silverstripe-framework/security/MemberPassword.php

39 lines
1.0 KiB
PHP
Raw Normal View History

<?php
/**
* Keep track of users' previous passwords, so that we can check that new passwords aren't changed back to old ones.
*/
class MemberPassword extends DataObject {
static $db = array(
'Password' => 'Varchar',
'Salt' => 'Varchar',
'PasswordEncryption' => 'Varchar',
);
static $has_one = array(
'Member' => 'Member',
);
/**
* Log a password change from the given member.
* Call MemberPassword::log($this) from within Member whenever the password is changed.
*/
static function log($member) {
$record = new MemberPassword();
$record->MemberID = $member->ID;
$record->Password = $member->Password;
$record->PasswordEncryption = $member->PasswordEncryption;
$record->Salt = $member->Salt;
$record->write();
}
/**
* Check if the given password is the same as the one stored in this record
*/
function checkPassword($password) {
$encryption_details = Security::encrypt_password($password, $this->Salt, $this->PasswordEncryption);
return ($this->Password === $encryption_details['password']);
}
}