function recover($mode, $email)
{
$mode = sanitize($mode);
$email = sanitize($email);
$user_data = user_data(user_id_from_email($email), 'first_name', 'username');
if ($mode == 'username') {
email($email, 'Your username recvory', "Hello" . $user_data['first_name'] . ",\n\nYour username is:" . $user_data['username'] . "\n\n-stumbleupon");
} else {
if ($mode == 'password') {
$generated_password = substr(md5(rand(999, 999999)), 0, 8);
change_password($user_data['user_id'], $generated_password);
update_user($user_data['user_data'], array('password_recover' => '1'));
email($email, 'Your password recvory', "Hello" . $user_data['first_name'] . ",\n\nYour New Password is:" . $generated_password . "\n\n-StumbleUpon");
}
}
}
function recover($mode, $email)
{
$mode = sanitize($mode);
$email = sanitize($email);
$user_data = user_data(user_id_from_email($email), 'user_id', 'first_name', 'username');
if ($mode == 'username') {
email($email, 'Your username', "Hello " . $user_data['first_name'] . ", \n \n Your username is: " . $user_data['username'] . ",\n\n -dwcl");
} else {
if ($mode == 'password') {
//password
$generated_password = substr(md5(rand(999, 999999)), 0, 8);
change_password($user_data['user_id'], $generated_password);
email($email, 'Your Password', "Hello " . $user_data['first_name'] . ", \n \n Your new is: " . $generated_password . ",\n\n -dwcl");
}
}
}
function recover($mode, $email)
{
$user_data = user_data(user_id_from_email($email), 'user_id', 'first_name', 'username');
if ($mode == 'username') {
// recover username
email($email, 'Your username', "Hello " . $user_data['first_name'] . ",\n\nYour username is: " . $user_data['username'] . "\n\n-sparklet");
} else {
if ($mode == 'password') {
// recover password
$generated_password = substr(md5(rand(999, 999999)), 0, 8);
// die($generated_password);
change_password($user_data['user_id'], $generated_password);
update_user($user_data['user_id'], array('password_recover' => '1'));
email($email, 'Your password recovery', "Hello " . $user_data['first_name'] . ",\n\nYour new password is: " . $generated_password . "\n\n-sparklet");
}
}
}
function recover($mode, $email)
{
$mode = sanitize($mode);
$email = sanitize($email);
$user_data = user_data(user_id_from_email($email), 'user_id', 'first_name');
if ($mode == 'username') {
email($email, 'Your username', " Hello " . $userdata['first_name'] . ",\n\nYour username is : " . $user_data['username'] . "\n\n-Utkal Placement");
} else {
if ($mode == 'password') {
$temp_password = substr(md5(rand(9999, 999999)), 0, 8);
change_password($user_data['user_id'], $temp_password);
update_user($user_data['user_id'], array('password_recover' => '1'));
email($email, 'Your password Recovery', " Hello " . $userdata['first_name'] . ",\n\nYour new password is : " . $temp_password . "\n\nPlease log in to change this.\n\n-Utkal Placement");
}
}
//$temp_pass= md5($temp_pass);
//mysql_query("UPDATE `users` SET `pass_temp` = '$temp_pass' WHERE `email` = '$email'");
}
function recover($mode, $email)
{
// recupereaza numele de utilizator sau parola - $mode poate lua valoarea de 'username' sau 'password'
include 'core/db/db_connection.php';
$mode = sanitize($mode);
$email = sanitize($email);
$user_data = user_data(get_user_id_from_email($email), 'user_id', 'first_name', 'username');
if ($mode == 'username') {
email($email, 'Your username', "\n\t\t\t\tHello " . $user_data['first_name'] . ", <br><br>\n\t\t\t\tYour username is " . $user_data['username'] . " <br><br>\n\t\t\t\t-worldtour team\n\t\t\t");
} else {
if ($mode == 'password') {
$generated_password = substr(md5(rand(777, 7777)), 0, 7);
// generam o parola random de 7 caractere pe care o criptam cu md5
change_password($user_data['user_id'], $generated_password);
update_user($user_data['user_id'], array('pwd_recovery' => '1'));
// folosim un 'flag' asupra contului pentru a forta utilizatorul sa-si schimbe parola generata de noi prima oara cand se logheaza
