$user = mysql_fetch_assoc(getUserByID(getSessionVariable('user_id')));
if($pageid == "savepassword"){
$curpass = $_POST['curpass'];
$newpass = $_POST['newpass'];
$confpass = $_POST['confpass'];
if($curpass != "" && $newpass != "" && $confpass != ""){
if(encrypt($curpass) == $user['password']){
if($newpass == $confpass){
changeUserPassword(getSessionVariable('user_id'), $newpass);
$user = mysql_fetch_assoc(getUserByID(getSessionVariable('user_id')));
$message = "<font color=\"#005500\"><b>Password Updated!</b></font><br><br>";
}
else{
$message = "<font color=\"#FF0000\"><b>Error: The New Passwords Don't Match</b></font><br><br>";
}
}
else{
$userid = $_POST['userid'];
}
$users = "";
$result = getAllUsersOrderByName();
$message = "";
if($pageid == "adminsavepassword"){
if($_POST['newpass'] == $_POST['confpass']){
changeUserPassword($userid, $_POST['newpass']);
}
else{
$message = "Error: Passwords Don't Match<br><br>";
}
}
else if($pageid == "adminsaveemail"){
changeUserEmail($userid, $_POST['email']);
$message = "User Saved!<br><br>";
}
hasRecordBeenRevised($uuid, $user, $pass);
getHospitalLegalese("1");
getHospitalLegaleseAnon("1");
getHospitalLegaleseTimestamps("1");
case '1.9.5':
reportPerson($personXML, $eventShortname, $xmlFormat, $user, $pass);
createPersonUuid($user, $pass);
createPersonUuidBatch($number, $user, $pass);
createNoteUuid($user, $pass);
createNoteUuidBatch($number, $user, $pass);
search("test", "t");
searchWithAuth("test", "t", $user, $pass);
getSessionTimeout();
registerUser("testCaseUser", "*****@*****.**", "testPassword99", "testCaseGiven", "testCaseFamily");
changeUserPassword($user, $pass, $pass);
forgotUsername($email);
checkUserAuth($user, $pass);
getUserStatus($user);
getUserGroup($user);
getEventList();
getEventListUser($user, $pass);
getGroupList();
getHospitalList();
getHospitalData("1");
getHospitalPolicy("1");
}
echo "</table><b>Note: deprecated functions are not listed/tested.</b></body>";
}
function check_find_pwd_SMS($mobile_phone, $SMS, $md5Password)
{
$sql = "SELECT user_id from ecs_users where mobile_phone={$mobile_phone}";
$user_id = $GLOBALS['db']->getOne($sql);
if (empty($user_id)) {
return MOBILE_PHONE_ERROR;
}
$sql = "SELECT short_message from ecs_verified_sms where user_id={$user_id}";
$short_message = $GLOBALS['db']->getOne($sql);
if ($SMS == $short_message) {
if (changeUserPassword($user_id, $md5Password)) {
return 1;
}
return SYSTEM_ERROR;
} else {
return SMS_ERROR;
}
}
<?php
session_start();
if (isset($_POST['updatepassword'])) {
include "dbconnection.php";
$user_loged_id = mysql_real_escape_string($_REQUEST['user_loged_id']);
$old_password = mysql_real_escape_string(md5($_REQUEST['old_password']));
$new_password = mysql_real_escape_string(md5($_REQUEST['new_password']));
$result = getUserById($user_loged_id);
$user = mysql_fetch_array($result);
if ($user['password'] == $old_password) {
changeUserPassword($user_loged_id, $new_password);
header("location:update-password?change");
} else {
header("location:update-password?msg");
}
} else {
header("location:update-password");
}
/*
* To change this license header, choose License Headers in Project Properties.
* To change this template file, choose Tools | Templates
* and open the template in the editor.
*/
