password_reset_hash, $user_password_new, $user_password_repeat)
 {
     // validate the password
     if (!self::validateNewPassword($user_name, $user_password_reset_hash, $user_password_new, $user_password_repeat)) {
         return false;
     }
     // crypt the password (with the PHP 5.5+'s password_hash() function, result is a 60 character hash string)
     $user_password_hash = password_hash($user_password_new, PASSWORD_DEFAULT);
     // write the password to database (as hashed and salted string), reset user_password_reset_hash
     if (PasswordResetModel::saveNewUserPassword($user_name, $user_password_hash, $user_password_reset_hash)) {
         Session::add('feedback_positive', Text::get('FEEDBACK_PASSWORD_CHANGE_SUCCESSFUL'));
         return true;
     } else {
         Session::add('feedback_negative', Text::get('FEEDBACK_PASSWORD_CHANGE_FAILED'));
         return false;
     }
 }
PasswordResetModel
changePassword
requestPasswordReset
saveChangedPassword
saveNewUserPassword
sendPasswordResetMail
setNewPassword
setPasswordResetDatabaseToken
validatePasswordChange
validateResetPassword
verifyPasswordReset