email($email, 'Password recovery', "\n\t\t\t\tHello " . $user_data['first_name'] . ", <br><br>\n\t\t\t\tYour new password is " . $generated_password . "<br><br>\n\t\t\t\tKindly note that this is a temporary password and you are required to change it on your first log in. <br><br>\n\t\t\t\t-worldtour team\n\t\t\t");
}
}
}
function recover($mode, $email)
{
$mode = sanitize($mode);
$email = sanitize($email);
$user_id = user_id_from_email($email);
$user_data = user_data($user_id, 'user_id', 'first_name', 'username');
if ($mode === 'username') {
//recover username
sendMail("{$email}", "MCA-website username recovery mail", "Hello " . $user_data['first_name'] . ", \n\n Your username for mca page is " . $user_data['username'] . "\n\n~MCA, IIT Bombay");
} else {
if ($mode === 'password') {
//recover password
$generated_password = substr(md5(rand(999, 999999)), 0, 8);
change_password($user_data['user_id'], $generated_password);
//changing password with new genrated password
//this is to force user to change password after resetting password
mysql_query("UPDATE `users` SET `password_recover` = 1 WHERE `user_id` = {$user_id}");
sendMail("{$email}", "MCA-website password reset mail", "Hello " . $user_data['first_name'] . ", \n\n Your password for mca page is reset and the new password is " . $generated_password . ". Please change your password after logging in.\n\n~MCA, IIT Bombay");
}
}
}
function CPanelPages($page)
{
//clean page
$page = htmlspecialchars($page);
//do different things on different pages
switch ($page) {
case "email":
//updates Email
return panel_email();
break;
case "profile":
//Updates Profile
return panel_profile();
break;
case "password":
//Changes Password
return change_password();
break;
default:
return cpanel_home();
break;
}
}
function do_change_security($currentuser)
{
global $HTTP_POST_VARS;
if ($HTTP_POST_VARS['field_password2'] != $HTTP_POST_VARS['field_password']) {
return false;
}
if ($HTTP_POST_VARS['field_password2'] == "") {
return true;
}
change_password($currentuser, $HTTP_POST_VARS['field_password']);
return true;
}
// Check for a new password and match against the confirmed password:
if ($_POST['pass1'] == $_POST['pass2']) {
require MYSQL;
$p = mysqli_real_escape_string($dbc, $_POST['pass1']);
//mysqli real escape string requires a db connection
require CLSMYSQL;
} else {
$pass_msg .= '<p class="error">Your password did not match the confirmed password!</p>';
}
} else {
$pass_msg .= '<p class="error">Please enter a valid password!</p>';
}
if ($p) {
// If everything's OK
$user_id = $_SESSION['user_id'];
$success =& change_password($p, $user_id);
if ($success == 1) {
$pass_msg .= '<h3>Your password has been changed.</h3>';
$pass_msg .= '<a href="logout.php" class="change_password_btn" ><button type="button" class="btn btn-primary">Re-Login</button></a>';
} else {
// If it did not run OK
$pass_msg .= '<p class="error">Your password was not changed. Make sure your new password is different than the current password. Contact the system administrator if you think an error occurred.</p>';
}
} else {
// Failed the validation test
$pass_msg .= '<p class="error">Please try again.</p>';
}
}
// End of the main Submit conditional
require 'include/sm_form_header.html';
include 'view/form_change_password.html';
<?php
include_once 'db_connect_PDO.php';
include_once 'functions2.php';
sec_session_start();
$db = db_connect();
//print_r($_POST);
//print_r($_SESSION);
//If user is changing their password while logged in, execute this
$shopper_id = $_SESSION['user_id'];
if ($_POST['pType'] == "change") {
if (isset($_POST['oPass'], $_POST['nPass'], $_POST['conf'], $_SESSION['user_id'])) {
change_password($shopper_id);
}
}
//if user is changing their password from reset link, execute this
if ($_POST['pType'] == "forgot") {
if (isset($_POST['nPass'], $_POST['conf'], $_POST['user_id'])) {
forgot_password();
//ask user to log in with new password
echo "Password changed. You can now <a href='../index.php'>log in</a>";
}
}
<?php
include "modules.php";
if (!isset($_COOKIE['uid'])) {
header('Location: index');
}
$uid = $_COOKIE['uid'];
if (isset($_POST['passwordSettingButton'])) {
session_start();
