function nss_init_admin() { global $nss; $permissionError = testFilePermissions(); if ($nss->get('plugin_mode') != 'wordpress') { activatePluginMode('wordpress'); } $dynpw = NSS_WP_URL . LOGGED_IN_KEY . date('d') . AUTH_KEY; $_SESSION['nss_admin_password'] = $dynpw; if (!is_logged_in($nss)) { updatePassword($dynpw, false); } add_menu_page('neosmart-stream-admin', 'neosmart STREAM', 'manage_options', 'neosmart-stream', 'nss_dashboard', NSS_WP_URL . '/nss-core/nss-icon-16x16.png', 100.3); }
<?php include '../../settings.php'; include '../../inc/login_functions.php'; include '../../inc/helper.php'; include 'functions.php'; $logedIn = access($mysqli); $userData = getUserData($mysqli, $_SESSION['userId']); $updateEmail = updateEmail($mysqli, $_SESSION['userId']); $updateProfile = updateProfile($mysqli, $_SESSION['userId']); $updatePassword = updatePassword($mysqli, $_SESSION['userId']); if ($updateProfile == 1 || $updatePassword == 1 || $updateEmail == 1) { header("Location: updateRedirect.php"); exit; } if ($updatePassword == 2 || $updateEmail == 2) { header("Location: ../../404.php"); exit; } include "../../inc/header.php"; include "../../inc/topNavbar.php"; ?> <section id="main-container"> <?php include "../../inc/leftNavbar.php"; ?> <!--Page main section start--> <section id="min-wrapper">
if ($envoi == 1) { updateInfosPerso($_SESSION['ID'], $_POST['nom'], $_POST['prenom'], $_POST['mail'], $_POST['adresse'], $_POST['codepostal'], $_POST['ville'], $_POST['pays']); if ($_POST['changePassword'] != '' or $_POST['changePassword2'] != '') { $envoi2 = 1; //vérification du password $send[] = verificationFormulaire($_POST['changePassword'], $rgxPassword, 'Erreur dans votre mot de passe. Les modifications de profil ont été envoyés mais votre mot de passe n\'a pas été modifié !', false); //vérif correspondance password 1 & 2 if ($_POST['changePassword'] != $_POST['changePassword2']) { $send[] = 'Les deux nouveaux mots de passe ne correspondent pas. Les modifications de profil ont été envoyés mais votre mot de passe n\'a pas été modifié !'; } //vérif old password $passwordOld = sha1($_POST['changePasswordOld']); $verifOldPwdArray = selectIDmembre($_SESSION['pseudo'], $passwordOld); if (!$verifOldPwdArray) { $send[] = 'Erreur dans votre ancien mot de passe. Les modifications de profil ont été envoyés mais votre mot de passe n\'a pas été modifié !'; } foreach ($send as $element) { if ($element != '') { $envoi2 = 0; break; } } if ($envoi2 == 1) { //on crypte le mot de passe si le champs a été correctement rempli $password = sha1($_POST['changePassword']); include_once 'modele/membre/panel_updatePassword.php'; updatePassword($_SESSION['ID'], $password); } } } include_once 'vue/membre/panelEnvoi.php';
<?php require 'controller.php'; $email = $_POST['email']; $password = $_POST['password']; $message = updatePassword($email, $password); echo $message;
if (isset($_POST["password"])) { $password = $_POST["password"]; } if ($LDAP) { $ldapuser = $username; if ($LDAP_DOMAIN != "") { $ldapuser = $LDAP_DOMAIN . "\\" . $username; } $ldap = ldap_connect($LDAP_SERVER); if ($bind = ldap_bind($ldap, $ldapuser, $password)) { $cost = 10; $salt = strtr(base64_encode(mcrypt_create_iv(16, MCRYPT_DEV_URANDOM)), '+', '.'); $salt = sprintf("\$2a\$%02d\$", $cost) . $salt; $hash = crypt($password, $salt); $token = storeUsername($username, $hash); $token = updatePassword($username, $hash); $user = getUserRecord($username); setcookie("user_id", $user['user_id']); setcookie("username", $username); setcookie("token", $token); header("Location: index.php"); exit; } else { $error = "Username and password do not match."; } } else { $user = getUserRecord($username); if (crypt($password, $user['hash']) == $user['hash']) { setcookie("user_id", $user['user_id']); setcookie("username", $username); setcookie("token", $user['token']);
