The last notes
All English-language materials have been translated fully automatically using the Google service
Generation of "Sign out" and "Registration" links
if ($ USER-> IsAuthorized ()) {
<a href="<?echo $APPLICATION-> GetCurPageParam ("logout = yes", array (
"login",
"logout",
"register",
"forgot_password",
"change_password"));?> "> Exit </a>
} else {
<a href="<?echo $APPLICATION-> GetCurPageParam ("register = yes", array (
"login",
"logout",
"forgot_password",
"change_password"));?> "> Registration </a>
}
Check if $ password is the current user password
/ **
* Check if $ password is the current user's password.
*
* @param int $ userId
* @param string $ password
*
* @return bool
* /
function isUserPassword ($ userId, $ password)
{
$ userData = CUser :: GetByID ($ userId) -> Fetch ();
$ salt = substr ($ userData ['PASSWORD'], 0, (strlen ($ userData ['PASSWORD']) - 32));
$ realPassword = substr ($ userData ['PASSWORD'], -32);
$ password = md5 ($ salt. $ password);
return ($ password == $ realPassword);
}
Thanks for the function Shokov Alexey
Checking the password using regular means
$ login = CUser :: GetLogin (); // get the login of the current user
$ USERcheck = new CUser;
$ check = $ USERcheck-> Login ($ login, 'fsdfsfO', 'N', 'Y'); // check if the password is correct
print_r ($ check); // If the password is correct, it will return 1, otherwise an array with an error
Change user password
global $ USER;
$ arResult = $ USER-> ChangePassword ("admin", "WRD45GT", "123456", "123456");
if ($ arResult ["TYPE"] == "OK") echo "Password changed successfully.";
else ShowMessage ($ arResult);
Password validation using Bitrix tools
$ policy = \ CUser :: GetGroupPolicy ([3]); // Get the security policy for the user group with id = 3
$ password = 'gdf'; // Check if the new password meets the Bitrix rules
$ user = new CUser; // CheckPasswordAgainstPolicy method is non-static so we declare a new instance of the CUser class
$ errors = user-> CheckPasswordAgainstPolicy ($ password, $ policy); // If the password matches, then an empty array will be returned; otherwise, the array will list all errors related to the password
We are struggling with the problem of session conflict between the main site and the subdomain
Add to the file init.php
session_name(\Bitrix\Main\Config\Option::get('main', 'cookie_name') . '_PHPSESSID');
End-to-end authorization on subdomains
First of all, go to the settings of the main module and enable the options
Distribute cookies to all domains (https only)
Extend authorization to all domains (https only)
If authorization still does not work, then look at the session.cookie_domain
settings in php.ini
Here you need to specify the site domain without protocol and subdomain. The dot before the variable is required
.domain.com
It will be interesting to read the article:
Comments