function paranoia_reset_password_for_uid in Paranoia 7

Resets a password on a uid and sends a mail as appropriate.

Parameters

int $uid: A user ID that should have their password reset.

1 call to paranoia_reset_password_for_uid()

paranoia_reset_stale in ./paranoia.module

Worker callback for the paranoia_stale_expirations queue.

File

./paranoia.module, line 542

Paranoia module file. Provides various extra security features.

Code

function paranoia_reset_password_for_uid($uid) {
  if ($account = user_load($uid)) {

    // The ZZZ prefix ensures the password comparison will fail until a reset.
    // See user_check_password().
    $result = db_query("UPDATE {users} SET pass = CONCAT('ZZZ', SHA(CONCAT(pass, MD5(RAND())))) WHERE uid = :uid", array(
      ':uid' => $account->uid,
    ));
    if ($result) {
      watchdog('paranoia', 'Password randomized for @user.', array(
        '@user' => $account->name,
      ), WATCHDOG_INFO);
      if (variable_get('paranoia_email_notification', FALSE)) {
        paranoia_expired_mail_send($account->uid);
      }
    }
    else {
      watchdog('paranoia', 'Failed to randomize password for uid @uid.', array(
        '@uid' => $uid,
      ), WATCHDOG_ERROR);
    }
  }
}