Friendica Communications Platform (please note that this is a clone of the repository at github, issues are handled there)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

98 lines
2.5 KiB

namespace Friendica\Core\Console;
use Friendica\Core\L10n;
use Friendica\Model\Contact;
use Friendica\Model\User;
use Friendica\Core\Config;
use Friendica\Database\DBM;
use dba;
* @brief tool to set a new password for a user
* With this tool, you can set a new password for a user
* License: AGPLv3 or later, same as Friendica
* @author Michael Vogel <>
class NewPassword extends \Asika\SimpleConsole\Console
protected $helpOptions = ['h', 'help', '?'];
protected function getHelp()
$help = <<<HELP
console newpassword - Creates a new password for a given user
bin/console newpassword <nickname> [<password>] [-h|--help|-?] [-v]
Creates a new password for a user without using the "forgot password" functionality.
-h|--help|-? Show help information
-v Show more debug information.
return $help;
protected function doExecute()
$a = get_app();
if ($this->getOption('v')) {
$this->out('Class: ' . __CLASS__);
$this->out('Arguments: ' . var_export($this->args, true));
$this->out('Options: ' . var_export($this->options, true));
if (count($this->args) == 0) {
return 0;
if (count($this->args) > 2) {
throw new \Asika\SimpleConsole\CommandArgsException('Too many arguments');
require_once '.htconfig.php';
$result = \dba::connect($db_host, $db_user, $db_pass, $db_data);
unset($db_host, $db_user, $db_pass, $db_data);
if (!$result) {
throw new \RuntimeException('Unable to connect to database');
$nick = $this->getArgument(0);
$user = dba::selectFirst('user', ['uid'], ['nickname' => $nick]);
if (!DBM::is_result($user)) {
throw new \RuntimeException(L10n::t('User not found'));
$password = $this->getArgument(1);
if (is_null($password)) {
$this->out(L10n::t('Enter new password: '), false);
$password = \Seld\CliPrompt\CliPrompt::hiddenPrompt(true);
if (!$password) {
throw new \RuntimeException(L10n::t('Password can\'t be empty'));
if (!Config::get('system', 'disable_password_exposed', false) && User::isPasswordExposed($password)) {
throw new \RuntimeException(L10n::t('The new password has been exposed in a public data dump, please choose another.'));
if (!User::updatePassword($user['uid'], $password)) {
throw new \RuntimeException(L10n::t('Password update failed. Please try again.'));
$this->out(L10n::t('Password changed.'));
return 0;