function lostPassword($username, $email)
{
$randomPassword = generate_code(10);
if (changePassword($username, $randomPassword, $randomPassword)) {
if (sendLostPasswordEmail($username, $email, $randomPassword)) {
return true;
}
}
return false;
}
public function doAction()
{
$changePass = changePassword('prj', $this->id_project, $this->old_password, $this->new_password);
if ($changePass <= 0) {
$this->api_output['message'] = 'Wrong id or pass';
return -1;
//FAIL
}
$this->api_output['status'] = 'OK';
$this->api_output['id_project'] = $this->id_project;
$this->api_output['project_pass'] = $this->new_password;
}
public function doAction()
{
if (!$this->userIsLogged) {
throw new Exception('User not Logged');
}
if ($this->undo) {
$new_pwd = $this->old_password;
$actual_pwd = $this->password;
} else {
$new_pwd = CatUtils::generate_password();
$actual_pwd = $this->password;
}
changePassword($this->res_type, $this->res_id, $actual_pwd, $new_pwd);
$this->result['password'] = $new_pwd;
$this->result['undo'] = $this->password;
}
public function post_handler()
{
$this->changed = false;
$old = FormLib::get('oldpass');
$new1 = FormLib::get('newpass1');
$new2 = FormLib::get('newpass2');
if ($new1 != $new2) {
$this->add_onload_command("showBootstrapAlert('#alert-area', 'danger', 'New passwords do not match');\n");
return true;
}
$this->changed = changePassword($this->current_user, $old, $new1);
if (!$this->changed) {
$this->add_onload_command("showBootstrapAlert('#alert-area', 'danger', 'Password change failed. Ensure old password is correct');\n");
}
return true;
}
function changeForm() {
// jeżeli wcisnięty został przycisk "zmień"
if (isset($_POST['changepassword'])) {
$newPassword = clearVariable($_POST['newpassword']);
$repeatPassword = clearVariable($_POST['repeatpassword']);
$oldPassword = clearVariable($_POST['oldpassword']);
$changeStatus;
if (empty($newPassword) || empty($repeatPassword) || empty($oldPassword)) {
// zwrócenie błędu jeżeli któreś pole jest puste
$changeStatus = "<p>Musisz wpisać login i hasło.</p>";
} else if ($newPassword != $repeatPassword) {
$changeStatus = "<p>Nowe hasło i powtórzone hasło są różne.</p>";
} else {
include('php/changepassword.php');
$changeStatus = changePassword($oldPassword, $newPassword);
}
echo $changeStatus;
}
?>
<form action="?category=account&action=changepassword" method="post">
<table>
<tr>
<td>Nowe hasło:</td>
<td><input id="Password1" type="password" maxlength="16" size="16" name="newpassword" /></td>
</tr>
<tr>
<td>Powtórz:</td>
<td><input id="Password1" type="password" maxlength="16" size="16" name="repeatpassword" /></td>
</tr>
<tr>
<td>Stare hasło:</td>
<td><input id="Password1" type="password" maxlength="16" size="16" name="oldpassword" /></td>
</tr colspan="2">
<td><input id="Submit1" type="submit" name="changepassword" value="Zmień" /></td>
</table>
</form>
<?php
}
/**
* Überprüft, ob das angegebene Passwort korrekt ist. Wenn dem so ist,
* wird je nachdem, welche Daten vorhanden sind, das Passwort und/oder
* die E-Mail-Adresse modifiziert.