$newPasswordConfirm = $_POST['NewPasswordConfirm']; } // On vérifie si des champs sont vides if (empty($newPassword) || empty($newPasswordConfirm)) { $error_fieldsempty = '- Un ou plusieurs champs de texte sont vides. Veuillez les remplir. \\n'; $i++; } // Si le mot de passe et sa confirmation ne correspondent pas if ($newPassword != $newPasswordConfirm) { $error_passwordconfirm = '- Le mot de passe et sa confirmation sont différents. \\n'; $i++; } // Si le mot de passe est trop petit if (strlen($newPassword) < 6 && !empty($newPassword)) { $error_passwordwrongsize = '- Votre mot de passe doit contenir au minimum huit caractères. \\n'; $i++; } // S'il n'y a aucune erreur if ($i == 0) { updatePassword($noUser, createHash($newPassword)); header('Location: ../view/view_update_password.php'); $_SESSION['success_update_password'] = "******"; } else { setErrors(); header('Location: ../view/view_update_password.php'); } function setErrors() { global $error_passwordconfirm, $error_fieldsempty, $error_passwordwrongsize; $_SESSION['errors_update_password'] = '******' . $error_passwordconfirm . $error_fieldsempty . $error_passwordwrongsize; }
checkSession(); $user_data = getUserData($_SESSION['gebruiker_id']); //voor wachtwoord wijzigen if ($_SERVER['REQUEST_METHOD'] == 'POST') { //checken als er gegevens ingevoerd zijn if (isset($_POST['wijzigen'])) { $match = password_verify($_POST["huidig"], $user_data["wachtwoord"]); if ($match === FALSE) { $_SESSION["message"] = "Wachtwoord onjuist"; } else { $nieuw = $_POST["nieuw"]; $nieuwheraal = $_POST["nieuwheraal"]; if (passTest($nieuw, $nieuwheraal) === TRUE) { $user_id = $_SESSION['gebruiker_id']; $nieuw = password_hash($nieuw, PASSWORD_BCRYPT); updatePassword($nieuw, $user_id); $_SESSION['message-success'] = 'Uw wachtwoord is gewijzigd!'; } } } } $pagename = "settings"; ?> <?php include ROOT_PATH . "includes/templates/header.php"; //als docent ingelogd is sidebar-docent anders sidebar-leerling if (checkRole($_SESSION['gebruiker_id']) == 2) { include ROOT_PATH . "includes/templates/sidebar-docent.php"; } else { include ROOT_PATH . "includes/templates/sidebar-leerling.php";
//} switch ($action) { case 'login': login(); break; case 'logout': logout(); break; case 'register': register(); break; case 'update': update(); break; case 'updatePassword': updatePassword(); break; case 'addImage': addImage(); break; case 'updateGroupImage': updateGroupImage(); break; case 'createGroup': createGroup(); break; case 'acceptGroupRequest': acceptGroupRequest(); break; case 'declineGroupRequest': declineGroupRequest();
$stmt = $mysql->prepare("SELECT state,password,password_salt,id from users where (username = ? or email = ?)"); $stmt->bind_param('ss', $username, $username); $stmt->execute(); $stmt->bind_result($method, $password_h, $password_salt, $uid); $stmt->fetch(); $stmt->close(); if (isValidMd5($password_h)) { $cv_hash = cv_hash($password); if ($password_h == $cv_hash) { updatePassword($uid, $password); $login = true; } } elseif ($method != 3) { $nc_hash = hashpass($password); if ($password_h == $nc_hash) { updatePassword($uid, $password); $login = true; } } else { $options = ['cost' => 11, 'salt' => $password_salt]; $pwd_h = password_hash($password, PASSWORD_BCRYPT, $options); if ($password_h == $pwd_h) { $login = true; } } if ($login) { $ip = stripslashes($_SERVER['REMOTE_ADDR']); $login_q = $mysql->prepare("SELECT users.id as id,username,email,rank,user_titles.title as title from users left join user_titles on user_titles.id = users.rank where users.id = ?"); $login_q->bind_param('i', $uid); $login_q->execute(); $login_q->bind_result($id, $qusername, $qemail, $qrank, $qtitle);
<?php include_once '../connection/connection.php'; include_once '../connection/dbFogetPassword.php'; if (isset($_POST['changePassword'])) { $conn = connect(); if ($conn->connect_error) { die("Connection failed:" . $conn->connect_error); } else { echo "ghfh"; updatePassword($_POST); header('location:signin.php'); } } ?> <html> <head> <link rel="stylesheet" type="text/css" href="../css/style.css"> </head> <body> <div class=upperHeader> Reset Password</div> <form method='Post' action=''> <table> <tr> <td> Enter your Email address </td> <td> <input type=text name=email> </td> </tr>
