use Carp 'confess';
@ISA = qw(BSE::DB);
-our $VERSION = "1.002";
+our $VERSION = "1.003";
use vars qw($VERSION $MAX_CONNECTION_AGE);
my $self;
-$VERSION = 1.01;
-
$MAX_CONNECTION_AGE = 1200;
my %statements =
order by oi.id, af.displayOrder desc
SQL
- getSiteUserByUserId =>
- 'select * from site_users where userId = ?',
- getSiteUserByPkey =>
- 'select * from site_users where id = ?',
- getSiteUserByAffiliate_name =>
- 'select * from site_users where affiliate_name = ?',
- addSiteUser => 'insert site_users values(null,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?)',
- replaceSiteUser => 'replace site_users values(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?)',
+ # getSiteUserByUserId =>
+ # 'select * from site_users where userId = ?',
+ # getSiteUserByPkey =>
+ # 'select * from site_users where id = ?',
+ # getSiteUserByAffiliate_name =>
+ # 'select * from site_users where affiliate_name = ?',
+ # addSiteUser => 'insert site_users values(null,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?)',
+ # replaceSiteUser => 'replace site_users values(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?)',
'SiteUsers.removeSubscriptions'=>
'delete from subscribed_users where userId = ?',
'SiteUsers.removeSub'=>
use base 'BSE::UI::UserCommon';
use Carp qw(confess);
-our $VERSION = "1.013";
+our $VERSION = "1.014";
use constant MAX_UNACKED_CONF_MSGS => 3;
use constant MIN_UNACKED_CONF_GAP => 2 * 24 * 60 * 60;
my $password = $cgi->param("password");
unless (keys %errors) {
$user = SiteUsers->getBy(userId => $userid);
- unless ($user && $user->{password} eq $password) {
- $errors{_} = $msgs->(baduserpass=>"Invalid username or password");
+ my $error = "INVALID";
+ unless ($user && $user->check_password($password, \$error)) {
+ if ($error eq "INVALID") {
+ $errors{_} = $msgs->(baduserpass=>"Invalid username or password");
+ }
+ else {
+ $errors{_} = $msgs->(passwordload => "Error loading password module");
+ }
}
}
if (!keys %errors && $user->{disabled}) {
if (defined $newpass && length $newpass) {
if ($oldpass) {
- if ($oldpass ne $user->{password}) {
+ my $error;
+ if (!$user->check_password($oldpass, \$error)) {
sleep 5; # yeah, it's ugly
$errors{old_password} = $msgs->(optsbadold=>"You need to enter your old password to change your password")
}
$user->{userId} = $email if $nopassword;
++$newemail;
}
- $user->{password} = $newpass if !$nopassword && $newpass;
+ if (!$nopassword && $newpass) {
+ $user->changepw($newpass, $user);
+ }
$user->{affiliate_name} = $aff_name if defined $aff_name;
my $user;
eval {
- $user = SiteUsers->add(@user{@cols});
+ $user = SiteUsers->make(%user);
};
if ($user) {
my $custom = custom_class($cfg);
use Carp qw(confess);
use BSE::Util::SQL qw/now_datetime now_sqldate sql_normal_date sql_add_date_days/;
-our $VERSION = "1.004";
+our $VERSION = "1.005";
use constant MAX_UNACKED_CONF_MSGS => 3;
use constant MIN_UNACKED_CONF_GAP => 2 * 24 * 60 * 60;
affiliate_name delivMobile billMobile
delivStreet2 billStreet2
billOrganization
- customInt1 customInt2/;
+ customInt1 customInt2 password_type/;
}
sub table {
return "site_users";
}
+sub defaults {
+ require BSE::Util::SQL;
+ return
+ (
+ keepAddress => 1, # what am I for - appears unused
+ whenRegistered => BSE::Util::SQL::now_datetime(),
+ lastLogon => BSE::Util::SQL::now_datetime(),
+ name1 => "",
+ name2 => "",
+ address => "",
+ city => "",
+ state => "",
+ postcode => "",
+ telephone => "",
+ facsimile => "",
+ country => "",
+ wantLetter => 0, # also unused
+ confirmed => 0,
+ confirmSecret => "",
+ waitingForConfirmation => 0,
+ textOnlyMail => 0,
+ title => "",
+ organization => "",
+ referral => 0,
+ otherReferral => "",
+ prompt => 0,
+ otherPrompt => "",
+ profession => 0,
+ otherProfession => "",
+ previousLogon => BSE::Util::SQL::now_datetime(),
+ billFirstName => "",
+ billLastName => "",
+ billStreet => "",
+ billSuburb => "",
+ billState => "",
+ billPostCode => "",
+ billCountry => "",
+ instructions => "",
+ billTelephone => "",
+ billFacsimile => "",
+ billEmail => "",
+ adminNotes => "",
+ disabled => 0,
+ flags => "",
+ customText1 => undef,
+ customText2 => undef,
+ customText3 => undef,
+ customStr1 => undef,
+ customStr2 => undef,
+ customStr3 => undef,
+ affiliate_name => "",
+ delivMobile => "",
+ billMobile => "",
+ delivStreet2 => "",
+ billStreet2 => "",
+ billOrganization => "",
+ customInt1 => "",
+ customInt2 => "",
+ #password_type
+ );
+}
+
sub valid_fields {
my ($class, $cfg, $admin) = @_;
);
}
+sub changepw {
+ my ($self, $password, $who) = @_;
+
+ require BSE::Passwords;
+
+ my ($hash, $type) = BSE::Passwords->new_password_hash($password);
+
+ $self->set_password($hash);
+ $self->set_password_type($type);
+
+ require BSE::TB::AuditLog;
+ BSE::TB::AuditLog->log
+ (
+ component => "siteusers::changepw",
+ object => $self,
+ actor => $who,
+ level => "info",
+ msg => "Change password",
+ );
+
+ 1;
+}
+
+sub check_password {
+ my ($self, $password, $error) = @_;
+
+ require BSE::Passwords;
+ return BSE::Passwords->check_password_hash($self->password, $self->password_type, $password, $error);
+}
+
1;
projects / bse.git / commitdiff