*/
function executeModification()
{
// Passwort überpruefen
if (!isset($_POST['currentPassword'])) {
throw new Exception('Bitte geben Sie Ihr Passwort an.');
}
$verified = verifyPassword();
if (!$verified) {
throw new Exception('Bitte geben Sie ihr korrektes Passwort an.');
}
$success = true;
$userid = $_SESSION['userid'];
// überpruefen, was geändert werden soll
$changePassword = isset($_POST['newPassword']) && $_POST['newPassword'] != '' && (isset($_POST['newPasswordRepeat']) && $_POST['newPasswordRepeat'] != '');
$changeEmail = isset($_POST['newEmail']) && $_POST['newEmail'] != '' && (isset($_POST['newEmailRepeat']) && $_POST['newEmailRepeat'] != '');
if ($changePassword) {
$success &= changePassword();
}
if ($changeEmail) {
$success &= changeEmail();
}
if ($success) {
if ($changeEmail && $changePassword) {
echo "Ihre E-Mail-Adresse und Ihr Passwort wurden erfolgreich geändert.";
} else {
if ($changeEmail && !$changePassword) {
echo "Ihre E-Mail-Adresse wurde erfolgreich geändert.";
} else {
if (!$changeEmail && $changePassword) {
echo "Ihr Passwort wurde erfolgreich geändert.";
}
}
}
} else {
throw new Exception();
}
}
<?php
include "../util/DbUtil.php";
session_start();
$password = mysql_real_escape_string($_POST['password']);
$passwordConf = mysql_real_escape_string($_POST['passwordConf']);
$securityQuestionAnswer = mysql_real_escape_string($_POST['securityQuestionAnswer']);
$response = "test";
$changeSecurityQuestion = isset($_POST['securityQuestion']);
if ($changeSecurityQuestion && $_POST['securityQuestion'] === "") {
$response = "Must choose security question";
} elseif ($password != $passwordConf) {
$response = "passwords must match";
} elseif ($securityQuestionAnswer == "") {
$response = "No security question answer supplied";
} else {
$db_conn = getConnectedDb();
if (is_null($db_conn)) {
$response = "Error connecting to database. Try again later.";
} elseif (!securityQuestionAnswerCorrect($db_conn, $securityQuestionAnswer, $_SESSION['userid'])) {
$response = "Supplied answer is incorrect.";
} elseif ($changeSecurityQuestion && !changeSecurityQuestion($db_conn, $_SESSION['userid'], $_POST['securityQuestion'])) {
$response = "Security question change failed. No password change made.";
} elseif (!changePassword($db_conn, $_SESSION['userid'], $password)) {
$response = "Failed to change password for unknown reason.";
} else {
$response = "success";
}
}
echo $response;
} else {
if (updateTitle($userId, $title)) {
$successes[] = lang("ACCOUNT_TITLE_UPDATED", array($displayname, $title));
} else {
$errors[] = lang("SQL_ERROR");
}
}
}
//Update password
if (isset($_POST['password'])) {
$password = trim($_POST['password']);
//Validate password
if (minMaxRange(1, 50, $password)) {
$errors[] = lang("ACCOUNT_PASS_CHAR_LIMIT", array(1, 50));
} else {
if (changePassword($userId, $password)) {
$successes[] = lang("ACCOUNT_PASS_UPDATED", array($displayname, $password));
} else {
$errors[] = lang("SQL_ERROR");
}
}
}
//Remove permission level
if (!empty($_POST['removePermission'])) {
$remove = $_POST['removePermission'];
if ($deletion_count = removePermission($remove, $userId)) {
$successes[] = lang("ACCOUNT_PERMISSION_REMOVED", array($deletion_count));
} else {
$errors[] = lang("SQL_ERROR");
}
}
$op->user_feedback = null;
$op->status = tl::OK;
$doUpdate = false;
switch ($args->doAction) {
case 'editUser':
$doUpdate = true;
foreach ($args->user as $key => $value) {
$user->{$key} = $value;
}
$op->status = tl::OK;
$op->auditMsg = "audit_user_saved";
$op->user_feedback = lang_get('result_user_changed');
$gui->update_title_bar = 1;
break;
case 'changePassword':
$op = changePassword($args, $user);
$doUpdate = $op->status >= tl::OK;
break;
case 'genAPIKey':
$op = generateAPIKey($args, $user);
break;
}
if ($doUpdate) {
$op->status = $user->writeToDB($db);
if ($op->status >= tl::OK) {
logAuditEvent(TLS($op->auditMsg, $user->login), "SAVE", $user->dbID, "users");
$_SESSION['currentUser'] = $user;
setUserSession($db, $user->login, $args->userID, $user->globalRoleID, $user->emailAddress, $user->locale);
}
}
$gui->loginHistory = new stdClass();
//Delete URL pattern: controller.php?operation=delete&fileName=???
} else {
if ('delete' == $operation) {
deleteFile($_POST['fileName'], getCurrentPath());
//Rename URL pattern: controller.php?operation=rename&originalFileName=???&newFileName=???
} else {
if ('rename' == $operation) {
renameFile($_POST['originalFileName'], $_POST['newFileName'], getCurrentPath());
//New Folder URL pattern: controller.php?operation=newFolder$folderName=???
