Textpattern CMS support forum
You are not logged in. Register | Login | Help
- Topics: Active | Unanswered
Re: How to compare passwords in TXP?
skrishi wrote:
Can I use
txp_validate()
Yes, you can.
/**
Include txp_auth.php. "txpath" constant will return the
absolute path to /textpattern/ directory
*/
include_once txpath.'/include/txp_auth.php';
/**
Setting the third parameter to false, will make it just to
check the credentials w/o updating the last access time
*/
if(txp_validate($name,$oldpass,false) == false)
return;
safe_field('repet', safe_pfx('gvv_user_edit'), "name = '".doSlash($name)."'");
You don’t need to use safe_pfx()
when using TXP’s safe_
functions to run queries. Safe_
functions already automatically adds prefix to the table name. You only need to use safe_pfx()
when building your own queries with safe_query()
(or mysql_query()
) function that doesn’t offer dedicated table parameter.
Offline
Re: How to compare passwords in TXP?
Gocom wrote:
Yes, you can.
/**
Include txp_auth.php. "txpath" constant will return the
absolute path to /textpattern/ directory
*/
include_once txpath.'/include/txp_auth.php';
/**
Setting the third parameter to false, will make it just to
check the credentials w/o updating the last access time
*/
if(txp_validate($name,$oldpass,false) == false)
return;
I do it:
if(!txp_validate(doSlash($name), $oldpass))
{
return gvv_gTxt('old_pass_error');
}
$rs = safe_update(safe_pfx('txp_users'), "pass = password(lower('".doSlash($oldpass)."'))", "name = '".doSlash($name)."'");
safe_delete(safe_pfx('gvv_user_edit'), "name = '".doSlash($name)."'");
It seems it works. At least if we mean "pass = password (lower ('". doSlash ($ new_pass )."'))"
But I’ll keep in mind. Thank you.
You don’t need to use
safe_pfx()
when using TXP’ssafe_
functions to run queries.Safe_
functions already automatically adds prefix to the table name. You only need to usesafe_pfx()
when building your own queries withsafe_query()
(ormysql_query()
) function that doesn’t offer dedicated table parameter.
Okay, I’ll remove the excess
Thank you
Last edited by skrishi (2011-03-27 23:21:20)
Offline
Re: How to compare passwords in TXP?
skrishi wrote:
if(!txp_validate(doSlash($name), $oldpass))
Do not use doSlash()
. You would be double escaping the $name
as txp_validate() already does escaping. Also, set the third $log
parameter to false if you don’t want to extend the active session’s life-time.
Offline
Re: How to compare passwords in TXP?
Gocom wrote:
if(!txp_validate(doSlash($name), $oldpass))
Do not use
doSlash()
. You would be double escaping the$name
as txp_validate() already does escaping. Also, set the third$log
parameter to false if you don’t want to extend the active session’s life-time.
Yes, I have seen and corrected already.
But thanks anyway for the reminder.
Offline
Re: How to compare passwords in TXP?
Good afternoon.
I rewrote a lot. This time I did not translate everything into English, that would not waste your time. In addition, most of all, I would have done it wrong.
If possible, please give an example of how to make a language file that I could fix it.
If all is well, then I think it can be laid out for installation.
Offline