Working with authorization \ user registration in Bitrix
Работа с авторизацией \ регистрацией пользователя в Битрикс

All English-language materials have been translated fully automatically using the Google service

Generation of "Sign out" and "Registration" links

if ($ USER-> IsAuthorized ()) {
<a href="<?echo $APPLICATION-> GetCurPageParam ("logout = yes", array (
"change_password"));?> "> Exit </a>
} else {
<a href="<?echo $APPLICATION-> GetCurPageParam ("register = yes", array (
"change_password"));?> "> Registration </a>

Check if $ password is the current user password

  / **
 * Check if $ password is the current user's password.
 * @param int $ userId
 * @param string $ password
 * @return bool
 * /
function isUserPassword ($ userId, $ password)
    $ userData = CUser :: GetByID ($ userId) -> Fetch ();

    $ salt = substr ($ userData ['PASSWORD'], 0, (strlen ($ userData ['PASSWORD']) - 32));

    $ realPassword = substr ($ userData ['PASSWORD'], -32);
    $ password = md5 ($ salt. $ password);

    return ($ password == $ realPassword);

Thanks for the function Shokov Alexey

Checking the password using regular means

  $ login = CUser :: GetLogin (); // get the login of the current user
$ USERcheck = new CUser;
$ check = $ USERcheck-> Login ($ login, 'fsdfsfO', 'N', 'Y'); // check if the password is correct
print_r ($ check); // If the password is correct, it will return 1, otherwise an array with an error  

Change user password

  global $ USER;
$ arResult = $ USER-> ChangePassword ("admin", "WRD45GT", "123456", "123456");
if ($ arResult ["TYPE"] == "OK") echo "Password changed successfully.";
else ShowMessage ($ arResult);  

Password validation using Bitrix tools

  $ policy = \ CUser :: GetGroupPolicy ([3]); // Get the security policy for the user group with id = 3
$ password = 'gdf'; // Check if the new password meets the Bitrix rules
$ user = new CUser; // CheckPasswordAgainstPolicy method is non-static so we declare a new instance of the CUser class
$ errors = user-> CheckPasswordAgainstPolicy ($ password, $ policy); // If the password matches, then an empty array will be returned; otherwise, the array will list all errors related to the password  

We are struggling with the problem of session conflict between the main site and the subdomain

Add to the file init.php

session_name(\Bitrix\Main\Config\Option::get('main', 'cookie_name') . '_PHPSESSID');

End-to-end authorization on subdomains

First of all, go to the settings of the main module and enable the options

Distribute cookies to all domains (https only)
Extend authorization to all domains (https only)

If authorization still does not work, then look at the session.cookie_domain settings in php.ini

Here you need to specify the site domain without protocol and subdomain. The dot before the variable is required

It will be interesting to read the article:


There are no comments yet, you can be the first to leave it

Leave a comment

The site uses a comment pre-moderation system, so your message will be published only after approval by the moderator

You are replying to a user's comment



Email me

Are you developing a new service, making improvements to the existing one and want to be better than your competitors? You have come to the right place. I offer you a comprehensive studio-level website development. From me you can order design, layout, programming, development of non-traditional functionality, implementation of communication between CMS, CRM and Data Analitics, as well as everything else related to sites, except for promotion.

Contact, I will always advise on all questions and help you find the most effective solution for your business. I am engaged in the creation of sites in Novosibirsk and in other regions of Russia, I also work with the CIS countries. You will be satisfied with our cooperation

An error occurred while sending, please try again after a while
Message sent successfully


+7(993) 007-18-96



Россия, г. Москва

By submitting the form, you automatically confirm that you have read and accept the Privacy Policy site

Contact with me
Send message
By submitting the form, you automatically confirm that you have read and accept Privacy policy of site
Sending successful!
Thank you for contacting :) I will contact you as soon as possible
Sending failed
An error occurred while sending the request. Please wait and try again after a while or call my phone number