function dbreset()
{
$user = $_SESSION['reset_user'];
$hash = $_SESSION['reset_hash'];
$email = $_SESSION['reset_email'];
$pass = getparam('pass', true);
$pass2 = getparam('pass2', true);
$twofa = getparam('2fa', true);
if (nuem($pass) || nuem($pass2)) {
return allow_reset('Enter both passwords');
}
if ($pass2 != $pass) {
return allow_reset("Passwords don't match");
}
if (safepass($pass) !== true) {
return allow_reset('Password is unsafe');
}
$ans = getAtts($user, 'KReset.str,KReset.dateexp');
if ($ans['STATUS'] != 'ok') {
return resetfail();
}
if (!isset($ans['KReset.dateexp']) || $ans['KReset.dateexp'] == 'Y') {
return resetfail();
}
if (!isset($ans['KReset.str']) || $ans['KReset.str'] != $hash) {
return resetfail();
}
$emailinfo = getOpts($user, emailOptList());
if ($emailinfo['STATUS'] != 'ok') {
syserror();
}
$ans = resetPass($user, $pass, $twofa);
if ($ans['STATUS'] != 'ok') {
return resetfail();
}
unset($_SESSION['reset_user']);
unset($_SESSION['reset_hash']);
unset($_SESSION['reset_email']);
$ans = expAtts($user, 'KReset');
$ok = passWasReset($email, zeip(), $emailinfo);
return yok();
}
function displayPassChange($useAdmin, $addUser)
{
$error = '';
$adminLvl = 75;
if (isset($_POST['submitBtn'])) {
// Get user input
$username = isset($_POST['username']) ? $_POST['username'] : '';
$password1 = isset($_POST['password1']) ? $_POST['password1'] : '';
$password2 = isset($_POST['password2']) ? $_POST['password2'] : '';
$admin = isset($_POST['admin']) ? $_POST['admin'] : '';
if (!$addUser) {
$error .= resetPass($username, $password1, $password2, $admin);
} else {
$error .= registerUser($username, $password1, $password2, $admin);
}
}
if (!isset($_POST['submitBtn']) || $error != '') {
if (!$addUser) {
echo '<h3>Change Password or Admin Level</h3>';
} else {
echo '<div class="caption">Add User</div>';
}
?>
<div id="icon"> </div>
<div id="results"></div>
<form action="<?php
echo $_SERVER['REQUEST_URI'];
?>
" method="post" name="registerform">
<table width="100%"><a href="<?php
echo $_SERVER['PHP_SELF'];
?>
">Back</a><br /><br /><?php
if ($useAdmin && $addUser) {
?>
<tr><td>Username:</td><td> <input class="text" name="username" type="text" value="<?php
if (!$addUser) {
echo $_SESSION['userName'];
}
?>
" />
<?php
}
if ($_SESSION['admin'] >= $adminLvl && $useAdmin && !$addUser) {
echo '<tr><td>Username:</td><td><SELECT name="username">';
showAllUsers();
echo ' </SELECT>';
}
if (!$useAdmin && !$addUser) {
?>
<input name="username" type="hidden" value="<?php
echo $_SESSION['userName'];
?>
" />
<input name="admin" type="hidden" value="<?php
echo $_SESSION['admin'];
?>
" />
<tr><td>Username:</td><td><?php
echo $_SESSION['userName'];
?>
<?php
}
?>
</td></tr>
<tr><td>Password:</td><td> <input class="text" name="password1" type="password" /></td></tr>
<tr><td>Confirm password:</td><td> <input class="text" name="password2" type="password" /></td></tr><?php
if ($_SESSION['admin'] >= $adminLvl && $useAdmin) {
?>
<tr><td>Admin Level:</td><td>
<?php
showAdminLvls();
?>
</td></tr>
<?php
}
?>
<tr><td colspan="2" align="center">
<input class="text" type="submit" name="submitBtn" value="<?php
if (!$addUser) {
echo "Change Password";
} else {
echo "Add User";
}
?>
" />
</td></tr>
</table>
</form>
<?php
}
if (isset($_POST['submitBtn'])) {
?>
<div class="caption">Result:</div>
<div id="icon2"> </div>
<div id="result">
<table width="100%"><tr><td><br/>
<?php
if (empty($error) && !$addUser) {
echo " Password was successfully changed!<br/><br/>";
//history('Changed Password');
} else {
if ($empty($error) && $useAdmin && $addUser) {
echo "User Added!!!<br/><br/>";
?>
<a href="<?php
echo $_SERVER['REQUEST_URI'];
?>
">Add Another User</a><br /><?php
//history('Changed Password');
echo ' <a href="/">Home</a>';
} else {
echo $error;
}
}
?>
<br/><br/><br/></td></tr></table>
</div>
<?php
}
}
case "deletefaq":
$fids = explode(":", $_GET['fids']);
foreach ($fids as $fid) {
helpDelete($fid);
}
break;
case "faqpublish":
$fids = explode(":", $_GET['fids']);
foreach ($fids as $fid) {
helpPublish($fid);
}
break;
case "passreset":
$uids = explode(":", $_GET['uids']);
foreach ($uids as $uid) {
resetPass($uid);
}
break;
case "migratetime":
$exp = getAllExperiments();
$eresults = array();
$counts = array("total" => 0, "Human Readable" => 0, "Human Readable - Unparsable" => 0, "Can not find time field" => 0, "Not Human Readable" => 0, "Unknown" => 0, "No Sessions Found" => 0, "Experiment Does Not Use Time" => 0);
foreach ($exp as $e) {
$eid = $e['experiment_id'];
// echo $eid . "<br/>";
if (($field_name = experimentHasTime($eid)) !== FALSE) {
$session_types = array();
$sessions = getSessionsForExperiment($eid);
if ($sessions != FALSE) {
//foreach($sessions as $session) {
for ($i = 0; $i < count($sessions); $i++) {