fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-01-09 11:44:10 +09:00
Code Issues Projects Releases Packages Wiki Activity

fix #1315 인증메일 및 비밀번호 찾기에서 새 비밀번호 및 인증키 발급 개선

Browse source
This commit is contained in:
bnu 2015-03-06 13:50:14 +09:00
parent 867fb4ab10
commit 445a41411e
2 changed files with 124 additions and 41 deletions
Download patch file Download diff file Expand all files Collapse all files

33
modules/member/member.controller.php
View file

@ -966,11 +966,12 @@ class memberController extends member
}
// Insert data into the authentication DB
$oPassword = new Password();
$args = new stdClass();
$args->user_id = $member_info->user_id;
$args->member_srl = $member_info->member_srl;
$args->new_password = rand(111111,999999);
$args->auth_key = md5( rand(0,999999 ) );
$args->new_password = $oPassword->generateStrongPassword();
$args->auth_key = $oPassword->createSecureSalt(40);
$args->is_register = 'N';
$output = executeQuery('member.insertAuthMail', $args);
@ -1070,17 +1071,17 @@ class memberController extends member
}
// Update to a temporary password and set change_password_date to 1
$args = new stdClass;
$args->member_srl = $member_srl;
list($usec, $sec) = explode(" ", microtime());
$temp_password = substr(md5($user_id . $member_info->find_account_answer. $usec . $sec),0,15);
$oPassword = new Password();
$temp_password = $oPassword->generateStrongPassword();
$args = new stdClass();
$args->member_srl = $member_srl;
$args->password = $temp_password;
$args->change_password_date = '1';
$output = $this->updateMemberPassword($args);
if(!$output->toBool()) return $output;
$_SESSION['xe_temp_password_'.$user_id] = $temp_password;
$_SESSION['xe_temp_password_' . $user_id] = $temp_password;
$this->add('user_id',$user_id);
@ -1177,10 +1178,11 @@ class memberController extends member
$chk_args->member_srl = $member_srl;
$output = executeQuery('member.chkAuthMail', $chk_args);
if($output->toBool() && $output->data->count == '0') return new Object(-1, 'msg_invalid_request');
// Insert data into the authentication DB
$auth_args = new stdClass;
$auth_args->member_srl = $member_srl;
$auth_args->auth_key = md5(rand(0, 999999));
$auth_args->auth_key = $oPassword->createSecureSalt(40);
$output = executeQuery('member.updateAuthMail', $auth_args);
if(!$output->toBool())
@ -1355,11 +1357,12 @@ class memberController extends member
$this->_clearMemberCache($args->member_srl);
// generate new auth key
$auth_args = new stdClass;
$oPassword = new Password();
$auth_args = new stdClass();
$auth_args->user_id = $memberInfo->user_id;
$auth_args->member_srl = $memberInfo->member_srl;
$auth_args->new_password = $memberInfo->password;
$auth_args->auth_key = md5( rand(0,999999 ) );
$auth_args->auth_key = $oPassword->createSecureSalt(40);
$auth_args->is_register = 'Y';
$output = executeQuery('member.insertAuthMail', $auth_args);
@ -2067,11 +2070,12 @@ class memberController extends member
if($args->denied == 'Y')
{
// Insert data into the authentication DB
$auth_args = new stdClass;
$oPassword = new Password();
$auth_args = new stdClass();
$auth_args->user_id = $args->user_id;
$auth_args->member_srl = $args->member_srl;
$auth_args->new_password = $args->password;
$auth_args->auth_key = md5(rand(0, 999999));
$auth_args->auth_key = $oPassword->createSecureSalt(40);
$auth_args->is_register = 'Y';
$output = executeQuery('member.insertAuthMail', $auth_args);
@ -2445,10 +2449,11 @@ class memberController extends member
}
unset($_SESSION['rechecked_password_step']);
$auth_args = new stdClass;
$oPassword = new Password();
$auth_args = new stdClass();
$auth_args->user_id = $newEmail;
$auth_args->member_srl = $member_info->member_srl;
$auth_args->auth_key = md5(rand(0, 999999));
$auth_args->auth_key = $oPassword->createSecureSalt(40);
$auth_args->new_password = 'XE_change_emaill_address';
$output = executeQuery('member.insertAuthMail', $auth_args);