if (change_password($_COOKIE["uid"], $_POST['opwd'], $_POST['npwd'])) {
# code...
header('Location: home');
}
}
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="ISO-8859-1">
<title>Password Setting</title>
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="stylesheet"
href="http://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap.min.css">
<script
src="https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js"></script>
<script
src="http://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/js/bootstrap.min.js"></script>
<script src="js/product.js"></script>
<link rel="stylesheet" href="css/home.css" type="text/css">
include "../include/db.php";
include "../include/authenticate.php";
if (checkperm("p")) {
exit("Not allowed.");
}
include "../include/general.php";
hook("preuserpreferencesform");
if (getval("save", "") != "") {
if (md5("RS" . $username . getvalescaped("currentpassword", "")) != $userpassword) {
$error3 = $lang["wrongpassword"];
} else {
if (getval("password", "") != getval("password2", "")) {
$error2 = true;
} else {
$message = change_password(getvalescaped("password", ""));
if ($message === true) {
redirect($baseurl_short . "pages/" . ($use_theme_as_home ? 'themes.php' : $default_home_page));
} else {
$error = true;
}
}
}
}
include "../include/header.php";
?>
<div class="BasicsBox">
<?php
if ($userpassword == "b58d18f375f68d13587ce8a520a87919") {
?>
<div class="FormError" style="margin:0;"><?php
log_in();
break;
case "logout":
log_out();
break;
case "create_account":
create_account();
break;
case "confirm_subscribe":
validate_account();
break;
case "change_pass":
change_password(false);
break;
case "lost_ids":
change_password(true);
break;
case "delete_account":
if (isset($_SESSION["delete_account_state"]) && $_SESSION["delete_account_state"] == "display") {
$_SESSION["delete_account_state"] = "execute";
// Une fois réaffiché, on repasse en mode "exécution"
if (isset($_SESSION["delete_account_display"])) {
echo $_SESSION["delete_account_display"];
// Affichage;
unset($_SESSION["delete_account_display"]);
// On supprime le texte qui a été affiché
}
}
break;
case "display_useterms":
display_userterms();
} elseif ($use_mysqli == true) {
$rsCheckPass = @$dbase_conn->query($query_rsCheckPass) or die;
$row_rsCheckPass = mysqli_fetch_assoc($rsCheckPass);
$totalRows_rsCheckPass = mysqli_num_rows($rsCheckPass);
}
// does posted password match current password
if ($currentpass != $row_rsCheckPass[PASS_FLD]) {
$error = "Your current password was entered incorrectly.";
}
// if there are no users, or more than one, then return an error
if ($totalRows_rsCheckPass != 1) {
$error = "Your current password was entered incorrectly.";
}
}
if (empty($error)) {
$loginmessage = change_password($_SESSION['user_id'], $newpass);
} else {
$loginmessage = $error;
}
}
// text variables
$pass_title = "Change Password Service";
$pass_intro = "\n\t\t\t<p>Please complete this form to change your password. Once your password has been changed successfully you will need to log in again.</p>\n\t\t\t<p><strong>NOTE: Your new password must be between 6 - 10 characters.</strong></p>";
$pass_form = "\n\t\t\t<form name=\"changepass\" method=\"post\" action=\"" . $_SERVER['PHP_SELF'] . "?" . $_SERVER['QUERY_STRING'] . "\">\n\t\t\t\t<p><label for=\"currentpass\">Current Password:</label><br/>\n\t\t\t\t\t<input name=\"currentpass\" type=\"password\" id=\"currentpass\" class=\"loginpass\"></p>\n\t\t\t\t<p><label for=\"newpass\">New Password:</label><br/>\n\t\t\t\t\t<input name=\"newpass\" id=\"newpass\" type=\"password\" class=\"loginpass\"></p>\n\t\t\t\t<p><label for=\"newpass2\">Re-enter New Password:</label><br/>\n\t\t\t\t\t<input name=\"newpass2\" type=\"password\" id=\"newpass2\" class=\"loginpass\"></p>\n\t\t\t\t<p><input type=\"submit\" class=\"button\" name=\"change\" value=\"Change\"></p>\n\t\t\t\t</form>\n\t\t\t";
break;
default:
echo "not allowed";
break;
}
// show html page framework
