]>
git.agnieray.net Git - galette.git/blob - galette/lib/Galette/Core/Password.php
3 /* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4: */
6 * Password for galette. The original code was found
7 * in includes/functions.inc.php
11 * Copyright © 2003-2020 The Galette Team
13 * This file is part of Galette (http://galette.tuxfamily.org).
15 * Galette is free software: you can redistribute it and/or modify
16 * it under the terms of the GNU General Public License as published by
17 * the Free Software Foundation, either version 3 of the License, or
18 * (at your option) any later version.
20 * Galette is distributed in the hope that it will be useful,
21 * but WITHOUT ANY WARRANTY; without even the implied warranty of
22 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
23 * GNU General Public License for more details.
25 * You should have received a copy of the GNU General Public License
26 * along with Galette. If not, see <http://www.gnu.org/licenses/>.
31 * @author Frédéric Jacquot <unknown@unknow.com>
32 * @author Georges Khaznadar (password encryption, images) <unknown@unknow.com>
33 * @author Johan Cwiklinski <johan@x-tnd.be>
34 * @copyright 2003-2014 The Galette Team
35 * @license http://www.gnu.org/licenses/gpl-3.0.html GPL License 3.0 or (at your option) any later version
36 * @link http://galette.tuxfamily.org
37 * @since Available since 0.7dev - 2009-02-28
40 namespace Galette\Core
;
44 use Galette\Entity\Adherent
;
47 * Temporary password management
52 * @author Frédéric Jacquot <unknown@unknow.com>
53 * @author Georges Khaznadar (password encryption, images) <unknown@unknow.com>
54 * @author Johan Cwiklinski <johan@x-tnd.be>
55 * @copyright 2009-2020 The Galette Team
56 * @license http://www.gnu.org/licenses/gpl-3.0.html GPL License 3.0 or (at your option) any later version
57 * @link http://galette.tuxfamily.org
58 * @since Available since 0.7dev - 2011-06-16
61 class Password
extends AbstractPassword
63 public const TABLE
= 'tmppasswds';
64 public const PK
= Adherent
::PK
;
66 /** @var integer Overrides default password size */
67 public const DEFAULT_SIZE
= 50;
68 /** @var string Overrides default character set */
69 protected $chars = 'abcdefghjkmnpqrstuvwxyz0123456789&@{[]}%#+*:ABCDEFGHIJKLMNOPQRSTUVWXYZ';
76 * @param Db $zdb Database instance:
77 * @param boolean $clean Whether we should clean expired passwords in database
79 public function __construct(Db
$zdb, bool $clean = true)
82 if ($clean === true) {
83 $this->cleanExpired();
88 * Remove all old password entries
90 * @param int $id_adh Member identifier
94 private function removeOldEntries(int $id_adh): bool
97 $delete = $this->zdb
->delete(self
::TABLE
);
98 $delete->where(self
::PK
. ' = ' . $id_adh);
100 $del = $this->zdb
->execute($delete);
103 'Temporary passwords for `' . $id_adh . '` has been removed.',
108 } catch (Throwable
$e) {
110 'An error has occurred removing old tmppasswords ' .
119 * Generates a new password for specified member
121 * @param int $id_adh Member identifier
125 public function generateNewPassword($id_adh): bool
127 //first of all, we'll remove all existant entries for specified id
128 $this->removeOldEntries($id_adh);
130 //second, generate a new password and store it in the database
131 $password = $this->makeRandomPassword();
132 $hash = password_hash($password, PASSWORD_BCRYPT
);
137 'tmp_passwd' => $hash,
138 'date_crea_tmp_passwd' => date('Y-m-d H:i:s')
141 $insert = $this->zdb
->insert(self
::TABLE
);
142 $insert->values($values);
144 $add = $this->zdb
->execute($insert);
147 'New passwords temporary set for `' . $id_adh . '`.',
150 $this->setPassword($password);
151 $this->setHash($hash);
156 } catch (Throwable
$e) {
158 "An error occurred trying to add temporary password entry. " .
167 * Remove expired passwords queries (older than 24 hours)
171 protected function cleanExpired(): bool
173 $date = new \
DateTime();
174 $date->sub(new \
DateInterval('PT24H'));
177 $delete = $this->zdb
->delete(self
::TABLE
);
178 $delete->where
->lessThan(
179 'date_crea_tmp_passwd',
180 $date->format('Y-m-d H:i:s')
182 $del = $this->zdb
->execute($delete);
185 'Old Temporary passwords have been deleted.',
190 } catch (Throwable
$e) {
192 'An error occurred deleting expired temporary passwords. ' .
201 * Check if requested hash is valid
203 * @param string $hash the hash
205 * @return false|int false if hash is not valid, member id otherwise
207 public function isHashValid(string $hash)
210 $select = $this->zdb
->select(self
::TABLE
);
213 )->where(array('tmp_passwd' => $hash));
215 $results = $this->zdb
->execute($select);
217 if ($results->count() > 0) {
218 $result = $results->current();
224 } catch (Throwable
$e) {
226 'An error occurred getting requested hash. ' . $e->getMessage(),
234 * Remove a hash that has been used (ie. once password has been updated)
236 * @param string $hash hash
240 public function removeHash(string $hash): bool
243 $delete = $this->zdb
->delete(self
::TABLE
);
245 array('tmp_passwd' => $hash)
248 $del = $this->zdb
->execute($delete);
251 'Used hash has been successfully remove',
256 } catch (Throwable
$e) {
258 'An error occurred attempting to delete used hash' .