mirror/php-e107
1
0
Fork 0
mirror of https://github.com/e107inc/e107.git synced 2025-01-17 12:48:24 +01:00
Code Issues Releases Wiki Activity

Maintain cookie on admin password change

Browse Source
This commit is contained in:
e107steved 2008-12-29 11:00:16 +00:00
parent a794a90c4f
commit 4d7acbdcae
2 changed files with 19 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
e107_admin/updateadmin.php
View File

@ -9,9 +9,9 @@
* Administration Area - Update Admin * Administration Area - Update Admin
* *
* $Source: /cvs_backup/e107_0.8/e107_admin/updateadmin.php,v $ * $Source: /cvs_backup/e107_0.8/e107_admin/updateadmin.php,v $
* $Revision: 1.3 $ * $Revision: 1.4 $
* $Date: 2008-12-15 21:53:17 $ * $Date: 2008-12-29 11:00:16 $
* $Author: secretr $ * $Author: e107steved $
* *
*/ */
@ -19,32 +19,35 @@ require_once('../class2.php');
$e_sub_cat = 'admin_pass'; $e_sub_cat = 'admin_pass';
require_once(e_ADMIN.'auth.php'); require_once(e_ADMIN.'auth.php');
require_once(e_HANDLER."message_handler.php"); require_once(e_HANDLER.'message_handler.php');
require_once(e_HANDLER."user_handler.php"); require_once(e_HANDLER.'user_handler.php');
$user_info = new UserHandler; $userMethods = new UserHandler;
$emessage = &eMessage::getInstance(); $emessage = &eMessage::getInstance();
if (isset($_POST['update_settings'])) if (isset($_POST['update_settings']))
{ {
if ($_POST['ac'] == md5(ADMINPWCHANGE)) if ($_POST['ac'] == md5(ADMINPWCHANGE))
{ {
if ($_POST['a_password'] != "" && $_POST['a_password2'] != "" && ($_POST['a_password'] == $_POST['a_password2'])) $userData = array();
if ($_POST['a_password'] != '' && $_POST['a_password2'] != '' && ($_POST['a_password'] == $_POST['a_password2']))
{ {
$newPassword = $sql->escape($user_info->HashPassword($_POST['a_password'], $currentUser['user_loginname']), FALSE); $userData['user_password'] = $sql->escape($userMethods->HashPassword($_POST['a_password'], $currentUser['user_loginname']), FALSE);
$newPrefs = '';
unset($_POST['a_password']); unset($_POST['a_password']);
unset($_POST['a_password2']); unset($_POST['a_password2']);
if (varsettrue($pref['allowEmailLogin'])) if (varsettrue($pref['allowEmailLogin']))
{ {
$user_prefs = unserialize($currentUser['user_prefs']); $user_prefs = unserialize($currentUser['user_prefs']);
$user_prefs['email_password'] = $user_info->HashPassword($new_pass, $email); $user_prefs['email_password'] = $userMethods->HashPassword($new_pass, $email);
$newPrefs = "user_prefs='".serialize($user_prefs)."', "; $userData['user_prefs'] = serialize($user_prefs);
} }
$check = $sql -> db_Update("user", "user_password='".$newPassword."', ".$newPrefs."user_pwchange='".time()."' WHERE user_id=".USERID); $userData['user_pwchange'] =time();
$check = $sql -> db_UpdateArray('user',$userData,' WHERE user_id='.USERID);
if ($check) if ($check)
{ {
$admin_log->log_event('ADMINPW_01', '', E_LOG_INFORMATIVE, ''); $admin_log->log_event('ADMINPW_01', '', E_LOG_INFORMATIVE, '');
$userMethods->makeUserCookie(array('user_id' => USERID,'user_password' => $userData['user_password']), FALSE); // Can't handle autologin ATM
$emessage->add(UDALAN_3." ".ADMINNAME, E_MESSAGE_SUCCESS); $emessage->add(UDALAN_3." ".ADMINNAME, E_MESSAGE_SUCCESS);
$e_event -> trigger('adpword'); $e_event -> trigger('adpword');
$ns->tablerender(UDALAN_2, $emessage->render()); $ns->tablerender(UDALAN_2, $emessage->render());

6
usersettings.php
View File

@ -9,8 +9,8 @@
* User settings modify * User settings modify
* *
* $Source: /cvs_backup/e107_0.8/usersettings.php,v $ * $Source: /cvs_backup/e107_0.8/usersettings.php,v $
* $Revision: 1.31 $ * $Revision: 1.32 $
* $Date: 2008-12-29 09:31:36 $ * $Date: 2008-12-29 11:00:16 $
* $Author: e107steved $ * $Author: e107steved $
* *
*/ */
@ -384,7 +384,7 @@ if ($dataToSave && !$promptPassword)
} }
else else
{ {
if (isset($changedUserData['user_password'])) if (isset($changedUserData['user_password']) && !$adminEdit)
{ {
// echo "Make new cookie<br />"; // echo "Make new cookie<br />";
$userMethods->makeUserCookie(array('user_id' => $udata['user_id'],'user_password' => $changedUserData['user_password']), FALSE); // Can't handle autologin ATM $userMethods->makeUserCookie(array('user_id' => $udata['user_id'],'user_password' => $changedUserData['user_password']), FALSE); // Can't handle autologin ATM