echo html_header($pass_title);
?>
<b><a href="<?php
echo $user_data['username'];
?>
" >Profile</b></a><br><br>
<?php
echo 'Your password Successfully Chnaged';
} else {
if (isset($_GET['force']) && empty($_GET['force'])) {
?>
<p> You must change your password </p>
<?php
}
if (empty($_POST) === false && empty($errors) === true) {
change_password($s_id, $_POST['password']);
header('Location: changepassword.php?success');
} else {
if (empty($errors) === false) {
echo output_errors($errors);
}
}
?>
<form action="" method="POST">
<ul>
<li>
Current Password*:<br>
<input type="password" name="current_password">
</li>
<li>
New Password*:<br>
do_html_header("Change Password Failed" , &$err_message ) ;
$err_message .= " Sorry, You must login to change your password. <br>\n";
$err_message .= "<br><br> Go to <a href='$php_root_path/index.php'>Login</a> page." ;
do_html_footer( &$err_message );
exit;
}
*/
if ($_POST["submit"] == "Cancel") {
header("Location: view_papers.php");
exit;
}
$error_array = array();
$exempt_array = array();
check_form($_POST, $error_array, &$exempt_array);
if (count($error_array) == 0 && count($_POST) > 0) {
if (change_password($_SESSION["valid_user"], trim($_POST["oldpwd"]), trim($_POST["newpwd"]), trim($_POST["confirmpwd"]), &$err_message)) {
// provide link to members page
do_html_header("Change Password Successful", &$err_message);
echo "The password has been changed.";
do_html_footer(&$err_message);
exit;
} else {
// otherwise provide link back, tell them to try again
do_html_header("Change password failed", &$err_message);
$err_message .= "<br><br> Try <a href='change_pwd.php'>Again</a>? <br>\n";
}
} else {
if (count($_POST) == 0) {
do_html_header("Change Password", &$err_message);
} else {
do_html_header("Change Password", &$err_message);
<div class="container container-padded">
<h3>Change Password</h3>
<?php
if (isset($_POST["change-pw-submit"])) {
$old_pw = isset($_POST["old-password"]) && $_POST["old-password"] != "" ? $_POST["old-password"] : null;
$new_pw = isset($_POST["new-password"]) && $_POST["new-password"] != "" ? $_POST["new-password"] : null;
$confirm = isset($_POST["confirm"]) && $_POST["confirm"] != "" ? $_POST["confirm"] : null;
if ($old_pw && $new_pw && $confirm) {
if ($new_pw != $confirm) {
echo '<p class="error">Your new passwords do not match.</p>';
} else {
$valid_old = validate_credentials($user["email"], $old_pw);
if ($valid_old === false) {
echo '<p class="error">You entered an invalid old password.</p>';
} else {
$changed = change_password($id, $new_pw);
if ($changed) {
echo '<p>Success! Your password has been changed.</p>';
} else {
echo '<p class="error">Your password could not be changed due to a database error.</p>';
}
}
}
} else {
echo '<p class="error">You must provide a value for every field.</p>';
}
}
?>
<form name="change-password" action="<?php
echo $_SERVER["PHP_SELF"];
?>
$email = mysql_real_escape_string(htmlentities(input_validation($_POST['email'])));
$password = mysql_real_escape_string(htmlentities(input_validation($_POST['password'])));
$retype_password = mysql_real_escape_string(htmlentities(input_validation($_POST['retype_password'])));
//$pin = mysql_real_escape_string(htmlentities(input_validation($_POST['pin'])));
@($allow_log = mysql_real_escape_string(htmlentities(input_validation($_POST['allow_log']))));
@($send_email = mysql_real_escape_string(htmlentities(input_validation($_POST['send_email']))));
if (!empty($email) && !empty($password) && !empty($retype_password)) {
if (user_exists_reg($con, $email) === false) {
echo "Oppos, the email you entered that was not register in our system./e";
} elseif ($password != $retype_password) {
echo "Your new password do not match with retype password./e";
} else {
$user_id = get_user_id_from_email($con, $email);
//$full_name = get_full_name_from_username($con, $username);
//$email = get_email_from_username($con, $username);
if (change_password($con, $user_id, $password) === true) {
if ($send_email == 1) {