} else {
if ('newFolder' == $operation) {
newFolder($_POST['folderName'], getCurrentPath());
//Change Readonly Password URL patterm: controller.php?operation=changePassword&oldPassword=???&newPassword=???
} else {
if ('changePassword' == $operation) {
changePassword($_POST['oldPassword'], $_POST['newPassword']);
}
}
}
}
}
}
}
}
}
}
} else {
setcookie('token', 'Time out', time() - 3600);
}
//Download URL pattern: controller.php?operation=download&fileName=???
if ('download' == @$_GET['operation']) {
/*
* Created on 17-okt-2011
* author Paul Wolbers
*/
$current_path = dirname(realpath(__FILE__));
require_once '../include/default.inc.php';
if (isset($_GET['action'])) {
switch ($_GET['action']) {
case 'reset':
forgottenPassword();
break;
case 'activate':
activate();
break;
case 'change_password':
changePassword();
break;
}
} else {
$letters = 'ABCDEFGHKLMNPRSTUVWYZ';
$_SESSION['cptch'] = rand(10, 99) . substr($letters, rand(1, 20), 1) . substr($letters, rand(1, 20), 1) . rand(10, 99);
$_SESSION['c_s_id'] = md5($_SESSION['cptch']);
$obj_smarty->display(FULLCAL_DIR . '/forgotten-password/index.tpl');
//header('location:'.FULLCAL_DIR.'/get-the-app-and-register');
exit;
}
function forgottenPassword()
{
global $error;
global $obj_smarty;
$use_captcha = true;
echo '</div>';
echo '<div class="tagline">';
echo '<div class="memberInfoHead">' . __('Your Loan History') . '</div>' . "\n";
echo '</div>';
echo showLoanHist();
echo '</div>';
echo '<div class="tagline">';
echo '<div class="memberInfoHead">' . __('Your Title Basket') . '</div><a name="biblioBasket"></a>' . "\n";
echo showBasket();
echo '</div>';
// change password only form NATIVE authentication, not for others such as LDAP
if ($sysconf['auth']['member']['method'] == 'native') {
echo '<div class="tagline">';
echo '<div class="memberInfoHead">' . __('Change Password') . '</div>' . "\n";
echo '</div>';
echo changePassword();
}
?>
<script type="text/javascript">
$(document).ready( function() {
$('.clearAll').click(function(evt) {
evt.preventDefault();
var anchor = $(this);
// get anchor href
var aHREF = anchor.attr('href');
var postData = anchor.attr('postdata');
if (confirm('Clear your title(s) basket?')) {
// send ajax
$.ajax({ type: 'POST',
url: aHREF, cache: false, data: postData, async: false,
success: function(ajaxRespond) {
<?php
$error = '';
if (isset($_POST['submit_password'])) {
if (empty($_POST['newpassword']) || empty($_POST['password2']) || !password_verify($_POST['password2'], getUserByID($_SESSION['user_id'])['password'])) {
$error = 'Password or New Password is invalid!';
} else {
$Userid = $_SESSION['user_id'];
$newpassword = $_POST['newpassword'];
$options = ['cost' => strlen($_SESSION['login_user'])];
$hashedpass = password_hash($newpassword, PASSWORD_DEFAULT, $options);
changePassword($Userid, $hashedpass);
echo '<script>window.location = "profile.php"</script>';
}
}
<?php
/// Copyright (c) 2004-2015, Needlworks / Tatter Network Foundation
/// All rights reserved. Licensed under the GPL.
