diff options
| -rwxr-xr-x | classes/handler/public.php | 2 | ||||
| -rw-r--r-- | classes/pref/users.php | 34 | ||||
| -rw-r--r-- | classes/userhelper.php | 30 |
3 files changed, 32 insertions, 34 deletions
diff --git a/classes/handler/public.php b/classes/handler/public.php index ca963d111..da1e53853 100755 --- a/classes/handler/public.php +++ b/classes/handler/public.php @@ -950,7 +950,7 @@ class Handler_Public extends Handler { WHERE id = ?"); $sth->execute([$id]); - Pref_Users::_reset_password($id, true); + UserHelper::reset_password($id, true); print "<p>"."Completed."."</p>"; diff --git a/classes/pref/users.php b/classes/pref/users.php index d2dd06fd8..ab1694564 100644 --- a/classes/pref/users.php +++ b/classes/pref/users.php @@ -166,40 +166,8 @@ class Pref_Users extends Handler_Administrative { } } - static function _reset_password($uid, $format_output = false) { - - $pdo = Db::pdo(); - - $sth = $pdo->prepare("SELECT login FROM ttrss_users WHERE id = ?"); - $sth->execute([$uid]); - - if ($row = $sth->fetch()) { - - $login = $row["login"]; - - $new_salt = substr(bin2hex(get_random_bytes(125)), 0, 250); - $tmp_user_pwd = make_password(); - - $pwd_hash = encrypt_password($tmp_user_pwd, $new_salt, true); - - $sth = $pdo->prepare("UPDATE ttrss_users - SET pwd_hash = ?, salt = ?, otp_enabled = false - WHERE id = ?"); - $sth->execute([$pwd_hash, $new_salt, $uid]); - - $message = T_sprintf("Changed password of user %s to %s", "<strong>$login</strong>", "<strong>$tmp_user_pwd</strong>"); - - if ($format_output) - print_notice($message); - else - print $message; - - } - } - function resetPass() { - $uid = clean($_REQUEST["id"]); - self::_reset_password($uid); + UserHelper::reset_password(clean($_REQUEST["id"])); } function index() { diff --git a/classes/userhelper.php b/classes/userhelper.php index 744f77a23..8e9b9a01b 100644 --- a/classes/userhelper.php +++ b/classes/userhelper.php @@ -169,4 +169,34 @@ class UserHelper { session_commit(); } + static function reset_password($uid, $format_output = false) { + + $pdo = Db::pdo(); + + $sth = $pdo->prepare("SELECT login FROM ttrss_users WHERE id = ?"); + $sth->execute([$uid]); + + if ($row = $sth->fetch()) { + + $login = $row["login"]; + + $new_salt = substr(bin2hex(get_random_bytes(125)), 0, 250); + $tmp_user_pwd = make_password(); + + $pwd_hash = encrypt_password($tmp_user_pwd, $new_salt, true); + + $sth = $pdo->prepare("UPDATE ttrss_users + SET pwd_hash = ?, salt = ?, otp_enabled = false + WHERE id = ?"); + $sth->execute([$pwd_hash, $new_salt, $uid]); + + $message = T_sprintf("Changed password of user %s to %s", "<strong>$login</strong>", "<strong>$tmp_user_pwd</strong>"); + + if ($format_output) + print_notice($message); + else + print $message; + + } + } } |