Beispiel #1
0
function dbreset()
{
    $user = $_SESSION['reset_user'];
    $hash = $_SESSION['reset_hash'];
    $email = $_SESSION['reset_email'];
    $pass = getparam('pass', true);
    $pass2 = getparam('pass2', true);
    $twofa = getparam('2fa', true);
    if (nuem($pass) || nuem($pass2)) {
        return allow_reset('Enter both passwords');
    }
    if ($pass2 != $pass) {
        return allow_reset("Passwords don't match");
    }
    if (safepass($pass) !== true) {
        return allow_reset('Password is unsafe');
    }
    $ans = getAtts($user, 'KReset.str,KReset.dateexp');
    if ($ans['STATUS'] != 'ok') {
        return resetfail();
    }
    if (!isset($ans['KReset.dateexp']) || $ans['KReset.dateexp'] == 'Y') {
        return resetfail();
    }
    if (!isset($ans['KReset.str']) || $ans['KReset.str'] != $hash) {
        return resetfail();
    }
    $emailinfo = getOpts($user, emailOptList());
    if ($emailinfo['STATUS'] != 'ok') {
        syserror();
    }
    $ans = resetPass($user, $pass, $twofa);
    if ($ans['STATUS'] != 'ok') {
        return resetfail();
    }
    unset($_SESSION['reset_user']);
    unset($_SESSION['reset_hash']);
    unset($_SESSION['reset_email']);
    $ans = expAtts($user, 'KReset');
    $ok = passWasReset($email, zeip(), $emailinfo);
    return yok();
}
Beispiel #2
0
function displayPassChange($useAdmin, $addUser)
{
    $error = '';
    $adminLvl = 75;
    if (isset($_POST['submitBtn'])) {
        // Get user input
        $username = isset($_POST['username']) ? $_POST['username'] : '';
        $password1 = isset($_POST['password1']) ? $_POST['password1'] : '';
        $password2 = isset($_POST['password2']) ? $_POST['password2'] : '';
        $admin = isset($_POST['admin']) ? $_POST['admin'] : '';
        if (!$addUser) {
            $error .= resetPass($username, $password1, $password2, $admin);
        } else {
            $error .= registerUser($username, $password1, $password2, $admin);
        }
    }
    if (!isset($_POST['submitBtn']) || $error != '') {
        if (!$addUser) {
            echo '<h3>Change Password or Admin Level</h3>';
        } else {
            echo '<div class="caption">Add User</div>';
        }
        ?>
        <div id="icon">&nbsp;</div>
        <div id="results"></div>
        <form action="<?php 
        echo $_SERVER['REQUEST_URI'];
        ?>
" method="post" name="registerform">
		<table width="100%"><a href="<?php 
        echo $_SERVER['PHP_SELF'];
        ?>
">Back</a><br /><br /><?php 
        if ($useAdmin && $addUser) {
            ?>
            <tr><td>Username:</td><td> <input class="text" name="username" type="text" value="<?php 
            if (!$addUser) {
                echo $_SESSION['userName'];
            }
            ?>
"  />
			<?php 
        }
        if ($_SESSION['admin'] >= $adminLvl && $useAdmin && !$addUser) {
            echo '<tr><td>Username:</td><td><SELECT name="username">';
            showAllUsers();
            echo ' </SELECT>';
        }
        if (!$useAdmin && !$addUser) {
            ?>
			<input name="username" type="hidden" value="<?php 
            echo $_SESSION['userName'];
            ?>
"  />
			<input name="admin" type="hidden" value="<?php 
            echo $_SESSION['admin'];
            ?>
"  />
			<tr><td>Username:</td><td><?php 
            echo $_SESSION['userName'];
            ?>
			<?php 
        }
        ?>
            </td></tr>
            <tr><td>Password:</td><td> <input class="text" name="password1" type="password" /></td></tr>
            <tr><td>Confirm password:</td><td> <input class="text" name="password2" type="password" /></td></tr><?php 
        if ($_SESSION['admin'] >= $adminLvl && $useAdmin) {
            ?>
			<tr><td>Admin Level:</td><td> 
			<?php 
            showAdminLvls();
            ?>
			</td></tr>
				<?php 
        }
        ?>
		
			<tr><td colspan="2" align="center">
				<input class="text" type="submit" name="submitBtn" value="<?php 
        if (!$addUser) {
            echo "Change Password";
        } else {
            echo "Add User";
        }
        ?>
" />
			</td></tr>
		</table>  
		</form>
    <?php 
    }
    if (isset($_POST['submitBtn'])) {
        ?>
        <div class="caption">Result:</div>
        <div id="icon2">&nbsp;</div>
        <div id="result">
            <table width="100%"><tr><td><br/>
    <?php 
        if (empty($error) && !$addUser) {
            echo " Password was successfully changed!<br/><br/>";
            //history('Changed Password');
        } else {
            if ($empty($error) && $useAdmin && $addUser) {
                echo "User Added!!!<br/><br/>";
                ?>
<a href="<?php 
                echo $_SERVER['REQUEST_URI'];
                ?>
">Add Another User</a><br /><?php 
                //history('Changed Password');
                echo ' <a href="/">Home</a>';
            } else {
                echo $error;
            }
        }
        ?>
                    <br/><br/><br/></td></tr></table>
            </div>
                    

    <?php 
    }
}
Beispiel #3
0
 case "deletefaq":
     $fids = explode(":", $_GET['fids']);
     foreach ($fids as $fid) {
         helpDelete($fid);
     }
     break;
 case "faqpublish":
     $fids = explode(":", $_GET['fids']);
     foreach ($fids as $fid) {
         helpPublish($fid);
     }
     break;
 case "passreset":
     $uids = explode(":", $_GET['uids']);
     foreach ($uids as $uid) {
         resetPass($uid);
     }
     break;
 case "migratetime":
     $exp = getAllExperiments();
     $eresults = array();
     $counts = array("total" => 0, "Human Readable" => 0, "Human Readable - Unparsable" => 0, "Can not find time field" => 0, "Not Human Readable" => 0, "Unknown" => 0, "No Sessions Found" => 0, "Experiment Does Not Use Time" => 0);
     foreach ($exp as $e) {
         $eid = $e['experiment_id'];
         // echo $eid . "<br/>";
         if (($field_name = experimentHasTime($eid)) !== FALSE) {
             $session_types = array();
             $sessions = getSessionsForExperiment($eid);
             if ($sessions != FALSE) {
                 //foreach($sessions as $session) {
                 for ($i = 0; $i < count($sessions); $i++) {