/// See the GNU General Public License for more details. (/documents/LICENSE, /documents/COPYRIGHT)
$IV = array('POST' => array('pwd' => array('string', 'default' => ''), 'prevPwd' => array('string', 'default' => '')));
require ROOT . '/library/preprocessor.php';
requireStrictRoute();
$result = false;
$isAuthToken = Setting::getUserSetting('AuthToken', false, true) ? true : false;
if ($_POST['pwd'] != '' && ($_POST['prevPwd'] != '' || $isAuthToken != false)) {
$result = changePassword(getUserId(), $_POST['pwd'], $_POST['prevPwd'], $isAuthToken);
}
if ($result) {
Respond::ResultPage(0);
} else {
Respond::ResultPage(-1);
}
<?php
session_start();
require_once '../core/init.php';
auth();
// protects this page against unauthenticated users
if (isset($_POST['save'])) {
$userId = $_SESSION['user_id'];
$prevPass = $_POST['prevPass'];
$newPass1 = $_POST['newPass1'];
$newPass2 = $_POST['newPass2'];
// use change password function to changes
$messages = changePassword($userId, $prevPass, $newPass1, $newPass2);
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<!-- The above 3 meta tags *must* come first in the head; any other head content must come *after* these tags -->
<title>Change Password</title>
<!-- Bootstrap -->
<link href="css/bootstrap.min.css" rel="stylesheet">
<link rel="stylesheet" type="text/css" href="css/account.css">
<link rel="stylesheet" type="text/css" href="css/animate.css">
<!-- HTML5 shim and Respond.js for IE8 support of HTML5 elements and media queries -->
session_start();
include "../../code/php/AC.php";
if (isset($_POST["email"])) {
// Check if this user exists
$email = $_POST["email"];
$name = getUserNameFromEmail($email);
//echo "Found this name: ".$name." in our records";
if ($email == "" || $name == "unknown") {
audit("newPassword", "account does not exist " . $_POST["email"]);
echo "<script>message = \"This account does not exist.\";</script>";
} else {
// create a new password for this account and send to user
audit("newPassword", "send to " . $_POST["email"]);
$pw = substr(uniqid(), 0, 8);
$md5version = md5($pw);
changePassword($name, $md5version);
// email user
$serv = split(':', $_SERVER['HTTP_HOST']);
$message = "A new password has been created for account \"" . $name . "\" on " . $serv[0] . ". Login using this password: \"" . $pw . "\"";
$headers = "From: alexdecastro2@gmail.com\r\n";
mail($email, 'Password Reset', $message, $headers);
echo "<script>message = \"An email has been send to your account. After you receive the email, try to login again <a href='login.php'>here</a>.\";</script>";
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
function test_checkUser()
{
appendTestMessage(NEW_LINE_LOG . ">> Test user actions..." . NEW_LINE_LOG);
// New user empty
appendTestMessage("Test new empty user");
$ret = checkUser("", "");
if (!$ret) {
appendTestMessage("- ok");
} else {
appendTestMessage("- failed");
return false;
}
// New user blank
appendTestMessage("Test new blank user");
$ret = checkUser(" ", "");
if (!$ret) {
appendTestMessage("- ok");
} else {
appendTestMessage("- failed");
return false;
}
// New user format not accepted
appendTestMessage("Test new user, format not accepted");
$ret = checkUser("a user", "");
if (!$ret) {
appendTestMessage("- ok");
} else {
appendTestMessage("- failed");
return false;
}
// New user, blank password
appendTestMessage("Test new user, blank password");
$ret = checkUser("aUser", "");
if ($ret) {
appendTestMessage("- ok");
} else {
appendTestMessage("- failed");
return false;
}
// user, wrong password
appendTestMessage("user, wrong password");
$ret = checkUser("aUser", "wrong");
if (!$ret) {
appendTestMessage("- ok");
} else {
appendTestMessage("- failed");
return false;
}
// user, password
appendTestMessage("user, password ok");
$ret = checkUser("aUser", "");
if ($ret) {
appendTestMessage("- ok");
} else {
appendTestMessage("- failed");
return false;
}
// user login accepted
appendTestMessage("user login accepted");
