Bug #3196 » 3196-p1.patch
| /administrator/components/com_comprofiler/library/cb/cb.tables.php | ||
|---|---|---|
|
return $result;
|
||
|
}
|
||
|
/**
|
||
|
* Updates only in database $this->block
|
||
|
*
|
||
|
* @return boolean Store query error
|
||
|
*/
|
||
|
function storeBlock() {
|
||
|
if ( $this->id ) {
|
||
|
if ( $this->_cmsUser === null ) {
|
||
|
$this->_mapUsers();
|
||
|
}
|
||
|
|
||
|
$this->_cmsUser->block = (int) $this->block;
|
||
|
|
||
|
if ( is_callable( array( $this->_cmsUser, 'store' ) ) ) {
|
||
|
$return = $this->_cmsUser->store( true );
|
||
|
} elseif ( is_callable( array( $this->_cmsUser, 'save' ) ) ) {
|
||
|
$return = $this->_cmsUser->save( true );
|
||
|
} else {
|
||
|
$this->_db->setQuery( "UPDATE #__users SET block=" . (int) $this->block . " WHERE id = " . (int) $this->id );
|
||
|
$return = $this->_db->query();
|
||
|
}
|
||
|
return $return;
|
||
|
}
|
||
|
return false;
|
||
|
}
|
||
|
/**
|
||
|
* Updates only in database the cleartext $this->password
|
||
|
*
|
||
|
* @return boolean Store query error
|
||
|
*/
|
||
|
function storePassword( ) {
|
||
|
if ( $this->id ) {
|
||
|
$this->_db->setQuery( "UPDATE #__users SET password=" . $this->_db->Quote( $this->hashAndSaltPassword( $this->password ) ) . " WHERE id = " . (int) $this->id );
|
||
|
return $this->_db->query();
|
||
|
if ( $this->_cmsUser === null ) {
|
||
|
$this->_mapUsers();
|
||
|
}
|
||
|
|
||
|
$this->_cmsUser->password = $this->hashAndSaltPassword( $this->password );
|
||
|
|
||
|
if ( is_callable( array( $this->_cmsUser, 'store' ) ) ) {
|
||
|
$return = $this->_cmsUser->store( true );
|
||
|
} elseif ( is_callable( array( $this->_cmsUser, 'save' ) ) ) {
|
||
|
$return = $this->_cmsUser->save( true );
|
||
|
} else {
|
||
|
$this->_db->setQuery( "UPDATE #__users SET password=" . $this->_db->Quote( $this->hashAndSaltPassword( $this->password ) ) . " WHERE id = " . (int) $this->id );
|
||
|
$return = $this->_db->query();
|
||
|
}
|
||
|
return $return;
|
||
|
}
|
||
|
return false;
|
||
|
}
|
||
| ... | ... | |
|
if( isset( $ueConfig['emailpass'] ) && ( $ueConfig['emailpass'] == "1" ) && ( $this->password == '' ) ) {
|
||
|
// generate the password is auto-generated and not set by the admin at this occasion:
|
||
|
$this->setRandomPassword();
|
||
|
$pwd = $this->hashAndSaltPassword( $this->password );
|
||
|
$_CB_database->setQuery( "UPDATE #__users SET password=" . $_CB_database->Quote($pwd) . " WHERE id = " . (int) $this->id );
|
||
|
$_CB_database->query();
|
||
|
$this->storePassword();
|
||
|
}
|
||
|
}
|
||
|
$_PLUGINS->trigger( 'onAfterUpdateUser', array( &$this, &$this, $oldUserComplete ) );
|
||
| ... | ... | |
|
* @return string|boolean salted/hashed password if $row not provided, otherwise TRUE/FALSE on password check
|
||
|
*/
|
||
|
function _cbHashPassword( $passwd, $check ) {
|
||
|
global $_CB_database;
|
||
|
|
||
|
$version = checkJversion();
|
||
|
$method = 'md5';
|
||
|
if ( $version == 0 ) {
|
||
| ... | ... | |
|
$crypt = md5( $passwd . $salt );
|
||
|
$hashedPwd = $crypt. ':' . $salt;
|
||
|
if ( md5( $passwd ) === $this->password ) {
|
||
|
$query = "UPDATE #__users SET password = '"
|
||
|
. $_CB_database->getEscaped( $hashedPwd ) . "'"
|
||
|
. " WHERE id = " . (int) $this->id;
|
||
|
$_CB_database->setQuery( $query );
|
||
|
$_CB_database->query();
|
||
|
$this->password = $hashedPwd;
|
||
|
|
||
|
$this->storePassword();
|
||
|
}
|
||
|
}
|
||
|
} else {
|
||
| ... | ... | |
|
$hashedPwd = $crypt. ':' . $salt;
|
||
|
if ( $hashedPwd === $this->password ) {
|
||
|
$hashedPwd = md5( $passwd );
|
||
|
$query = "UPDATE #__users SET password = '"
|
||
|
. $_CB_database->getEscaped( $hashedPwd ) . "'"
|
||
|
. " WHERE id = " . (int) $this->id;
|
||
|
$_CB_database->setQuery( $query );
|
||
|
$_CB_database->query();
|
||
|
$this->password = $hashedPwd;
|
||
|
|
||
|
$this->storePassword();
|
||
|
}
|
||
|
}
|
||
|
}
|
||