updatePassword($result["id"], $result["password"]); echo json_encode(array("id" => $result["id"], "message" => "Add user successfully")); } catch (Exception $e) { echo $e->getMessage(); } }); /* User Update */ $app->put('/user/:id/:jsondata', function ($id, $jsondata) use($app, $db) { try { $updateUserData = json_decode($jsondata, true); $app->response()->header('Content-Type', 'application/json'); $user = $db->users()->where('id', $id); if ($user) { $result = $user->update($updateUserData); if ($user->update(['password' => $user->update($updateUserData)])) { updatePassword($id, $updateUserData["password"]); } echo json_encode(array("status" => (bool) $result, "message" => "User updated successfully")); } else { echo json_encode(array("status" => false, "message" => "User id {$id} does not exist")); } } catch (Exception $e) { echo $e->getMessage(); } }); /* User Delete */ $app->delete('/user/:id', function ($id) use($app, $db) { try { $app->response()->header('Content-Type', 'application/json'); $user = $db->users()->where('id', $id); if ($user->fetch()) {
require "lib/menu.php"; ?> <script src="js/accountVerif.js" type="text/javascript"></script> <section class="main" id="account"> <?php if (!isConnect()) { echo "<h2>Vous n'êtes pas connecté</h2>\n</section>\n</body>\n</html>\n"; exit; } if (isset($_POST['validPassword'])) { if (isset($errorPassword)) { echo "<ul>\n{$errorPassword}</ul>\n"; } else { if (updatePassword($login, $newpass)) { echo "<h2>Changement de mot de passe réussi</h2>"; } else { echo "<h2>Une erreur s'est produite. Veuillez recommencer, s'il vous plait !</h2>"; } } } if (isset($_POST['validIdentity'])) { if (isset($errorIdentity)) { echo "<ul>\n{$errorIdentity}</ul>\n"; } else { if (count($changes) == 0) { echo "<h2>Aucune modification de l'identité</h2>"; } else { if (updateIdentity($login, $_POST['name'], $_POST['firstname'], $changes)) { echo "<h2>Changement d'identité réussi</h2>";
<?php require "manageDB.php"; $email = $_POST['email']; // definisco mittente e destinatario della mail $nome_mittente = "OpenIdeas"; $mail_mittente = ""; $mail_destinatario = "{$email}"; // definisco il subject $mail_oggetto = "Recupero password"; $newPassword = randomPassword(); updatePassword($email, $newPassword); // definisco il messaggio formattato in HTML $mail_corpo = <<<HTML <html> <head> <title>Recupero password portale OpenIdeas</title> </head> <body> La tua password è stata reimpostata a: {$newPassword} </body> </html> HTML; // aggiusto un po' le intestazioni della mail // E' in questa sezione che deve essere definito il mittente (From) // ed altri eventuali valori come Cc, Bcc, ReplyTo e X-Mailer $mail_headers = "From: " . $nome_mittente . " <" . $mail_mittente . ">\r\n"; $mail_headers .= "Reply-To: " . $mail_mittente . "\r\n"; $mail_headers .= "X-Mailer: PHP/" . phpversion() . "\r\n"; // Aggiungo alle intestazioni della mail la definizione di MIME-Version, // Content-type e charset (necessarie per i contenuti in HTML)
function handleUpdatePW($data) { $uid = $data['userId']; $prePW = $data['prePassword']; //检查密码是否正确 $users = queryUid($uid); $truePW = 0; while ($row = mysql_fetch_array($users)) { $truePW = $row['password']; } if (strcmp($prePW ^ key, $truePW)) { $Response['status'] = 'failed'; $Response['message'] = '当前密码错误'; return $Response; } $newPW = addslashes($data['newPassword'] ^ key); $result = updatePassword($uid, $newPW); if (!$result) { $Response['status'] = 'success'; $Response['message'] = '修改密码成功'; } else { $Response['status'] = 'error'; $Response['message'] = $result; } return $Response; }
along with Cybermin; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA 2006 Namont Nicolas include/post_moncompte.php V0.1 */ // Fichier de post de mon compte / modification du mot de passe if (isset($_POST["submit"])) { $pass1 = $_POST["pass1"]; $pass2 = $_POST["pass2"]; if ($pass1 != "" and $pass2 != "") { if ($pass1 != $pass2) { $mess = getError(7); } else { $result = updatePassword($_SESSION["iduser"], $pass1); if ($result == FALSE) { $mess = getError(0); } else { $mess = getError(8); } } } ///inscription a la newsletter if (FALSE == updateNewsletter($_SESSION["iduser"], $_POST["newsletter"])) { $mess = getError(0); } else { $mess = getError(8); } }