$ret = isUserAccepted("aUser", "");
if ($ret) {
appendTestMessage("- ok");
} else {
appendTestMessage("- failed");
return false;
}
// user login not accepted
appendTestMessage("user login not accepted");
$ret = isUserAccepted("aUser", "wrongpassword");
if (!$ret) {
appendTestMessage("- ok");
} else {
appendTestMessage("- failed");
return false;
}
// user name login not accepted
appendTestMessage("user name for login not accepted");
$ret = isUserAccepted("wronguser", "wrongpassword");
if (!$ret) {
appendTestMessage("- ok");
} else {
appendTestMessage("- failed");
return false;
}
// change password wrong password
appendTestMessage("Change password but wrong old password");
$ret = changePassword("aUser", "wrong", "xyz");
if (!$ret) {
appendTestMessage("- ok");
} else {
appendTestMessage("- failed");
return false;
}
// change password
appendTestMessage("Change password");
$ret = changePassword("aUser", "", "newpassword");
if ($ret) {
appendTestMessage("- ok");
} else {
appendTestMessage("- failed");
return false;
}
// remove not existing user
appendTestMessage("Remove not existing user");
$ret = removeUser("bUser", "p");
if ($ret) {
appendTestMessage("- ok");
} else {
appendTestMessage("- failed");
return false;
}
// remove existing user
appendTestMessage("Remove existing user");
$ret = removeUser("aUser", "newpassword");
if ($ret) {
appendTestMessage("- ok");
} else {
appendTestMessage("- failed");
return false;
}
// Is admin
appendTestMessage("Is eUser the admin?");
$ret = isAdmin('eUser');
if (!$ret) {
appendTestMessage("- ok");
} else {
appendTestMessage("- failed");
return false;
}
// Is admin
appendTestMessage("Is admin the admin?");
$ret = isAdmin('admin');
if ($ret) {
appendTestMessage("- ok");
} else {
appendTestMessage("- failed");
return false;
}
// Is admin
appendTestMessage("Is AdMin the admin?");
$ret = isAdmin('AdMin');
if ($ret) {
appendTestMessage("- ok");
} else {
appendTestMessage("- failed");
return false;
}
return true;
}
<?php
session_start();
require 'functions.php';
if (isset($_POST['forgot']) && isset($_POST['email']) && isset($_POST['username'])) {
die(forgotPassword($_POST['email'], $_POST['username']));
}
if (isset($_POST['reset']) && isset($_POST['key']) && isset($_POST['password'])) {
die(changePassword($_POST['key'], $_POST['password']));
}
if (!isset($_SESSION['loggedin']) && !isset($_SESSION['installer'])) {
die;
}
/**
* Holds the functions which the server calls asynchronously.
*/
if (isset($_POST['newHost']) && isset($_SESSION['superadmin'])) {
die(addNewHost());
}
if (isset($_POST['notificationsRead'])) {
setNotificationsAsRead();
}
if (isset($_GET['getAllNotifications'])) {
die(getNotificationsDataTable());
}
if (isset($_POST['removeNotification']) && isset($_POST['notification_id'])) {
removeNotification();
}
if (isset($_POST['deleteAllNotifications'])) {
removeAllNotifications();
}
<?php
require_once 'session.php';
require_once 'shared.php';
require_once 'header.php';
if (isset($_POST['passwordChangeType'])) {
changePassword($_POST['passwordChangeType']);
} else {
displayForm();
}
function changePassword($passwordChangeType)
{
$infos = null;
$errors = null;
try {
if ($passwordChangeType == 'set' && isset($_POST['userId']) && isset($_POST['passwordOne'])) {
if ($_POST['passwordOne'] == $_POST['passwordConfirm']) {
WorkbenchContext::get()->getPartnerConnection()->setPassword($_POST['userId'], $_POST['passwordOne']);
$infos[] = "Successfully set password for " . $_POST['userId'];
} else {
$errors[] = "Passwords must match, and don't be sneaky and turn off JavaScript";
}
} else {
if ($passwordChangeType == 'reset' && isset($_POST['userId'])) {
$changePasswordResult = WorkbenchContext::get()->getPartnerConnection()->resetPassword($_POST['userId']);
$infos[] = "Successfully reset password for " . $_POST['userId'];
}
}
} catch (Exception $e) {
$errors[] = $e->getMessage();
}
<?php
if (!isset($_SESSION)) {
session_start();
}
include_once "functions.php";