email($email, 'Your password for ' . COMPANY_NAME . ' system login', "Hello User,\n\nYour email is: " . $email . "\nYour new password is: |" . $password . "| \nPlease change your password at first login. \n\nBest Regards\n '.COMPANY_NAME.'");
}
//for user log;
if ($allow_log == 1) {
$remark = 'Password Reset for user \'' . display_email_from_user_id($con, $user_id) . '\'.';
insert_user_log($con, $_SESSION['user_id'], 8, REMOTE_IP, $remark);
}
echo "Password change Successful for the user ' " . $email . " '.";
} else {
echo "Opps! Password not change./e";
}
}
} else {
echo "Star Mark field are required./e";
function get_parser()
{
$conf = configurations();
if (!$_GET) {
return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'listprojects');
}
if (isset($_GET['mod'])) {
if (is_array(myfilter($_GET['mod'], 'mod'))) {
trigger_error('potential attack using mod');
return deconnect();
} else {
$mod = $_GET['mod'];
}
} else {
$mod = null;
}
switch ($_GET['action']) {
case 'adduser':
if (admin(true)) {
if ($_POST['usr_email'] && $_POST['username']) {
return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'adduser', add_user(myfilter($_POST['usr_email'], 'email'), myfilter($_POST['username'], 'user'), myfilter($_POST['lvl'], 'lvl')));
}
return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'adduser');
}
break;
case 'listusers':
if (admin(true)) {
$list_users = list_users(array(null));
return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'listusers', $list_users);
}
break;
case 'deco':
return deconnect();
break;
case 'modpass':
if ($_POST['oldpass'] && $_POST['password1'] && $_POST['password2']) {
$pass = array(myfilter($_POST['oldpass'], 'password'), myfilter($_POST['password1'], 'password'), myfilter($_POST['password2'], 'password'));
if (is_string($pass[0]) && is_string($pass[1]) && is_string($pass[2])) {
$change = change_password($_SESSION['db_data']['_id'], $pass);
return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'changepass', $change);
}
}
return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'changepass', null);
break;
case 'resetpass':
if (isset($_GET['user_id']) && isset($_GET['resetcode']) && !is_array($_GET['user_id']) && !is_array($_GET['resetcode'])) {
return reset_password($_GET['user_id'], $_GET['resetcode']);
} elseif (isset($_GET['user_id']) && !is_array($_GET['user_id']) && admin(true)) {
return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'edit_user', reset_password($_GET['user_id']));
}
break;
case 'edituser':
if (isset($_GET['user_id'])) {
if (user(true) && $_GET['user_id'] == $_SESSION['db_data']['_id']) {
return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'edit_user', change_user_data($_SESSION['db_data']));
}
if (admin(true) && !is_array($_GET['user_id'])) {
return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'edit_user', change_user_data(check_user(array('_id' => new MongoID(myfilter($_GET['user_id'], '_id'))))));
}
}
break;
case 'changemail':
if (isset($_GET['user_id']) && isset($_GET['code'])) {
$db = check_user(array('_id' => new MongoID(myfilter($_GET['user_id'], '_id'))));
if ($db['mail_change_id'] == $_GET['code']) {
return change_email_user(array('email' => $db['new_mail'], 'new_mail' => null, 'mail_change_id' => null), myfilter($_GET['user_id'], '_id'), 'postmail');
}
}
break;
case 'deluser':
if (admin(true) && !is_array($_GET['user_id'])) {
return delete_user(myfilter($_GET['user_id'], '_id'));
}
break;
case 'addproject':
if (admin(true)) {
return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'add_project', addproject());
}
break;
case 'project':
if (isset($_GET['project_id'])) {
if (!is_array(myfilter($_GET['project_id'], '_id'))) {
$_SESSION['currentprojet'] = myfilter($_GET['project_id'], '_id');
return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'project', check_projects_mod($mod));
}
}
break;
case 'getfile':
if (isset($_GET['file']) && isset($_GET['key']) && isset($_GET['id']) && isset($_GET['os']) && isset($_GET['arch'])) {