$user_group = $rowOp->user_group; $type_log = 'CONNEXION'; if (version_compare(PHP_VERSION, '5.3.7') >= 0) { require_once 'require/function_users.php'; updatePassword($login, $mdp); } } else { $login_successful = $l->g(180); $type_log = 'BAD CONNEXION'; } } else { $reqOp = "SELECT id,user_group,passwd FROM operators WHERE id='%s'"; $arg_reqOp = array($login); $resOp = mysql2_query_secure($reqOp, $_SESSION['OCS']["readServer"], $arg_reqOp); $rowOp = mysqli_fetch_object($resOp); if (isset($rowOp->id) && password_verify($mdp, $rowOp->passwd)) { if ($oldpassword) { require_once 'require/function_users.php'; updatePassword($login, $mdp); } $login_successful = "OK"; $user_group = $rowOp->user_group; $type_log = 'CONNEXION'; } else { $login_successful = $l->g(180); $type_log = 'BAD CONNEXION'; } } $value_log = 'USER:' . $login; $cnx_origine = "LOCAL"; addLog($type_log, $value_log);
function resetSubmit() { if (!empty($_POST['passwordOne']) && !empty($_POST['passwordTwo']) && isset($_POST['submit'])) { if ($_POST['passwordOne'] == $_POST['passwordTwo']) { //Check passwords match. updatePassword(); } } else { echo '<p class="server-message">Your Passwords did not match, please try again from the link...</p>'; } }
function updatePassword($username, $password) { global $dbConn; $sql = "UPDATE users SET password = :password WHERE username = :username"; $stmt = $dbConn->prepare($sql); $stmt->execute(array(":password" => $password, ":username" => $username)); return $stmt; } if (isset($_POST['newPassword']) && isset($_POST['confirmPassword'])) { $newPassword = $_POST['newPassword']; $confirmPassword = $_POST['confirmPassword']; if (strlen($newPassword) == 0) { print "<center><br><br>Invalid password, <a href='javascript:history.back()'>try again</a><center>"; } else { if ($newPassword == $confirmPassword) { updatePassword($_SESSION['user'], $newPassword); print "<center><br><br>Password was updated, click <a href='http://www.skafia.com/cst336/assignments/4/index.php'>here</a> to continue</center>"; } else { print "<center><br><br>Passwords do not match, <a href='javascript:history.back()'>try again</a><center>"; } } } } else { if (isset($_POST['cancelButton'])) { header("Location: http://www.skafia.com/cst336/assignments/4/index.php"); } } if (!isset($_POST['newPassword'])) { print "\n\t<body>\n\t<center>\n\t<form action=\"updatepassword.php\" method=\"post\">\n\t\t<table>\n\t\t\t<tr><td colspan=2 align=center><h3>Update Password<h3></td></tr>\n\t\t\t<tr><td colspan=2 align=center> </td></tr>\n\t\t\t<tr><td>New Password:</td><td><input type=\"password\" name=\"newPassword\"></td></tr>\n\t\t\t<tr><td>Confirm:</td><td><input type=\"password\" name=\"confirmPassword\"></td></tr>\n\t\t\t<tr><td align=center colspan=2><input type=\"submit\" name=submitButton><input type=\"submit\" \n\t\t\tvalue=\"Cancel\" name=cancelButton></td></tr>\n\t\t</table>\n\t</form>\n\t</body>\n\t</center>"; } ?>
} if (!isset($_SESSION['account_activated']) and !isset($pass)) { $_SESSION['message'] = 'Toegang geweigerd.'; header('Location: ' . BASE_URL); exit; } if ($_SERVER['REQUEST_METHOD'] == 'POST') { $pass = $_POST['pass']; $pass_confirm = $_POST['pass_confirm']; if (passTest($pass, $pass_confirm) === TRUE) { if (isset($_SESSION['gebruiker_id'])) { $user_id = $_SESSION['gebruiker_id']; } $password = password_hash($pass, PASSWORD_BCRYPT); //wachtwoord invoeren in de database en activate_account op 1 zetten ( dus geactiveerd ) updatePassword($password, $user_id); unset($_SESSION['account_activated']); if (isset($user_id, $email_code)) { //nieuwe email code aanmaken en opslaan. $email_code = md5($user_id + microtime()); update_email_code($user_id, $email_code); $_SESSION['message-success'] = 'Uw wachtwoord is gewijzigd!'; header('Location: ' . BASE_URL); exit; } else { header('Location: ' . BASE_URL . 'dashboard/'); exit; } } } ?>
