Merge branch 'testing' of git.iamfabulous.de:jungegemeinde into testing

1 files changed, 38 insertions, 6 deletions

diff --git a/class/user.php b/class/user.php
index 1e3bfb3..6e4d594 100644
--- a/class/user.php
+++ b/class/user.php
@@ -75,16 +75,18 @@ class jg {
 		return $this->login;	
 	}
 
-	public function login($user, $password){
+	public function login($user, $password, $verifyByEmail = false){
 		if ( is_null($this->username) )
 			$this->__construct($user);
 		
-		# get hashed password from the database
-		$hashed_password = $this->getPassword();
+		if ( ! $verifyByEmail ) {
+			# get hashed password from the database
+			$hashed_password = $this->getPassword();
 
-		# do the password check with php function
-		if ( ! password_verify($password . PEPPER, $hashed_password) )
-			return false;
+			# do the password check with php function
+			if ( ! password_verify($password . PEPPER, $hashed_password) )
+				return false;
+		}
 
 		# set login to true
 		$this->login = true;
@@ -147,6 +149,36 @@ class jg {
 		return true;
 	}
 
+	public function loginByEmail($name, $hash, $redis) {
+		if( $redis->getValue(strtolower($name)) == $hash ) {
+			return $this->login($name, null, true);
+		} else {
+			return false;
+		}
+	}
+
+	public function setHash($email, $redis) {
+		global $db;
+
+		$sql = $db->prepare("SELECT * FROM " . DBPREFIX . "user WHERE email=%s;", $email);
+		$db_db = $db->doQuery($sql);
+		if ( is_bool($db_db) )
+			return false;
+		else
+			$this->query = $db_db->fetch_array(MYSQLI_ASSOC);
+
+		if ( $this->getEmail == $email) {
+			// See here: https://stackoverflow.com/questions/19017694/one-line-php-random-string-generator?answertab=active#tab-top
+			$hash = chr( mt_rand( 97 ,122 ) ) .substr( md5( time( ) ) ,1 );
+			$redis->setKey(strtolower($email), $hash, 86400);
+
+			sendMailWithHash($email, $this->getUser(), $hash);
+			return true;
+		}
+
+		return false;
+	}
+
 	public function __destruct(){
 		return true;
 	}