Added the change password function

DaBourz · Feb 6, 2013 · 7e8e3cf · 7e8e3cf
1 parent 1a9fdd4
commit 7e8e3cf
Show file tree

Hide file tree

Showing 2 changed files with 44 additions and 1 deletion.
diff --git a/README.markdown b/README.markdown
@@ -1,5 +1,5 @@
 #SimpleLogin Secure
-**Name: SimpleLoginSecure 2.0**  
+**Name: SimpleLoginSecure 2.1**  
 **Released: Feb 8, 2012**  
 **CI Version: Tested with CodeIgniter 2.1.0**  
 **Author: Stéphane Bourzeix**  
@@ -12,6 +12,7 @@ _SimpleLogin-Secure version 2 is by Stéphane Bourzeix from Alex Dunae's code._
   * Upgraded to use the PHPASS version 0.3  
   * Changed the "getwhere()" calls to "get_where()" for Code Igniter 2.0 compatibility.  
   * Added the Update function to allow to change the user's email from your classes.
+  * Added the edit_password function to compare and change passwords
 
 
 In Anthony’s words:  

diff --git a/SimpleLoginSecure.php b/SimpleLoginSecure.php
@@ -222,5 +222,47 @@ function delete($user_id)
 		return $this->CI->db->delete($this->user_table, array('user_id' => $user_id));
 	}
 
+
+	/**
+	* Edit a user password
+	* @author    Stéphane Bourzeix, Pixelmio <stephane[at]bourzeix.com>
+	* @author    Diego Castro <castroc.diego[at]gmail.com>
+	*
+	* @access  public
+	* @param  string
+	* @param  string
+	* @param  string
+	* @return  bool
+	*/
+	function edit_password($user_email = '', $old_pass = '', $new_pass = '')
+	{
+		$this->CI =& get_instance();
+		// Check if the password is the same as the old one
+		$this->CI->db->select('user_pass');
+		$query = $this->CI->db->get_where($this->user_table, array('user_email' => $user_email));
+		$user_data = $query->row_array();
+
+		$hasher = new PasswordHash(PHPASS_HASH_STRENGTH, PHPASS_HASH_PORTABLE);	
+		if (!$hasher->CheckPassword($old_pass, $user_data['user_pass'])){ //old_pass is the same
+			return FALSE;
+		}
+
+		// Hash new_pass using phpass
+		$user_pass_hashed = $hasher->HashPassword($new_pass);
+		// Insert new password into the database
+		$data = array(
+			'user_pass' => $user_pass_hashed,
+			'user_modified' => date('c')
+		);
+
+		$this->CI->db->set($data);
+		$this->CI->db->where('user_email', $user_email);
+		if(!$this->CI->db->update($this->user_table, $data)){ // There was a problem!
+			return FALSE;
+		} else {
+			return TRUE;
+		}
+	}
+
 }
 ?>