function verifyPasswd($inputPass, $correctPass)
{
if (empty($correctPass)) {
return false;
}
if (substr($correctPass, 0, 6) == '$apr1$') {
if (cryptMD5Pass($inputPass, $correctPass) == $correctPass) {
return true;
}
return false;
}
if (substr($correctPass, 0, 6) == '{SHA}') {
$para_arr = array('passwd' => $inputPass);
if (genPass($para_arr, 'SHA') == $correctPass) {
return true;
}
return false;
}
if (crypt($inputPass, $correctPass) == $correctPass) {
return true;
}
return false;
}
// Input fields that have already been included in the form, either as hidden or as normal inputs
$input_fields = array();
$phpSysInfoURL = '../admin/sysinfo/';
// step 0 initialise variables
if (isset($_POST['welcomeScreen'])) {
$dbHostForm = 'localhost';
$dbUsernameForm = 'root';
$dbNameForm = 'eclass';
$dbMyAdmin = '';
$urlForm = ((isset($_SERVER['HTTPS']) and $_SERVER['HTTPS']) ? 'https://' : 'http://') .
$_SERVER['SERVER_NAME'] .
str_replace('/install/index.php', '/', $_SERVER['SCRIPT_NAME']);
$emailForm = $_SERVER['SERVER_ADMIN'];
$nameForm = $langDefaultAdminName;
$loginForm = 'admin';
$passForm = genPass();
$campusForm = 'Open eClass';
$helpdeskForm = '+30 2xx xxxx xxx';
$institutionForm = $langDefaultInstitutionName;
$institutionUrlForm = 'http://www.gunet.gr/';
$dbPassForm = $helpdeskmail = $faxForm = $postaddressForm = '';
$eclass_stud_reg = 2;
$eclass_prof_reg = 1;
} else {
register_posted_variables(array(
'lang' => true,
'dbHostForm' => true,
'dbUsernameForm' => true,
'dbNameForm' => true,
'dbPassForm' => true,
$info['email'] = '';
}
if (!empty($am)) {
if (!isset($info['id']) or empty($info['id'])) {
$info['id'] = $am;
} else {
$info['id'] = $am . ' - ' . $info['id'];
}
}
$surname = isset($info['last']) ? $info['last'] : '';
$givenname = isset($info['first']) ? $info['first'] : '';
if (!isset($info['username'])) {
$info['username'] = create_username($newstatus, $departments, $surname, $givenname, $_POST['prefix']);
}
if (!isset($info['password'])) {
$info['password'] = genPass();
}
$new = create_user($newstatus, $info['username'], $info['password'], $surname, $givenname, @$info['email'], $departments, @$info['id'], @$info['phone'], $_POST['lang'], $send_mail, $email_public, $phone_public, $am_public);
if ($new === false) {
$unparsed_lines .= q($line . "\n" . $error . "\n");
} else {
$new_users_info[] = $new;
// Now, the $userl array should contain only course codes
foreach ($userl as $ccode) {
if (!register($new[0], $ccode)) {
$unparsed_lines .= sprintf($langMultiRegCourseInvalid . "\n", q("{$info['last']} {$info['first']} ({$info['username']})"), q($ccode));
}
}
}
} else {
$unparsed_lines .= $line;
} // endif(isset($_GET['provider'])) {
}
}
//Show message if exists
if (isset($_GET['msg'])) {
$urlText = '';
$type = 'caution';
switch ($_GET['msg']) {
case 1: //profile information changed successfully
$message = $langProfileReg;
$urlText = "<br /><a href='$urlServer'>$langHome</a>";
$type = "success";
break;
case 3: //pass too easy
$message = $langPassTooEasy . ": <strong>" . genPass() . "</strong>";
break;
case 4: // empty fields check
$message = $langFieldsMissing;
break;
case 5: //username already exists
$message = $langUserFree;
break;
case 6: //email not valid
$message = $langEmailWrong;
break;
case 7: //invalid image
$message = $langInvalidPicture;
break;
case 10: // invalid characters
$message = $langInvalidCharsUsername;
}
}
// display actions toolbar
} elseif (@$_GET['type'] == 'user') {
$pstatus = 5;
} else {
$pstatus = 1;
}
if ($pstatus == 5) {
$pageName = $langUserDetails;
$title = $langInsertUserInfo;
} else {
$pageName = $langProfReg;
$title = $langNewProf;
}
$tool_content .= "<div class='form-wrapper'>\n <form class='form-horizontal' role='form' action='{$_SERVER['SCRIPT_NAME']}' method='post' onsubmit='return validateNodePickerForm();'>\n <fieldset>\n <div class='form-group'>\n <label for='Name' class='col-sm-2 control-label'>{$langName}:</label>\n <div class='col-sm-10'>\n <input class='form-control' id='Name' type='text' name='givenname_form' value='" . q($pn) . "' placeholder='{$langName}'>\n </div>\n </div>\n <div class='form-group'>\n <label for='Sur' class='col-sm-2 control-label'>{$langSurname}:</label>\n <div class='col-sm-10'>\n <input class='form-control' id='Sur' type='text' name='surname_form' value='" . q($ps) . "' placeholder='{$langSurname}'>\n </div>\n </div>\n <div class='form-group'>\n <label for='Username' class='col-sm-2 control-label'>{$langUsername}:</label>\n <div class='col-sm-10'>\n <input class='form-control' id='Username' type='text' name='uname' value='" . q($pu) . "' autocomplete='off' placeholder='{$langUsername}'>\n </div>\n </div>\n <div class='form-group'>\n <label for='passsword' class='col-sm-2 control-label'>{$langPass}:</label>\n <div class='col-sm-10'>\n <input class='form-control' type='text' name='password' value='" . genPass() . "' id='password' autocomplete='off' placeholder='{$langPass}'/><span id='result'></span>\n </div>\n </div>\n <div class='form-group'>\n <label for='email' class='col-sm-2 control-label'>{$langEmail}:</label>\n <div class='col-sm-10'>\n <input class='form-control' id='email' type='text' name='email_form' value='" . q($pe) . "' palceholder='{$langEmail}'>\n </div>\n </div>\n <div class='form-group'>\n <label for='emailverified' class='col-sm-2 control-label'>{$langEmailVerified}:</label>\n <div class='col-sm-10'>";
$verified_mail_data = array(0 => $m['pending'], 1 => $m['yes'], 2 => $m['no']);
if (isset($pv)) {
$tool_content .= selection($verified_mail_data, "verified_mail_form", $pv, "class='form-control'");
} else {
$tool_content .= selection($verified_mail_data, "verified_mail_form", '', "class='form-control'");
}
$tool_content .= "</div></div>\n <div class='form-group'>\n <label for='phone' class='col-sm-2 control-label'>{$langPhone}:</label>\n <div class='col-sm-10'> \n <input class='form-control' id='phone' type='text' name='phone' value='" . q($pphone) . "' placeholder='{$langPhone}'>\n </div>\n </div>\n <div class='form-group'>\n <label for='faculty' class='col-sm-2 control-label'>{$langFaculty}:</label>\n <div class='col-sm-10'>";
$depid = isset($pt) ? $pt : null;
if (isDepartmentAdmin()) {
list($js, $html) = $tree->buildNodePicker(array('params' => 'name="department"', 'defaults' => $depid, 'tree' => null, 'useKey' => 'id', 'where' => "AND node.allow_user = true", 'multiple' => false, 'allowables' => $user->getDepartmentIds($uid)));
} else {
list($js, $html) = $tree->buildNodePicker(array('params' => 'name="department"', 'defaults' => $depid, 'tree' => null, 'useKey' => 'id', 'where' => "AND node.allow_user = true", 'multiple' => false));
}
$head_content .= $js;
$tool_content .= $html;
$head_content .= $tree_js;
if ($eclass_method_unique) {
$tool_content .= "<input type='hidden' name='auth_form' value='1'>";
} else {
$auth_m = array();
foreach ($active_auth_methods as $m) {
$auth_m[$m] = get_auth_info($m);
}
formGroup('auth_selection', $langEditAuthMethod,
selection($auth_m, 'auth_form', '', "id='auth_selection' class='form-control'"));
}
formGroup('passsword_form', $langPass,
"<input class='form-control' type='text' name='password'" .
getValue('password', genPass()) . " id='password' autocomplete='off' placeholder='" . q($langPass) . "'><span id='result'></span>");
if (get_config('email_required')) {
$email_message = "$langEmail $langCompulsory";
} else {
$email_message = "$langEmail $langOptional";
}
formGroup('email_form', $langEmail,
"<input class='form-control' id='email_form' type='text' name='email_form'" .
getValue('email_form', $pe) . " placeholder='" . q($email_message) . "'>");
formGroup('verified_mail_form', $langEmailVerified,
selection($verified_mail_data, "verified_mail_form", $pv, "class='form-control'"));
formGroup('phone_form', $langPhone,
"<input class='form-control' id='phone_form' type='text' name='phone_form'" .
getValue('phone_form', $pphone) . " placeholder='" . q($langPhone) . "'>");
formGroup('faculty', $langFaculty, $tree_html);
<?php
require '../include/include.php';
//connecting to database
function genPass()
{
$possibleChars = 'abcdefghijklmnopqrstuvxyz123456789';
$password = array();
$length = strlen($possibleChars) - 1;
for ($i = 0; $i < 8; $i++) {
$random = rand(0, $length);
$password[] = $possibleChars[$random];
}
return implode($password);
}
$query = 'INSERT INTO users VALUES
("","' . $_POST['userName'] . '","' . genPass() . '","' . $_POST['isAdmin'] . '")';
mysql_query($query) or die(mysql_error($db));
$last_id = mysql_insert_id();
$query = 'SELECT * FROM users WHERE idUser='******'<main>
<section>
<form id="infoNewUser" method="POST" class="form__task--new">
<h2>Your new username is ' . $row['userName'] . ' and your new password is ' . $row['userPass'] . '.</h2>
</form>
</section>
</main>';