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$oldPassword = $_POST['oldPassword'];
$username = $_SESSION['loggedIn'];
$password = $_POST['password'];
if (isUserAdmin($username) || isset($oldPassword) && crypt($oldPassword, getSalt()) == getPassword($username)) {
include_once "functions.php";
changePassword($username, $password);
} else {
echo "denied";
}
}
<?php
require_once "UserClass.php";
require_once "dataValidation.php";
session_start();
$refererPage = "mainMenusPage_TABLE.php";
$SelfrefererPage = "userDetailes.php";
include "validateSession.php";
//validate session
if (isset($_POST[userUpdateSave])) {
$loggedUser->updateUserData($_POST);
}
changePassword($loggedUser);
$loggedUser->refresh();
?>
<html>
<style type="text/css">
@import url(zivStyle.css);
</style>
<script language="javascript" src="javascripts/javaScriptFunctions.js"></script>
<head></head>
<body>
<form method="POST" action="userDetailes.php" name="USER_DETAILS">
<?php
if (isset($_POST[editUserData])) {
$loggedUser->getUserInfoHTML(-1);
//allow the editing to be done only for updating data
} else {
$loggedUser->getUserInfoHTML(false, true);
}
?>
echo json_encode(array("id" => $id));
return;
} else {
if ($action == "remove") {
if (!check_role("admin")) {
return;
}
removeUser($value);
echo json_encode(array("message" => "done"));
return;
} else {
if ($action == "changePassword") {
if ($value != $user_name) {
return;
}
$ok = changePassword($value, $value2);
if ($ok) {
echo json_encode(array("message" => "done"));
} else {
echo json_encode(array("message" => "failed"));
}
return;
} else {
if ($action == "addRole") {
if (!check_role("admin")) {
return;
}
$ret = addRoleToUser($value, $value2);
if ($ret) {
echo json_encode(array("message" => "done"));
} else {
if ($connection) {
switch ($code) {
case 10:
delete($connection, "DELETE FROM users WHERE username='******'", "users", "username", $textInput);
break;
case 11:
search($connection, "SELECT * FROM users WHERE username LIKE '%{$textInput}%' OR mail LIKE '%{$textInput}%'", "users");
break;
case 12:
search($connection, "SELECT * FROM users WHERE username LIKE '%{$textInput}%'", "users");
break;
case 13:
search($connection, "SELECT * FROM users WHERE mail LIKE '%{$textInput}%'", "users");
break;
case 14:
changePassword($connection, $textInput, $password);
break;
case 15:
setActive($connection, $textInput);
break;
case 16:
upgradeAccount($connection, $textInput);
break;
case 17:
addUser($connection, $firstname, $sirname, $username, $sex, $password, $tel, $mail, $geb, $plz, $country, $city, $street, $housenr, $picture, $isActivated, $isRetailer, $maximum);
break;
case 18:
editUser($connection, $username, $mail);
break;
case 19:
contactUser($connection, $firstname, $mail);
function update($user)
{
$db = new MysqliDb();
$user_decoded = json_decode($user);
$db->where('cliente_id', $user_decoded->cliente_id);
if (array_key_exists('nro_doc', $user_decoded)) {
$nro_doc = $user_decoded->nro_doc;
} else {
$nro_doc = '';
}
if (array_key_exists('tipo_doc', $user_decoded)) {
$tipo_doc = $user_decoded->tipo_doc;
} else {
$tipo_doc = 0;
}
if (array_key_exists('fecha_nacimiento', $user_decoded)) {
$fecha_nacimiento = $user_decoded->fecha_nacimiento;
} else {
$fecha_nacimiento = '';
}
if (array_key_exists('rol_id', $user_decoded)) {
$rol_id = $user_decoded->rol_id;
} else {
$rol_id = 0;
}
if (array_key_exists('news_letter', $user_decoded)) {
$news_letter = $user_decoded->news_letter;
} else {
$news_letter = 0;
}
$data = array('nombre' => $user_decoded->nombre, 'apellido' => $user_decoded->apellido, 'mail' => $user_decoded->mail, 'tipo_doc' => $tipo_doc, 'nro_doc' => $nro_doc, 'direccion' => $user_decoded->direccion, 'fecha_nacimiento' => $fecha_nacimiento, 'rol_id' => $rol_id, 'news_letter' => $news_letter, 'status' => $user_decoded->status);
if ($user_decoded->password != '') {
changePassword($user_decoded->cliente_id, '', $user_decoded->password);
}