<?php $formMessage = ''; $formStatus = "info"; if (isset($_POST['submit']) && 'changePassword' == $_POST['action']) { if (empty($_POST['newPassword']) || empty($_POST['confirmPassword'])) { $formMessage = "Password cannot be empty!"; $formStatus = "danger"; } else { $newPassword = $_POST['newPassword']; $confirmPassword = $_POST['confirmPassword']; $newPassword = stripslashes($newPassword); $confirmPassword = stripslashes($confirmPassword); if ($newPassword == $confirmPassword) { if (updatePassword($loggedInUser, $newPassword)) { $formMessage = "Password has been changed."; $formStatus = "success"; } else { $formMessage = "Unable to change the password."; $formStatus = "danger"; } } else { $formMessage = "Passwords are not equal."; $formStatus = "danger"; } } } ?> <form action="" method="post" role="form">
/** \brief User bearbeiten Ändert die Daten eines Users */ function User_edit() { #check rights $rank = $this->userdata['rights']['useredit']['rank']; if (!$rank) { #no permission $this->_header("", "no permission"); } $page = param_num("page", 1); $id = param_num("id"); if (!$id) { $this->_header(); } $return = getUserByID($id); if (!$return) { $this->_header(); } #check rights if ($rank > 1 && $this->userdata['aid'] != $return['aid'] || $rank > 2 && $this->userdata['gala'] != $return['gala']) { #no permission $this->_header("", "no permission"); } $data = $_SESSION['steps']; #information message, step 2 if ($data['useredit']) { #save step unset($data['useredit']); $_SESSION['steps'] = $data; $this->forms['information']['url'] = $this->backtracking->backlink(); $this->forms['information']['title'] = "Benutzerdaten ändern"; $this->forms['information']['message'] = "Änderung erfolgreich"; $this->forms['information']['style'] = "green"; $this->show('message_information', "Benutzerdaten ändern"); } #formular send if ($this->userdata['rights']['changegroup']) { $grouplist = getGroupList($this->userdata['rights']['changegroup']['rank']); if ($return['gid']) { for ($i = 0; $i < count($grouplist); $i++) { if ($grouplist[$i]['gid'] == $return['gid']) { $canchangegroup = true; break; } } } else { $canchangegroup = true; } } if ($canchangegroup) { $this->template->assign("changegroup", 1); } else { $this->template->assign("group", $return['groupname']); } if ($rank == 1) { $allylist = getAllyList(); } else { $this->template->assign("ally", $this->userdata['tag']); } $this->template->assign("rank", $rank); $galalist = array(); if ($_REQUEST['send']) { $items['login']['value'] = param_str("login", true); $items['nick']['value'] = param_str("nick", true); $items['ircauth']['value'] = param_str("ircauth", true); $items['pos']['value'] = param_num("pos", null, true); $items['gala']['value'] = param_num("gala", null, true); $password = param_str("password", true); if ($rank == 1) { $items['aid']['value'] = param_num("ally", 0, true); #check allyid if ($items['aid']['value']) { $ally = 0; for ($i = 0; $i < count($allylist); $i++) { if ($items['aid']['value'] == $allylist[$i]['aid']) { $ally =& $allylist[$i]; $ally['selected'] = "selected"; break; } } } if (!$ally) { $this->_header("", "Ungültige Allianzid!"); } } else { $items['aid']['value'] = $this->userdata['aid']; } #check gala if ($rank < 3) { $galalist = getGalaListbyAlly($items['aid']['value']); if (!$galalist) { $errors[] = "Die Allianz hat keine Galaxien!"; $galalist[] = array("gala" => "keine"); } } else { $items['gala']['value'] = $this->userdata['gala']; $this->template->assign("gala", $this->userdata['gala']); } if ($_REQUEST['next_x']) { if (!$items['nick']['value']) { $errors[] = "Nickname darf nicht leer sein!"; $items['nick']['bgrd'] = '_error'; } if (!$items['login']['value']) { $errors[] = "Login darf nicht leer sein!"; $items['login']['bgrd'] = '_error'; } if (!$items['pos']['value']) { $items['pos']['bgrd'] = '_error'; $errors[] = "Die Position darf nicht leer sein!"; } if ($canchangegroup) { #check gid $items['gid']['value'] = param_num('group', 0, true); if ($items['gid']['value']) { $group = 0; for ($i = 0; $i < count($grouplist); $i++) { if ($items['gid']['value'] == $grouplist[$i]['gid']) { $group =& $grouplist[$i]; $group['selected'] = "selected"; break; } } if (!