ffzg/recall_notices.pl: added --interval and --dedup

[koha.git] / opac / opac-passwd.pl

diff --git a/opac/opac-passwd.pl b/opac/opac-passwd.pl
index b58bc14..4c72d30 100755 (executable)
--- a/opac/opac-passwd.pl
+++ b/opac/opac-passwd.pl
@@ -24,15 +24,14 @@ use CGI qw ( -utf8 );
 
 use C4::Auth;    # checkauth, getborrowernumber.
 use C4::Context;
-use Digest::MD5 qw(md5_base64);
 use C4::Circulation;
 use C4::Members;
 use C4::Output;
-use Koha::AuthUtils qw(hash_password);
 use Koha::Patrons;
 
+use Try::Tiny;
+
 my $query = new CGI;
-my $dbh   = C4::Context->dbh;
 
 my ( $template, $borrowernumber, $cookie ) = get_template_and_user(
     {
@@ -46,7 +45,6 @@ my ( $template, $borrowernumber, $cookie ) = get_template_and_user(
 
 my $patron = Koha::Patrons->find( $borrowernumber );
 if ( C4::Context->preference("OpacPasswordChange") ) {
-    my $sth =  $dbh->prepare("UPDATE borrowers SET password = ? WHERE borrowernumber=?");
     if (   $query->param('Oldkey')
         && $query->param('Newkey')
         && $query->param('Confirm') )
@@ -54,25 +52,26 @@ if ( C4::Context->preference("OpacPasswordChange") ) {
         my $error;
         my $new_password = $query->param('Newkey');
         my $confirm_password = $query->param('Confirm');
-        if ( goodkey( $dbh, $borrowernumber, $query->param('Oldkey') ) ) {
+        if ( C4::Auth::checkpw_hash( scalar $query->param('Oldkey'), $patron->password ) ) {
 
             if ( $new_password ne $confirm_password ) {
                 $template->param( 'Ask_data'       => '1' );
                 $template->param( 'Error_messages' => '1' );
                 $template->param( 'passwords_mismatch'   => '1' );
             } else {
-                my ( $is_valid, $error ) = Koha::AuthUtils::is_password_valid( $new_password );
-                unless ( $is_valid ) {
-                    $error = 'password_too_short' if $error eq 'too_short';
-                    $error = 'password_too_weak' if $error eq 'too_weak';
-                    $error = 'password_has_whitespaces' if $error eq 'has_whitespaces';
-                } else {
-                    # Password is valid and match
-                    my $clave = hash_password( $new_password );
-                    $sth->execute( $clave, $borrowernumber );
+                try {
+                    $patron->set_password({ password => $new_password });
                     $template->param( 'password_updated' => '1' );
                     $template->param( 'borrowernumber'   => $borrowernumber );
                 }
+                catch {
+                    $error = 'password_too_short'
+                        if $_->isa('Koha::Exceptions::Password::TooShort');
+                    $error = 'password_too_weak'
+                        if $_->isa('Koha::Exceptions::Password::TooWeak');
+                    $error = 'password_has_whitespaces'
+                        if $_->isa('Koha::Exceptions::Password::WhitespaceCharacters');
+                };
             }
         }
         else {
@@ -111,23 +110,3 @@ $template->param(
 
 
 output_html_with_http_headers $query, $cookie, $template->output, undef, { force_no_caching => 1 };
-
-sub goodkey {
-    my ( $dbh, $borrowernumber, $key ) = @_;
-
-    my $sth =
-      $dbh->prepare("SELECT password FROM borrowers WHERE borrowernumber=?");
-    $sth->execute($borrowernumber);
-    if ( $sth->rows ) {
-        my $hash;
-        my ($stored_hash) = $sth->fetchrow;
-        if ( substr($stored_hash,0,2) eq '$2') {
-            $hash = hash_password($key, $stored_hash);
-        } else {
-            $hash = md5_base64($key);
-        }
-        if ( $hash eq $stored_hash ) { return 1; }
-        else { return 0; }
-    }
-    else { return 0; }
-}