if ($db->update('clientes', $data)) {
echo json_encode(['result' => true]);
} else {
echo json_encode(['result' => false]);
}
}
th { text-align: right; padding: 0.8em; }
#container { text-align: center; width: 500px; margin: 5% auto; }
.msg_yes { margin: 0 auto; text-align: center; color: green; background: #D4EAD4; border: 1px solid green; border-radius: 10px; margin: 2px; }
.msg_no { margin: 0 auto; text-align: center; color: red; background: #FFF0F0; border: 1px solid red; border-radius: 10px; margin: 2px; }
</style>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
</head>
<body>
<div id="container">
<h2>Password Change Page</h2>
<p>Your new password must be 8 characters long or longer and have at least:<br/>
one capital letter, one lowercase letter, & one number.<br/>
You must use a new password, your current password<br/>can not be the same as your new password.</p>
<?php
if (isset($_POST["submitted"])) {
changePassword($_POST['username'], $_POST['oldPassword'], $_POST['newPassword1'], $_POST['newPassword2']);
global $message_css;
if ($message_css == "yes") {
?>
<div class="msg_yes"><?php
} else {
?>
<div class="msg_no"><?php
$message[] = "Your password was not changed.";
}
foreach ($message as $one) {
echo "<p>{$one}</p>";
}
?>
</div><?php
}
$page = $_GET['obj1'];
switch ($page) {
case "password":
if (isOpenIDAccount()) {
die("Since this is an OpenID account, you cannot Change Credentials, try to visit your OpenID provider's web site.");
}
$error = "";
$success = false;
if (@$_GET['obj2'] == "change_password" && isset($_POST["oldpassword"])) {
if (@empty($_POST["oldpassword"]) || @empty($_POST["newpassword1"]) || @empty($_POST["newpassword2"])) {
$error = $treng->_("Inputs missing", "dashboard");
} else {
if ($_POST["newpassword1"] != $_POST["newpassword2"]) {
$error = $treng->_("New passwords don't match", "dashboard");
} else {
$res = changePassword($_POST["oldpassword"], $_POST["newpassword1"]);
$success = $res[0];
if (!$success) {
$error = $res[1];
}
}
}
}
if (@$_GET['obj2'] == "change_email" && isset($_POST["oldpassword"])) {
if (@empty($_POST["oldpassword"]) || @empty($_POST["newemail"])) {
$error = $treng->_("Inputs missing", "dashboard");
} else {
$res = changeEmail($_POST["oldpassword"], $_POST["newemail"]);
$success = $res[0];
if (!$success) {
$error = $res[1];
$upfile = 'upload/' . $_FILES['photo']['name'];
move_uploaded_file($_FILES['photo']['tmp_name'], $upfile);
$img = 'http://test/upload/' . $_FILES['photo']['name'];
mysql_query("UPDATE user_photoes SET photo='{$img}' WHERE user_email='{$email}'");
} else {
return "<tr><td><p class='error'>Неверный тип файла</p></td></tr>";
}
} else {
return "<tr><td><p class='error'>Файл слишком большой</p></td></tr>";
}
} else {
return "<tr><td><p class='error'>Ошибка при загрузке файла</p></td></tr>";
}
}
}
function showPhoto($email)
{
$res = mysql_query("SELECT photo FROM user_photoes WHERE user_email='{$email}'");
$row = mysql_fetch_array($res);
echo $row['photo'];
}
function showCover($email)
{
$res = mysql_query("SELECT cover FROM user_photoes WHERE user_email='{$email}'");
$row = mysql_fetch_array($res);
echo $row['cover'];
}
$change_name = changeName($change_name_NAME, $change_name_PASSWORD, $pass, $email);
$change_password = changePassword($email, $pass, $changePassword_old_password, $changePassword_new_password, $changePassword_new_password2);
$change_cover = uploadCover($_FILES['cover'], $email);
$change_photo = uploadPhoto($_FILES['photo'], $email);
function manejarSesionActiva($module_name, &$smarty, $sDirLocalPlantillas)
{
$sAction = '';
$sContenido = '';
$sAction = getParameter('action');
if (!in_array($sAction, array('', 'checkStatus', 'agentLogout', 'hangup', 'break', 'unbreak', 'transfer', 'confirm_contact', 'schedule', 'saveforms', 'call2phone', 'addCustomer', 'addNote', 'addDelivery', 'viewDelivery', 'addExternalNote', 'viewNote', 'show_call_history', 'update_customer', 'callOut', 'checkDeliveryPermission', 'viewCustomer', 'disableDelivery', 'enableDelivery', 'changePassword'))) {