if (!is_array(myfilter($_GET['file'], 'sha1')) && !is_array(myfilter($_GET['key'], 'timestamp')) && !is_array(myfilter($_GET['id'], '_id')) && !is_array($_GET['os']) && !is_array($_GET['arch'])) {
return down_file(myfilter($_GET['file'], 'sha1'), myfilter($_GET['key'], 'timestamp'), base64_decode(urldecode($_GET['os'])), base64_decode(urldecode($_GET['arch'])), myfilter($_GET['id'], '_id'));
}
}
break;
case 'addfile':
if (admin(true) && isset($_GET['id'])) {
if (!is_array(myfilter($_GET['id'], '_id'))) {
return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'add_file', addfile(myfilter($_GET['id'], '_id')));
}
}
break;
case 'deletefile':
if (admin(true) && isset($_GET['id']) && isset($_GET['key'])) {
if (!is_array(myfilter($_GET['id'], '_id')) && !is_array(myfilter($_GET['key'], 'timestamp'))) {
return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'project', delete_file(myfilter($_GET['id'], '_id'), myfilter($_GET['key'], 'timestamp')));
}
}
break;
case 'usersetting':
if (isset($_GET['user_id'])) {
if (user(true) && $_GET['user_id'] == $_SESSION['db_data']['_id']) {
return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'setting', change_user_setting($_SESSION['db_data']['_id']));
}
}
break;
case 'bug':
if (isset($_GET['id'])) {
if (!is_array(myfilter($_GET['id'], '_id'))) {
return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'bug', check_bug($mod));
}
}
break;
case 'submitbug':
if (isset($_GET['id'])) {
if (user(true) && in_array($_GET['id'], $_SESSION['db_data']['projects'])) {
$_SESSION['idbug'] = $_GET['id'];
return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'submitbug', add_bug($_POST, $_GET['id']));
}
if (admin(true) || vip(true)) {
if (!is_array(myfilter($_GET['id'], '_id'))) {
$_SESSION['idbug'] = $_GET['id'];
return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'submitbug', add_bug($_POST, $_GET['id']));
}
}
}
break;
case 'listprojects':
return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'listprojects', $mod);
break;
case 'editbug':
if (strlen($_POST['status']) && isset($_GET['id']) && admin(true)) {
if (!is_array($_POST['status']) && !is_array(myfilter($_GET['id'], '_id'))) {
if (in_array($_POST['status'], $conf['bugs']['Open']) || in_array($_POST['status'], $conf['bugs']['Closed'])) {
return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'bug', edit_bug($_POST['status']));
}
}
}
break;
case 'resetpassmail':
if (strlen($_POST['usr_email'])) {
return echo_front_page(reset_password_mail(myfilter($_POST['usr_email'], 'email')));
}
break;
case 'editproject':
if (isset($_GET['id']) && admin(true)) {
if (!is_array(myfilter($_GET['id'], '_id'))) {
return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'edit_project', edit_project($_POST));
}
}
break;
}
return echo_front_page();
}
#==============================================================================
# Check and register new passord
#==============================================================================
# Match new and confirm password
if ($result === "") {
if ($newpassword != $confirmpassword) {
$result = "nomatch";
}
}
# Check password strength
if ($result === "") {
$result = check_password_strength($newpassword, $oldpassword, $pwd_policy_config);
}
# Change password
if ($result === "") {
$result = change_password($ldap, $userdn, $newpassword, $ad_mode, $ad_options, $samba_mode, $shadow_options, $hash);
}
#==============================================================================
# HTML
#==============================================================================
?>
<div class="result <?php
echo get_criticity($result);
?>
">
<h2 class="<?php
echo get_criticity($result);
?>
"><?php
echo $messages[$result];
signup($_REQUEST['username'], $_REQUEST['username'], $_REQUEST['email'], $_REQUEST['password']);
break;
case 'login':
login($_REQUEST['username'], $_REQUEST['password']);
break;
case 'get_user_by_username':
