Joomla: Update user password from external script

Question

I'm trying to update user password from an external script. I use this following script to add user:

    $login = $_POST['login'];
    $password = $_POST['password'];
    //Generate a random string
    $salt = genRandomPassword();
    //$pass is the encripted password
    $pass= md5(stripslashes($password).$salt) .'.'.$salt;

    // Insert columns.
    $columns = array('name', 'username', 'email', 'password');
    // Insert values.
    $values = array($db->quote($name) , $db->quote($login), 
        $db->quote($email), $db->quote($pass));

    $query = $db->getQuery(true);
    // Prepare the insert query.
    $query
    ->insert($db->quoteName(T_USERS))    //T_USERS = users table
    ->columns($db->quoteName($columns))
    ->values(implode(',', $values));

It's work fine and users can login well. But when I update the password with this following script:

    //random string
    $salt = genRandomPassword();
    //$pass is the encripted password
    $pass= md5(stripslashes($password).$salt) .'.'.$salt;
    $fields = array(
        $db->quoteName('password') . ' = ' . $db->quote($pass)
    );
    $conditions = array($db->quoteName('id') . ' = ' . $session->get('user_id'));
    $query = $db->getQuery(true);
    $query->update(T_USERS)->set($fields)->where($conditions);
    $db->setQuery($query);
    $db->execute();

The password is updated into database but the authentication fails.

Please help

Answer 1

I tried your way before, but finally I did in joomla way, first you need this code in your script :

define( '_JEXEC', 1 );
define('JPATH_BASE', '.');
define( 'DS', DIRECTORY_SEPARATOR );

require_once ('includes/defines.php' );
require_once ( 'includes/framework.php' );

there my two functions:

function create()
{
    $openId = $this->getOpenId();
    $udata = array(
        'name' => $_POST['name'],
        'username' => $_POST['name'],
        'password' => $_POST['password'],
        'email' => $_POST['email'],
        'groups' => array(2), // set the usergroup(s) here (id)

    );

    $user = new JUser;
    try {
        $user->bind($udata);
        $user->save();
        if ($user->id == 0) {
            $lang = &JFactory::getLanguage();
            $lang->load('lib_joomla');
            echo json_encode(array('success' => false, 'message' => JText::_($user->getError())));
        } else {
            $sql = "INSERT INTO `bak_fields_values` (`field_id`, `item_id`, `value`) VALUES ('1', '" . $user->id . "', '" . $openId . "')";
            $this->conn->query($sql);
            echo json_encode(array('success' => true, 'message' => 'Ok'));
        }
    } catch (Exception $ex) {
        echo 'Exception: ', $e->getMessage(), '\n';
    }
}

and

function save()
    {
        $rest_json = file_get_contents("php://input");
        $_POST = json_decode($rest_json, true);

        $user = new JUser($_POST['id']);
        $udata = array(
            'name' => $_POST['name'],
            'email' => $_POST['email'],
        ); 
        if ($_POST['password'] != '') {
            $udata['password'] = $_POST['password'];
            $udata['password2'] = $_POST['password'];
        }
        try {
            $user->bind($udata);
            $user->save();
            if (count($user->getErrors()) > 0) {
                $lang = &JFactory::getLanguage();
                $lang->load('lib_joomla');
                echo json_encode(array('success' => false, 'message' => JText::_($user->getError())));
            } else {
                echo json_encode(array('success' => true, 'message' => 'Ok'));
            }
        } catch (Exception $ex) {
            echo 'Exception: ', $e->getMessage(), '\n';
        }
    }