Revert "an attempt at something"

This reverts commit 20d7d4b9b627ce51d5312b5d0fbdf3b21207565c.
This commit is contained in:
flash 2016-08-01 22:57:10 +02:00
parent 031dd79c56
commit c484c1e737
6 changed files with 39 additions and 55 deletions

View file

@ -124,7 +124,7 @@ class AuthController extends Controller
return Template::render('global/information');
}
if ($user->passwordExpired()) {
if (strlen($user->password) < 1) {
$message = 'Your password expired.';
$redirect = Router::route('auth.resetpassword');
Template::vars(compact('message', 'redirect'));
@ -132,7 +132,7 @@ class AuthController extends Controller
return Template::render('global/information');
}
if (!$user->verifyPassword($password)) {
if (!password_verify($password, $user->password)) {
$this->touchRateLimit($user->id);
$message = 'The password you entered was invalid.';
Template::vars(compact('message', 'redirect'));
@ -552,7 +552,16 @@ class AuthController extends Controller
return Template::render('global/information');
}
$user->setPassword($password);
// Hash the password
$password = password_hash($password, PASSWORD_BCRYPT);
// Update the user
DB::table('users')
->where('user_id', $user->id)
->update([
'password' => $password,
'password_chan' => time(),
]);
$message = "Changed your password! You may now log in.";
$redirect = Router::route('auth.login');

View file

@ -12,7 +12,6 @@ use Sakura\DB;
use Sakura\News\Category;
use Sakura\Template;
use Sakura\User;
use Sakura\UserTest;
/**
* Meta page controllers (sections that aren't big enough to warrant a dedicated controller).
@ -29,10 +28,6 @@ class MetaController extends Controller
*/
public function index()
{
$test = new UserTest(1);
echo $test->country(true);
// Get the newest user
$newestUserId = DB::table('users')
->whereNotIn('rank_main', [config('rank.banned'), config('rank.inactive')])

View file

@ -114,7 +114,7 @@ class AdvancedController extends Controller
}
// Check password
if (!ActiveUser::$user->passwordVerify($password)) {
if (!password_verify($password, ActiveUser::$user->password)) {
$message = "Your password was invalid!";
Template::vars(compact('redirect', 'message'));
return Template::render('global/information');

View file

@ -36,15 +36,15 @@ class Notification
if ($data) {
$data = $data[0];
$this->id = intval($data->alert_id);
$this->user = intval($data->user_id);
$this->time = intval($data->alert_timestamp);
$this->id = $data->alert_id;
$this->user = $data->user_id;
$this->time = $data->alert_timestamp;
$this->read = intval($data->alert_read) !== 0;
$this->title = $data->alert_title;
$this->text = $data->alert_text;
$this->link = $data->alert_link;
$this->image = $data->alert_img;
$this->timeout = intval($data->alert_timeout);
$this->timeout = $data->alert_timeout;
}
}

View file

@ -45,7 +45,28 @@ class User
*
* @var string
*/
public $password = '';
public $passwordHash = '';
/**
* The user's password salt.
*
* @var string
*/
public $passwordSalt = '';
/**
* The user's password algorithm.
*
* @var string
*/
public $passwordAlgo = 'disabled';
/**
* The password iterations.
*
* @var int
*/
public $passwordIter = 0;
/**
* UNIX timestamp of last time the password was changed.
@ -1098,28 +1119,6 @@ class User
]);
}
/**
* Check if password expired
*
* @return bool
*/
public function passwordExpired()
{
return strlen($this->password) < 1;
}
/**
* Verify the user's password
*
* @param string $password
*
* @return bool
*/
public function verifyPassword($password)
{
return password_verify($password, $this->password);
}
/**
* Get all the notifications for this user.
*

View file

@ -41,25 +41,6 @@ function view($name, $vars = [])
return Template::render($name);
}
// Convert camel case to snake case
function camel_to_snake($text)
{
return ltrim(strtolower(preg_replace('#[A-Z]#', '_$0', $text)), '_');
}
// Convert snake case to camel case
function snake_to_camel($text)
{
$split = explode('_', $text);
$name = array_shift($split);
foreach ($split as $part) {
$name .= ucfirst($part);
}
return $name;
}
function clean_string($string, $lower = false, $noSpecial = false, $replaceSpecial = '')
{
// Run common sanitisation function over string