get_user_by_username($_REQUEST['username']);
break;
case 'get_user_by_email':
get_user_by_email($_REQUEST['email']);
break;
case 'get_user_by_id':
get_user_by_id($_REQUEST['id_user']);
break;
case 'change_password':
change_password($_REQUEST['username'], $_REQUEST['password']);
break;
case 'get_markers':
get_markers();
break;
case 'get_markers_by_category':
get_markers_by_category($_REQUEST['id_categoria']);
break;
case 'add_post':
add_post($_REQUEST['id_user'], $_REQUEST['post_title'], $_REQUEST['post_content']);
break;
case 'get_post':
get_post($_REQUEST['id_post']);
break;
case 'get_comments':
get_comments($_REQUEST['id_post']);
$errors[] = 'Your password must be atleast 6 characters.';
}
}
} else {
$errors[] = 'Your current password is incorrect';
}
}
include 'includes/overall/header_changepassword.php';
?>
<?php
/*if (isset($_GET['success']) && empty($_GET['success'])) {
echo 'Your password has been changed.';
} else {*/
if (empty($_POST) === false && empty($errors) === true) {
change_password($session_user_id, $_POST['password']);
header('Location: index_loggedin.php');
} else {
if (empty($errors) === false && empty($_POST) === false) {
/*echo output_errors($errors);*/
$error_all = output_errors($errors);
echo "<script type='text/javascript'>alert('{$error_all}');</script>";
}
}
?>
<!-- <form action="" method="post">
<ul>
<li>
Current password*:<br>
header('location:/sen/Modules/Links_temp/guard_links.php');
}
if (isset($_POST['SUBMIT1'])) {
$id = $_POST['login_id'];
if ($id != $_SESSION['login_id']) {
print "You are only allowed to change your own password";
} else {
$oldpassword = $_POST['opassword'];
$newpassword = $_POST['npassword'];
$renewpassword = $_POST['renpassword'];
if ($newpassword != $renewpassword) {
print "The re-typed and new password do not match";
} else {
$db_handle = Connect_To_Server();
$db_found = Connect_To_DB();
change_password($id, $oldpassword, $newpassword);
Close_To_Server($db_handle);
}
}
}
} else {
$_SESSION['access'] = 0;
session_destroy();
header('location:/sen/Modules/login/login.php');
echo "invalid Login";
}
?>
</HEAD>
<BODY>
<FORM NAME="form1" METHOD="POST" ACTION="change_password.php" >
function start_password_change($connection)
{
if (change_password($connection, $_SESSION['email'], $_POST["InputOldPW"], $_POST["InputPW1"])) {
echo "<script type='text/javascript'>alert('Successfully changed password!');</script>";
header("Location: index.php");
} else {
echo "<script type='text/javascript'>alert('Failed to change password!');</script>";
}
}
* Time: 22:39
* 执行修改密码
* TODO functions to implement:
* change_password(location: user_auth_fns.php)
*/
require_once 'bookmark_fns.php';
session_start();
do_html_header('Changing password');
//create short variable names
$old_password = $_POST['old_password'];
$new_password = $_POST['new_password'];
$new_password2 = $_POST['new_password2'];
try {
check_valid_user();
if (!filled_out($_POST)) {
throw new Exception('You have not filled out the form completely. Please try again.');
}
if ($new_password != $new_password2) {
throw new Exception('Passwords entered were not the same. Not change.');
}
if (strlen($new_password) > 16 || strlen($new_password < 6)) {
throw new Exception('New password must be between 6 and 16 characters. Try again.');
}
//attempt update
change_password($_SESSION['valid_user'], $old_password, $new_password);
echo 'Password changed.';
} catch (Exception $e) {
echo $e->getMessage();
}
display_user_menu();
do_html_footer();
function recover($mode, $email)
{
$mode = sanitize($mode);
$email = sanitize($email);
$user_data = user_data(user_id_email($email), 'user_id', 'firstname', 'password', 'username');
if ($mode == 'username') {
mail($email, 'your username', 'hello ' . $user_data['firstname'] . '\\n\\nyour username is ' . $user_data['username'] . '\\n\\n ~HELP PORTAL KIET', 'From: HELP PORTAL KIET');
} else {
if ($mode = 'password') {
//password is a sha1 hash so take care of it
$generated_password = substr(sha1(rand(999, 999999)), 0, 8);
