Search moodle.org's
Developer Documentation

See Release Notes

  • Bug fixes for general core bugs in 3.10.x will end 8 November 2021 (12 months).
  • Bug fixes for security issues in 3.10.x will end 9 May 2022 (18 months).
  • PHP version: minimum PHP 7.2.0 Note: minimum PHP version has increased since Moodle 3.8. PHP 7.3.x and 7.4.x are supported too.
   1  <?php
   2  
   3  // This file is part of Moodle - http://moodle.org/
   4  //
   5  // Moodle is free software: you can redistribute it and/or modify
   6  // it under the terms of the GNU General Public License as published by
   7  // the Free Software Foundation, either version 3 of the License, or
   8  // (at your option) any later version.
   9  //
  10  // Moodle is distributed in the hope that it will be useful,
  11  // but WITHOUT ANY WARRANTY; without even the implied warranty of
  12  // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  13  // GNU General Public License for more details.
  14  //
  15  // You should have received a copy of the GNU General Public License
  16  // along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
  17  
  18  /**
  19   * This script allows you to reset any local user password.
  20   *
  21   * @package    core
  22   * @subpackage cli
  23   * @copyright  2009 Petr Skoda (http://skodak.org)
  24   * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
  25   */
  26  
  27  define('CLI_SCRIPT', true);
  28  
  29  require(__DIR__.'/../../config.php');
  30  require_once($CFG->libdir.'/clilib.php');      // cli only functions
  31  
  32  // Define the input options.
  33  $longparams = array(
  34          'help' => false,
  35          'username' => '',
  36          'password' => '',
  37          'ignore-password-policy' => false
  38  );
  39  
  40  $shortparams = array(
  41          'h' => 'help',
  42          'u' => 'username',
  43          'p' => 'password',
  44          'i' => 'ignore-password-policy'
  45  );
  46  
  47  // now get cli options
  48  list($options, $unrecognized) = cli_get_params($longparams, $shortparams);
  49  
  50  if ($unrecognized) {
  51      $unrecognized = implode("\n  ", $unrecognized);
  52      cli_error(get_string('cliunknowoption', 'admin', $unrecognized));
  53  }
  54  
  55  if ($options['help']) {
  56      $help =
  57  "Reset local user passwords, useful especially for admin acounts.
  58  
  59  There are no security checks here because anybody who is able to
  60  execute this file may execute any PHP too.
  61  
  62  Options:
  63  -h, --help                    Print out this help
  64  -u, --username=username       Specify username to change
  65  -p, --password=newpassword    Specify new password
  66  --ignore-password-policy      Ignore password policy when setting password
  67  
  68  Example:
  69  \$sudo -u www-data /usr/bin/php admin/cli/reset_password.php
  70  \$sudo -u www-data /usr/bin/php admin/cli/reset_password.php --username=rosaura --password=jiu3jiu --ignore-password-policy
  71  ";
  72  
  73      echo $help;
  74      die;
  75  }
  76  if ($options['username'] == '' ) {
  77      cli_heading('Password reset');
  78      $prompt = "Enter username (manual authentication only)";
  79      $username = cli_input($prompt);
  80  } else {
  81      $username = $options['username'];
  82  }
  83  
  84  if (!$user = $DB->get_record('user', array('auth'=>'manual', 'username'=>$username, 'mnethostid'=>$CFG->mnet_localhost_id))) {
  85      cli_error("Can not find user '$username'");
  86  }
  87  
  88  if ($options['password'] == '' ) {
  89      $prompt = "Enter new password";
  90      $password = cli_input($prompt);
  91  } else {
  92      $password = $options['password'];
  93  }
  94  
  95  $errmsg = '';//prevent eclipse warning
  96  if (!$options['ignore-password-policy'] ) {
  97      if (!check_password_policy($password, $errmsg, $user)) {
  98          cli_error(html_to_text($errmsg, 0));
  99      }
 100  }
 101  
 102  $hashedpassword = hash_internal_user_password($password);
 103  
 104  $DB->set_field('user', 'password', $hashedpassword, array('id'=>$user->id));
 105  
 106  echo "Password changed\n";
 107  
 108  exit(0); // 0 means success.