Example #1
0
function dldc_update_profile(DLDC_User $user, $password)
{
    $data = array('email' => trim(Common::getPostString('email')), 'firstname' => trim(Common::getPostString('firstname')), 'lastname' => trim(Common::getPostString('lastname')));
    if (!empty($password)) {
        if (!DLDC_User::login(dldc_username(), Common::getPostString('password_old'))) {
            return dldc_error('You have to supply your current password to change it.');
        }
        if ($password !== Common::getPostString('password_retype')) {
            return dldc_error('You have to retype your new password correctly.');
        }
        $data['password'] = DLDC_User::hashPassword($password);
        dldc_message('Your password has been changed!');
    }
    $user->saveVars($data);
    dldc_message('Information has been saved.');
}
Example #2
0
function dldc_reqister($username, $password, $email, $firstname, $lastname)
{
    if (!dldc_is_valid_username($username)) {
        dldc_error('Invalid username. Start with a letter and then add 2-23 digits, letters or underscores.');
    } elseif (!dldc_is_valid_password($password)) {
        dldc_error('Your password is not secure enough for this service.');
    } elseif ($password !== Common::getPostString('password_retype')) {
        dldc_error('You have to confirm your password by retyping it.');
    } elseif (empty($email)) {
        dldc_error('Please fill in an email address.');
    } else {
        dldc_cleanup();
        # DELETE YOUR OLD "PLAYER"!
        if (!DLDC_User::create($username, $password, $email, $firstname, $lastname)) {
            dldc_error('An error occured!');
        } else {
            dldc_message('You have been successfully registered!');
        }
    }
}
Example #3
0
<?php

require 'config.php';
dldc_session_start();
require 'header.php';
if (!dldc_is_admin()) {
    dldc_error('Permission denied!');
} else {
    ?>
<h1>Admin Panel</h1>
<p>Due to a security investigation, the admin panel is currently disabled.</p> 
<?php 
}
require 'footer.php';
Example #4
0
require 'config.php';
dldc_session_start();
require 'header.php';
if (isset($_GET['logout'])) {
    dldc_logout();
    dldc_message("You are now logged out and all your traces have been wiped from your session.");
}
if (isset($_GET['login'])) {
    $username = trim(Common::getGetString('username'));
    if (!strcasecmp($username, 'administrator')) {
        # Prevent bruteforcing here, password has to be entered in challenge index.php
        dldc_error("The administrator account got disabled for security reasons.");
    } elseif (dldc_login($username, Common::getGetString('password'))) {
        dldc_message("Welcome back {$username}, you are now authenticated with the service.");
    } else {
        dldc_error("Wrong username or password.");
    }
}
if (dldc_is_logged_in()) {
    ?>
<h1>Hello <?php 
    echo dldc_username();
    ?>
!</h1>
<p>You edit your profile here: <a class="button" href="profile.php">edit profile</a></p>
<p>You can use this button to logout: <a class="button" href="login.php?logout=now">logout</a></p>
<?php 
} else {
    ?>
<h1>Nice to meet you!</h1>
<div>