Bug fix for #606

This commit is contained in:
floppy0 2018-01-15 17:13:46 +01:00
parent b740e660b8
commit bcc986fa11
1 changed files with 10 additions and 9 deletions

View File

@ -79,14 +79,21 @@ class dbUsers extends dbJSON
$user = $this->db[$args['username']]; $user = $this->db[$args['username']];
// Verify arguments with the database fields // Verify arguments with the database fields
foreach($args as $field=>$value) { foreach ($args as $field=>$value) {
if( isset($this->dbFields[$field]) ) { if (isset($this->dbFields[$field])) {
$value = Sanitize::html($value); $value = Sanitize::html($value);
settype($value, gettype($this->dbFields[$field]['value'])); settype($value, gettype($this->dbFields[$field]['value']));
$user[$field] = $value; $user[$field] = $value;
} }
} }
// Set a new password
if (!empty($args['password'])) {
$user['salt'] = $this->generateSalt();
$user['password'] = $this->generatePasswordHash($args['password'], $user['salt']);
$user['tokenAuth'] = $this->generateAuthToken();
}
// Save the database // Save the database
$this->db[$args['username']] = $user; $this->db[$args['username']] = $user;
return $this->save(); return $this->save();
@ -142,14 +149,8 @@ class dbUsers extends dbJSON
public function setPassword($username, $password) public function setPassword($username, $password)
{ {
$salt = $this->generateSalt();
$hash = $this->generatePasswordHash($password, $salt);
$tokenAuth = $this->generateAuthToken();
$args['username'] = $username; $args['username'] = $username;
$args['salt'] = $salt;
$args['password'] = $hash; $args['password'] = $hash;
$args['tokenAuth'] = $tokenAuth;
return $this->set($args); return $this->set($args);
} }