$group) { $this->_header(); } } } else { $items['gid']['value'] = $return['gid']; } #check nickname if ($items['nick']['value'] && strtolower($items['nick']['value']) != strtolower($return['nick']) && getUserByNick($items['nick']['value'])) { $errors[] = 'User existiert bereits!'; $items['nick']['bgrd'] = '_error'; } #check login if ($items['login']['value'] && strtolower($items['login']['value']) != strtolower($return['login']) && getUserByLogin($items['login']['value'])) { $errors[] = 'Login existiert bereits!'; $items['login']['bgrd'] = '_error'; } #check galaid if ($items['gala']['value'] && $rank < 3) { $galaxy = 0; for ($i = 0; $i < count($galalist); $i++) { if ($items['gala']['value'] == $galalist[$i]['gala']) { $galaxy =& $galalist[$i]; $galaxy['selected'] = "selected"; break; } } if (!$galaxy) { $this->_header("index.php", "Ungültige Galaid!"); } } if (!$errors && ($return['gala'] != $items['gala']['value'] || $return['pos'] != $items['pos']['value'])) { $chkuser = getUserByPos($items['gala']['value'], $items['pos']['value']); if ($chkuser) { $errors[] = "User existiert bereits, <a href=\"admin.php?action=userdetails&id=" . $chkuser['uid'] . "\">" . $chkuser['nick'] . " (" . $chkuser['gala'] . ":" . $chkuser['pos'] . ")</a>"; $items['pos']['bgrd'] = '_error'; } } if (!$errors) { #save step $data['useredit'] = 1; $_SESSION['steps'] = $data; if ($password) { #eigenes pw geändert if ($return['uid'] == $this->userdata['uid']) { updateUserPassword($return['uid'], $password); $sessionuserdata['id'] = $this->userdata['uid']; $sessionuserdata['password'] = md5($password); $_SESSION['sessionuserdata'] = $sessionuserdata; } else { updatePassword($return['uid'], $password); } addToLogfile("Passwort von " . $return['nick'] . " geändert", "Admin", $this->userdata['uid']); } addToLogfile("User " . $return['nick'] . " bearbeitet", "Admin", $this->userdata['uid']); updateAdminUser($return['uid'], $items['nick']['value'], $items['login']['value'], $items['gala']['value'], $items['pos']['value'], $items['gid']['value'], $items['ircauth']['value']); $this->_header("admin.php?action=edituser&id=" . $return['uid'] . "&send"); } } } else { if ($return['gid'] && $this->userdata['rights']['changegroup']) { for ($i = 0; $i < count($grouplist); $i++) { if ($return['gid'] == $grouplist[$i]['gid']) { $grouplist[$i]['selected'] = "selected"; break; } } } if ($rank == 1) { #select ally for ($i = 0; $i < count($allylist); $i++) { if ($return['aid'] == $allylist[$i]['aid']) { $ally =& $allylist[$i]; $ally['selected'] = "selected"; break; } } } if ($rank < 3) { $galalist = getGalaListbyAlly($return['aid']); if (!$galalist) { $errors[] = "Die Allianz hat keine Galaxien!"; $galalist[] = array("gala" => "keine"); } else { #select gala for ($i = 0; $i < count($galalist); $i++) { if ($return['gala'] == $galalist[$i]['gala']) { $galalist[$i]['selected'] = "selected"; break; } } } } else { $this->template->assign("gala", $this->userdata['gala']); } $items['ircauth']['value'] = $return['ircauth']; $items['nick']['value'] = $return['nick']; $items['login']['value'] = $return['login']; $items['pos']['value'] = $return['pos']; } $this->template->assign("errors", $errors); $this->template->assign("galalist", $galalist); $this->template->assign("allylist", $allylist); if (!$items['ircauth']['value']) { $items['ircauth']['bgrd'] = "_optional"; } if (!$items['password']['value']) { $items['password']['bgrd'] = "_optional"; } $this->template->assign("items", $items); $this->template->assign("grouplist", $grouplist); $this->template->assign("id", $return['uid']); $this->template->assign("username", $return['nickname']); $this->show('user_edit_form', "Benutzerdaten ändern"); }