$sAction = '';
}
// Se verifica si el agente sigue logoneado en la cola de Asterisk
$sAgente = $_SESSION['callcenter']['agente'];
$sExtension = $_SESSION['callcenter']['extension'];
$oPaloConsola = new PaloSantoConsola($sAgente);
$estado = $oPaloConsola->estadoAgenteLogoneado($sExtension);
if ($estado['estadofinal'] != 'logged-in') {
// Se marca el final de la sesión del agente en las tablas de auditoría
$oPaloConsola->logoutAgente();
$_SESSION['callcenter'] = generarEstadoInicial();
}
switch ($sAction) {
case 'checkStatus':
$sContenido = manejarSesionActiva_checkStatus($module_name, $smarty, $sDirLocalPlantillas, $oPaloConsola, $estado);
break;
case 'hangup':
$sContenido = manejarSesionActiva_hangup($oPaloConsola);
break;
case 'agentLogout':
$sContenido = manejarSesionActiva_agentLogout($oPaloConsola);
break;
case 'break':
$sContenido = manejarSesionActiva_agentBreak($oPaloConsola);
break;
case 'unbreak':
$sContenido = manejarSesionActiva_agentUnBreak($oPaloConsola);
break;
case 'transfer':
//$sContenido = manejarSesionActiva_agentTransfer($oPaloConsola);
$sContenido = agentTransfer($oPaloConsola);
break;
case 'viewDelivery':
$sContenido = view_delivery();
break;
case 'viewCustomer':
$sContenido = view_customer();
break;
case 'confirm_contact':
$sContenido = manejarSesionActiva_confirmContact($oPaloConsola, $estado);
break;
case 'schedule':
$sContenido = manejarSesionActiva_scheduleCall($oPaloConsola);
break;
case 'saveforms':
$sContenido = manejarSesionActiva_saveForms($oPaloConsola, $estado);
break;
case 'call2phone':
$sContenido = call2phone();
break;
case 'addCustomer':
$sContenido = addCustomer();
break;
case 'addNote':
$sContenido = addNote();
break;
case 'addExternalNote':
$sContenido = addExternalNote();
break;
case 'viewNote':
$sContenido = viewNote();
break;
case 'addDelivery':
$sContenido = addDelivery();
break;
case 'checkDeliveryPermission':
$sContenido = checkDeliveryPermission();
break;
case 'disableDelivery':
$sContenido = disableDelivery();
break;
case 'enableDelivery':
$sContenido = enableDelivery();
break;
case 'changePassword':
$sContenido = changePassword();
break;
case 'update_customer':
$sContenido = update_customer_HTML($sDirLocalPlantillas);
break;
case 'callOut':
$sContenido = callOut_HTML($sDirLocalPlantillas);
break;
case 'show_call_history':
$sContenido = refreshCallHistory();
break;
default:
if ($estado['estadofinal'] != 'logged-in') {
// Para agente no logoneado, se redirecciona a la página de login
Header('Location: ?menu=' . $module_name);
$sContenido = '';
} else {
$sContenido = manejarSesionActiva_HTML($module_name, $smarty, $sDirLocalPlantillas, $oPaloConsola, $estado);
}
break;
}
$oPaloConsola->desconectarTodo();
return $sContenido;
}
<?php
include_once 'procedures.php';
$val = changePassword($_POST['newPassword'], isAdmin() && isset($_GET['id']) ? $_GET['id'] : getActiveUserID());
switch ($val) {
case 0:
echo "Пароль успешно обновился!";
break;
case 1:
echo "Не удалось обновить пароль в БД!";
break;
case 2:
echo "Проблемы с доступом к БД!";
break;
case 4:
echo "Некорректный пароль";
break;
}
returnAjax(addAlternateEmail($_REQUEST));
break;
case 'removeaccount':
returnAjax(removeAccount($_REQUEST));
break;
case 'verifynewuser':
returnAjax(verifyUserAuth($_REQUEST));
break;
case 'startpasswordreset':
returnAjax(doStartResetPassword($_REQUEST));
break;
case 'finishpasswordreset':
returnAjax(finishResetPassword($_REQUEST));
break;
case 'changepassword':
returnAjax(changePassword($_REQUEST));
break;
default:
returnAjax(getLoginState($_REQUEST, true));
}
}
function doAsyncLogin($get)
{
$u = new UserFunctions();
$totp = empty($get["totp"]) ? false : $get["totp"];
$r = $u->lookupUser($get["username"], $get["password"], true, $totp);
if ($r["status"] === true) {
$return = $u->createCookieTokens($r["data"]);
unset($return["source"]);
unset($return["raw_cookie"]);
unset($return["basis"]);
