function PasswordEncrypt($a)
{
return ourcrypt($a);
}
switch ($mode) {
default:
Page::Redirect('dash?nosuchform');
break;
case 1:
if (!Session::logged_in()) {
Page::Redirect('login');
}
global $auth;
$old = AJAX::Value($ajax, 'changeMyPassword', 'password', 'old');
$change = AJAX::Value($ajax, 'changeMyPassword', 'password', 'new');
$repeat = AJAX::Value($ajax, 'changeMyPassword', 'password', 'confirm');
if (strlen($auth['password']) === 0 || Auth::PasswordMatches(ourcrypt($old), $auth['password'])) {
if (matches($change, $repeat, TRUE)) {
global $auth_model;
$auth_model->Update(array('password' => ourcrypt($change), 'password_expiry' => strtotime('+1 year')), array('ID' => $auth['ID']));
echo js('Notifier.success("Password changed!");');
die;
} else {
echo js('Notifier.error("Passwords did not match.");');
die;
}
} else {
echo js('Notifier.error("You got your password wrong.","Logging you out.");
setTimeout( function() { window.location="logout"; }, 2000 );');
die;
}
break;
}
}
// end switch
<?php
//global $plog_level; $plog_level=1;
include 'core/Page.php';
plog('File: ' . __FILE__);
global $session_model, $auth_model, $auth;
$getpost = getpost();
if (!(isset($getpost['username']) && isset($getpost['password']))) {
Page::Redirect("login?m=1");
}
$auth = $auth_model->byUsername($getpost['username']);
plog('$getpost: ' . vars($getpost));
plog('$auth: ' . vars($auth));
if (!is_array($auth)) {
Page::Redirect("login?m=2");
}
if (strlen($auth['password']) == 0 || matches(ourcrypt($getpost['password']), $auth['password'])) {
plog('Password matched! User has authenticated.');
if (Auth::ACL('locked')) {
plog('Account is locked, logging user ' . $auth['ID'] . ' off.');
$session_model->Logout();
Page::Redirect("login?m=4");
die;
}
$session_model->Create($auth['ID']);
Page::Redirect("dash");
} else {
Page::Redirect("login?m=1");
}
