if (is_file("../lib/sql/drivers/{$config['sql_type']}/functions.php")) { include_once "../lib/sql/drivers/{$config['sql_type']}/functions.php"; } else { echo "<b>Could not include SQL library</b><br>\n"; exit; } if ($action == 'checkpass') { $link = @da_sql_pconnect($config); if ($link) { $res = @da_sql_query($link, $config, "SELECT attribute,value FROM {$config['sql_check_table']} WHERE username = '******'\n\t\t\tAND attribute = '{$config['sql_password_attribute']}';"); if ($res) { $row = @da_sql_fetch_array($res, $config); if (is_file("../lib/crypt/{$config['general_encryption_method']}.php")) { include "../lib/crypt/{$config['general_encryption_method']}.php"; $enc_passwd = $row[value]; $passwd = da_encrypt($passwd, $enc_passwd); if ($passwd == $enc_passwd) { $msg = '<font color=blue><b>YES It is that</b></font>'; } else { $msg = '<font color=red><b>NO It is wrong</b></font>'; } } else { echo "<b>Could not open encryption library file</b><br>\n"; } } } echo "<tr><td colspan=3 align=center>{$msg}</td></tr>\n"; } ?> </form>
exit; } if ($config[sql_use_operators] == 'true') { $text1 = ',op'; $text2 = ",':='"; $text3 = ", op = ':='"; } else { $text1 = ''; $text2 = ''; $text3 = ''; } $link = @da_sql_pconnect($config); if ($link) { if (is_file("../lib/crypt/{$config['general_encryption_method']}.php")) { include "../lib/crypt/{$config['general_encryption_method']}.php"; $passwd = da_encrypt($passwd); $passwd = da_sql_escape_string($passwd); $res = @da_sql_query($link, $config, "SELECT value FROM {$config['sql_check_table']} WHERE username = '******'\n\t\t\tAND attribute = '{$config['sql_password_attribute']}';"); if ($res) { $row = @da_sql_fetch_array($res, $config); if ($row) { $res = @da_sql_query($link, $config, "UPDATE {$config['sql_check_table']} SET value = '{$passwd}' {$text3} WHERE\n\t\t\t\tattribute = '{$config['sql_password_attribute']}' AND username = '******';"); if (!$res || !@da_sql_affected_rows($link, $res, $config)) { echo "<b>Error while changing password: "******"</b><br>\n"; } } else { $res = @da_sql_query($link, $config, "INSERT INTO {$config['sql_check_table']} (attribute,value,username {$text1})\n\t\t\t\t\tVALUES ('{$config['sql_password_attribute']}','{$passwd}','{$login}' {$text2});"); if (!$res || !@da_sql_affected_rows($link, $res, $config)) { echo "<b>Error while changing password: "******"</b><br>\n"; } }