$envoi = 0; break; } } if ($envoi == 1) { updateMembre($_POST['ID_membre'], $_POST['nom'], $_POST['prenom'], $_POST['mail'], $_POST['adresse'], $_POST['codepostal'], $_POST['ville'], $_POST['pays'], $admin); if ($_POST['changePassword'] != '' or $_POST['changePassword2'] != '') { $envoi2 = 1; //vérification du password $send[] = verificationFormulaire($_POST['changePassword'], $rgxPassword, 'Erreur dans le mot de passe. Les modifications de profil ont été envoyés mais votre mot de passe n\'a pas été modifié !', false); //vérif correspondance password 1 & 2 if ($_POST['changePassword'] != $_POST['changePassword2']) { $send[] = 'Les deux nouveaux mots de passe ne correspondent pas. Les modifications de profil ont été envoyés mais votre mot de passe n\'a pas été modifié !'; } foreach ($send as $element) { if ($element != '') { $envoi2 = 0; break; } } if ($envoi2 == 1) { //on crypte le mot de passe si le champs a été correctement rempli $password = sha1($_POST['changePassword']); echo $_POST['ID_membre']; echo $password; include_once 'modele/membre/panel_updatePassword.php'; updatePassword($_POST['ID_membre'], $password); } } } include_once 'vue/membre/admin/envoi.php';
/** * @param $firstname * @param $lastname * @param $email * @param $userpass * @return bool|object * Register a new user. */ function register($firstname, $lastname, $email, $userpass) { $success = true; $msg = ""; $insertid = ""; $checkemail = ""; if ($email == "" || $userpass == "" || $lastname == "" || $firstname == "") { return false; } $oldpass = $userpass; $email = convertForInsert($email); $userpass = convertForInsert($userpass); $lastname = convertForInsert($lastname); $firstname = convertForInsert($firstname); $sql = "SELECT Email FROM tbl_users WHERE Email = " . $email; $mysqli = new mysqli(Database::dbserver, Database::dbuser, Database::dbpass, Database::dbname); $rs = $mysqli->query($sql); while ($row = $rs->fetch_assoc()) { $checkemail = $row['Email']; } $rs->free(); $mysqli->close(); if ($checkemail != "") { //we have an email address already, bail $success = false; $msg = "Email already exists."; } if ($success) { $sql = "INSERT INTO tbl_users\n (UserID, LastName, FirstName, Email, Password) VALUES\n (NULL, {$lastname}, {$firstname}, {$email}, {$userpass})"; $mysqli = new mysqli(Database::dbserver, Database::dbuser, Database::dbpass, Database::dbname); $mysqli->query($sql); $userid = $mysqli->insert_id; $salt = generateSalt($userid); $salted = encryptPassword($oldpass, $salt); updatePassword($salted, $userid); $mysqli->close(); } $data = array("success" => $success, "message" => $msg, "id" => $insertid); return json_encode($data); }
<?php include "header.php"; if (isset($_GET['action'])) { // switch (strtolower($_GET['action'])) { // case 'updatepass': // if (isset($_POST['username']) && isset($_POST['password'])) { // if (updatePassword($_POST['username'], $_POST['password'])) { // unset($_GET['action']); } else { ?> <div class="main"> <span class="shadow-top"></span> <!-- shell --> <div class="shell"> <div class="container"> <!-- testimonial --> <section class="testimonial"> <h2>Final Fantasy XI Private Server!</h2> <p><strong>“</strong>Your password was update successfuly!.</p> <p>in a few moments you will be redirected to your profile, and again Thank you for your patience.</p> <META http-equiv="refresh" content="10;URL=profile.php"> </section> <!-- testimonial --> </div>
} catch (Exception $e) { header_status(500); $response['status'] = 'Error'; $response['message'] = $e->getMessage(); echo json_encode($response); die; } $json = file_get_contents('php://input'); $data = json_decode($json); $headers = apache_request_headers(); $header = str_replace("Bearer ", "", $headers['Authorization']); $JWT = new JWT(); try { $decoded_token = $JWT->decode($header, $key, array($alg)); if ($data->location === 'update_password') { updatePassword($data, $db); } } catch (DomainException $e) { header_status(401); $response['status'] = 'Error'; $response['message'] = $e->getMessage(); echo json_encode($response); die; } function updatePassword($data, $db) { $response = array(); try { $search = 'SELECT password FROM users WHERE BINARY id=? '; $search_stmt = $db->stmt_init(); if (!$search_stmt->prepare($search)) {
