How To Check User Password As Well

dexterflamez · June 25, 2021, 12:00am

On vendor password update the php code checks for up to 4 previous passwords and make sure it does not match the current password, this php previous password check is also very important for the customer as well, please how can i check this for the customer account as well, thanks in advance.

// Check last 4 passwords
                if (!empty($user_id)) {
                        $current_user_data = db_get_row(
            "SELECT user_id, company_id, is_root, status, user_type, email, user_login, lang_code, password, salt, last_passwords"
            . " FROM ?:users WHERE user_id = ?i",
            $user_id
        );
                    $prev_passwords = !empty($current_user_data['last_passwords']) ? explode(',', $current_user_data['last_passwords']) : array();
                if (!empty(Tygh::$app['session']['auth']['forced_password_change'])) {
                    // if forced password change - new password can't be equal to current password.
                    $prev_passwords[] = $current_user_data['password'];
                }

                if (in_array(fn_generate_salted_password($user_data['password1'], $current_user_data['salt']), $prev_passwords)) {
                    $valid_passwords = false;
                    fn_set_notification('E', __('error'), __('error_password_was_used'));
                } else {
                    if (count($prev_passwords) >= 5) {
                        array_shift($prev_passwords);
                    }
                    $user_data['last_passwords'] = implode(',', $prev_passwords);
                }
            }

ecomlabs · June 25, 2021, 12:00am

As far as I remember, this feature will be added to the nearest version

dexterflamez · June 25, 2021, 12:00am

How can I modify this code to work on 9.x.x, I did a little work around and it works partially, any help will be appreciated, the solution is just to extend it to the customer users as well