18 if (!function_exists(
'password_hash')) {
19 throw new \RuntimeException(
"password_hash and associated functions are required.");
33 return password_needs_rehash($hash, PASSWORD_DEFAULT);
56 return password_hash(
$password, PASSWORD_DEFAULT);
77 $user->setPrivateSetting(
'passwd_conf_code',
$code);
78 $user->setPrivateSetting(
'passwd_conf_time', time());
97 'action' =>
'requestnewpassword',
99 'ip_address' => $ip_address,
119 if (!
$user instanceof \ElggUser) {
157 $saved_code =
$user->getPrivateSetting(
'passwd_conf_code');
158 $code_time = (int)
$user->getPrivateSetting(
'passwd_conf_time');
159 $codes_match =
_elgg_services()->crypto->areEqual($saved_code, $conf_code);
161 if (!$saved_code || !$codes_match) {
166 if (!$code_time || $code_time < time() - 24 * 60 * 60) {
174 $user->removePrivateSetting(
'passwd_conf_code');
175 $user->removePrivateSetting(
'passwd_conf_time');
180 $ns = $reset ?
'resetpassword' :
'changepassword';
verify($password, $hash)
Verify a password against a hash using a timing attack resistant approach.
$params
Saves global plugin settings.
__construct()
Constructor.
reset_login_failure_count($user_guid)
Resets the fail login count for $user_guid.
executeNewPasswordReset($user_guid, $conf_code, $password=null)
Validate and change password for a user.
notify_user($to, $from=0, $subject= '', $message= '', array $params=[], $methods_override=null)
Notify a user via their preferences.
if(!$item instanceof ElggEntity) $link
$user_guid
Validate a user.
if(!$user||!$user->canEdit()) $password
elgg_generate_url($name, array $parameters=[])
Generate a URL for named route.
needsRehash($hash)
Determine if the password hash needs to be rehashed.
elgg_get_site_entity()
Get the current site entity.
generate_random_cleartext_password()
Generate a random 12 character clear text password.
_elgg_services()
Get the global service provider.
generateHash($password)
Hash a password for storage using password_hash()
forcePasswordReset($user, $password)
Set a user's new password and save the entity.
sendNewPasswordRequest($user_guid)
Generate and send a password request email to a given user's registered email address.
get_entity($guid)
Loads and returns an entity object from a guid.