if (!$_SESSION["username"]) { $url = $_SERVER['REQUEST_URI']; echo "<meta http-equiv=\"refresh\" content=\"0;url=Login.php?url={$url}\">"; } $uid = $_SESSION['id']; $q = mysql_query("SELECT * FROM `userList` where `uid`='{$uid}'") or die(mysql_error()); $row = mysql_fetch_assoc($q); $name = $row['Name']; $uname = $row['UserName']; $text = $row['About']; $email = $row['Email']; $pic = $row['ProfilePicture']; if (isset($_POST['updatePass'])) { if (strlen($_POST['password']) > 5 && strlen($_POST['password_check']) > 5) { if (strcmp($_POST['password'], $_POST['password_check']) == 0) { updatePassword($_POST['password'], $uid); } else { echo "<script language=\"javascript\" type=\"text/javascript\">"; echo "alert('The Passwords not matching! Try again.Thank you')"; echo "</script>"; } } else { echo "<script language=\"javascript\" type=\"text/javascript\">"; echo "alert('Password should have minimum length of 6')"; echo "</script>"; } } if (isset($_POST['updateAbout'])) { if (!empty($_POST['about'])) { updateAbout($_POST['about'], $uid); } else {
$message = insertWord($conn, $userID, $word, $translation, $description, $wordBase, $list, $forceInsert); break; case "get": $message["action"] = "check"; break; case "userinfo": $message["user"] = getUserInfo($conn, $userID); break; case "userdetail": $message["user"] = getUserDetail($conn, $userID); break; case "updateuserdetail": $message["status"] = updateUserDetail($conn, $userID, $_POST["firstname"], $_POST["lastname"], $_POST["nickname"]); break; case "updatepassword": $message["update"] = updatePassword($conn, $userID, $_POST["password"], $_POST["newpassword"], $passwordSalt); break; case "wordlist": $filter = "%"; if (isset($_POST["filter"])) { $filter = $_POST["filter"]; } $message["wordcount"] = getWordsCount($conn, $_POST["lists"], $userID, $filter); $message["words"] = getWordsList($conn, $userID, $_POST["lists"], $_POST["first"], $_POST["last"], $filter); break; case "wordcount": $message["wordcount"] = getWordsCount($conn, $_GET["list"], $userID); break; case "logout": $message["logout"] = logUserOut($conn, $_GET["token"]); // remove all session variables
/**************************************************************************** * Actions *****************************************************************************/ if (array_key_exists('action', $_POST)) { switch ($_POST['action']) { case 'update_base_url': saveBaseURL('../'); break; case 'update_config': updateConfig(); break; case 'update_feedback': updateFeedback(); break; case 'update_password': $passwordError = updatePassword($_POST['admin_password']); break; case 'update_translation': updateTranslation(); break; case 'update_theme': updateTheme(); break; case 'update_channels': updateChannels(); break; case 'total_reset': $total_reset = totalReset(); break; } }
<?php require '../model/database.php'; require '../model/userLogin_db.php'; $oldPassword = $_POST['oldPassword']; $currentPassword = $_POST['currentPassword']; $newPassword = $_POST['newPassword']; $userId = $_POST['userId']; if ($oldPassword == $currentPassword) { updatePassword($newPassword, $userId); header("Location: successChangeP.php"); } else { header("Location: failChangeP.php"); }
} if (isset($_POST["confirm_password"])) { $confirm_password = $_POST["confirm_password"]; } if ($new_password != $confirm_password) { $error = "Passwords do not match."; } else { $user = getUserRecord($_COOKIE["username"]); if (crypt($password, $user['hash']) != $user['hash']) { $error = "Invalid current password"; } else { $cost = 10; $salt = strtr(base64_encode(mcrypt_create_iv(16, MCRYPT_DEV_URANDOM)), '+', '.'); $salt = sprintf("\$2a\$%02d\$", $cost) . $salt; $hash = crypt($new_password, $salt); $token = updatePassword($_COOKIE["username"], $hash); setcookie("token", $token); header("Location: index.php"); exit; } } } include 'include/header.php'; ?> <div class="content-overlay-box"> <div id="devices-container"> <div> <div class="header-summary"> <div class="summary-text"> <div class="device-name" title="Register">Change password</div>