change_password($user_data['user_id'], $generated_password);
mail($email, 'your username', 'hello ' . $user_data['firstname'] . '\\n\\nyour password is ' . $user_data['password'] . '\\n\\nPlesae change password at first login\\n\\n ~HELP PORTAL KIET', 'From: HELP PORTAL KIET');
}
}
}
}
} else {
header('Location: error.php?msg=No id');
}
} elseif ($op == "password") {
$username = $_SESSION["user"];
$password = $_POST['password'];
$password2 = $_POST['password2'];
$err = "";
if (strlen(trim($password)) > 0) {
if (trim($password) != trim($password2)) {
$err = "The passwords are not equal.";
}
}
if ($err == "") {
$err = change_password($username, $password);
}
if (strlen($err) > 0) {
header('Location: index.php?error=' . $err);
} else {
$_SESSION['password'] = $password;
header('Location: list.php');
}
} elseif ($op == "register") {
$username = $_POST['username'];
$password = $_POST['password'];
$password2 = $_POST['password2'];
$err = "";
if (strlen(trim($password)) > 0) {
if (trim($password) != trim($password2)) {
$err = "The passwords are not equal.";
<td> </td>
<td><input type="submit" name="change" value="' . $p->t('passwort/PasswortAendern') . '" /></td>
</tr>
</table>
</form>';
if (isset($_POST['change'])) {
if (!isset($_POST['passwort_alt']) || !isset($_POST['passwort_neu']) || !isset($_POST['passwort_neu_check'])) {
die('Fehlerhafte Parameteruebergabe');
}
$passwort_alt = $_POST['passwort_alt'];
$passwort_neu = $_POST['passwort_neu'];
$passwort_neu_check = $_POST['passwort_neu_check'];
// Pruefen ob das neue Passwort uebereinstimmt
if ($passwort_neu == $passwort_neu_check) {
// Passwort Policy pruefen
if (($errormsg = check_policy($passwort_neu, $p)) === true) {
// Passwort aendern
if (($msg = change_password($passwort_alt, $passwort_neu, $uid)) === true) {
echo '<span class="ok">' . $p->t('passwort/AenderungOK') . '</span';
} else {
echo '<span class="error">ERR:' . $msg . '</span>';
}
} else {
echo '<span class="error">' . $p->t('passwort/AenderungFehler', array($errormsg)) . '</span';
}
} else {
echo '<span class="error">' . $p->t('passwort/NichtUebereinstimmend') . '</span>';
}
}
echo '</body>
</html>';
require_once 'book_sc_fns.php';
session_start();
do_html_header('Changing password');
check_admin_user();
if (!filled_out($HTTP_POST_VARS)) {
echo 'You have not filled out the form completely.
Please try again.';
do_html_url('admin.php', 'Back to administration menu');
do_html_footer();
exit;
} else {
$new_passwd = $HTTP_POST_VARS['new_passwd'];
$new_passwd2 = $HTTP_POST_VARS['new_passwd2'];
$old_passwd = $HTTP_POST_VARS['old_passwd'];
if ($new_passwd != $new_passwd2) {
echo 'Passwords entered were not the same. Not changed.';
} else {
if (strlen($new_passwd) > 16 || strlen($new_passwd) < 6) {
echo 'New password must be between 6 and 16 characters. Try again.';
} else {
// attempt update
if (change_password($HTTP_SESSION_VARS['admin_user'], $old_passwd, $new_passwd)) {
echo 'Password changed.';
} else {
echo 'Password could not be changed.';
}
}
}
}
do_html_url('admin.php', 'Back to administration menu');
do_html_footer();
<?php
//session_start();
do_html_header('Changing password');
check_admin_user();
if (!filled_out($_POST)) {
echo 'You have not filled out the form completely.
Please try again.';
do_html_url(baseurl() . 'cart/admin', 'Back to administration menu');
exit;
} else {
$new_passwd = $_POST['new_passwd'];
$new_passwd2 = $_POST['new_passwd2'];
$old_passwd = $_POST['old_passwd'];
if ($new_passwd != $new_passwd2) {
echo 'Passwords entered were not the same. Not changed.';
} else {
if (strlen($new_passwd) > 16 || strlen($new_passwd) < 6) {
echo 'New password must be between 6 and 16 characters. Try again.';
} else {
// attempt update
if (change_password($_SESSION['admin_user'], $old_passwd, $new_passwd)) {
echo 'Password changed.';
} else {
echo 'Password could not be changed.';
}
}
}
}
do_html_url(baseurl() . 'cart/admin', 'Back to administration menu');
