From 39604bedef15b7d56c23ce101d5e74a93bc5620c Mon Sep 17 00:00:00 2001
From: Andrew Dolgov <noreply@fakecake.org>
Date: Mon, 15 Feb 2021 16:59:54 +0300
Subject: [PATCH] move reset_password to UserHelper

---
 classes/handler/public.php |  2 +-
 classes/pref/users.php     | 34 +---------------------------------
 classes/userhelper.php     | 30 ++++++++++++++++++++++++++++++
 3 files changed, 32 insertions(+), 34 deletions(-)

diff --git a/classes/handler/public.php b/classes/handler/public.php
index ca963d111..da1e53853 100755
--- a/classes/handler/public.php
+++ b/classes/handler/public.php
@@ -950,7 +950,7 @@ class Handler_Public extends Handler {
 								WHERE id = ?");
 							$sth->execute([$id]);
 
-							Pref_Users::_reset_password($id, true);
+							UserHelper::reset_password($id, true);
 
 							print "<p>"."Completed."."</p>";
 
diff --git a/classes/pref/users.php b/classes/pref/users.php
index d2dd06fd8..ab1694564 100644
--- a/classes/pref/users.php
+++ b/classes/pref/users.php
@@ -166,40 +166,8 @@ class Pref_Users extends Handler_Administrative {
 			}
 		}
 
-		static function _reset_password($uid, $format_output = false) {
-
-			$pdo = Db::pdo();
-
-			$sth = $pdo->prepare("SELECT login FROM ttrss_users WHERE id = ?");
-			$sth->execute([$uid]);
-
-			if ($row = $sth->fetch()) {
-
-				$login = $row["login"];
-
-				$new_salt = substr(bin2hex(get_random_bytes(125)), 0, 250);
-				$tmp_user_pwd = make_password();
-
-				$pwd_hash = encrypt_password($tmp_user_pwd, $new_salt, true);
-
-				$sth = $pdo->prepare("UPDATE ttrss_users
-					  SET pwd_hash = ?, salt = ?, otp_enabled = false
-					WHERE id = ?");
-				$sth->execute([$pwd_hash, $new_salt, $uid]);
-
-				$message = T_sprintf("Changed password of user %s to %s", "<strong>$login</strong>", "<strong>$tmp_user_pwd</strong>");
-
-				if ($format_output)
-					print_notice($message);
-				else
-					print $message;
-
-			}
-		}
-
 		function resetPass() {
-			$uid = clean($_REQUEST["id"]);
-			self::_reset_password($uid);
+			UserHelper::reset_password(clean($_REQUEST["id"]));
 		}
 
 		function index() {
diff --git a/classes/userhelper.php b/classes/userhelper.php
index 744f77a23..8e9b9a01b 100644
--- a/classes/userhelper.php
+++ b/classes/userhelper.php
@@ -169,4 +169,34 @@ class UserHelper {
 		session_commit();
 	}
 
+	static function reset_password($uid, $format_output = false) {
+
+		$pdo = Db::pdo();
+
+		$sth = $pdo->prepare("SELECT login FROM ttrss_users WHERE id = ?");
+		$sth->execute([$uid]);
+
+		if ($row = $sth->fetch()) {
+
+			$login = $row["login"];
+
+			$new_salt = substr(bin2hex(get_random_bytes(125)), 0, 250);
+			$tmp_user_pwd = make_password();
+
+			$pwd_hash = encrypt_password($tmp_user_pwd, $new_salt, true);
+
+			$sth = $pdo->prepare("UPDATE ttrss_users
+				  SET pwd_hash = ?, salt = ?, otp_enabled = false
+				WHERE id = ?");
+			$sth->execute([$pwd_hash, $new_salt, $uid]);
+
+			$message = T_sprintf("Changed password of user %s to %s", "<strong>$login</strong>", "<strong>$tmp_user_pwd</strong>");
+
+			if ($format_output)
+				print_notice($message);
+			else
+				print $message;
+
+		}
+	}
 }