function Password($nick, $passw) { if (PasswordCheck($nick, $passw)) { return true; } else { exit("pasword doest not match"); } }
if (strlen($value) < 4) { $error_detected[] = _T("- The username must be composed of at least 4 characters!"); } else { //check if login is already taken $requete = "SELECT id_adh FROM " . PREFIX_DB . "adherents WHERE login_adh=" . $DB->qstr($value, get_magic_quotes_gpc()); if (isset($adherent['id_adh']) && $adherent['id_adh'] != '') { $requete .= " AND id_adh!=" . $DB->qstr($adherent['id_adh'], get_magic_quotes_gpc()); } $result =& $DB->Execute($requete); if (!$result->EOF || $value == PREF_ADMIN_LOGIN) { $error_detected[] = _T("- This username is already used by another member !"); } } break; case 'mdp_adh': if (!PasswordCheck($_POST["mdp_adh"], $_POST["mdp_crypt"])) { $error_detected[] = _T("Password misrepeated: "); } elseif (strlen($value) < 4) { $error_detected[] = _T("- The password must be of at least 4 characters!"); } else { // md5sum du mot de passe // On garde le mot en clair pour le mail et le template $adherent['mdp_adh_plain'] = $adherent['mdp_adh']; $adherent['mdp_adh'] = md5($adherent['mdp_adh']); $value = $adherent["mdp_adh"]; break; } // dates already quoted if ($key == 'date_crea_adh' || $key == 'ddn_adh') { if ($value == '') { $value = 'null';
</div> <div id="slideshow"> <div id="container" style="color:#ccc;background-image: url(/image/1.jpg);background-size:100%;"> <center><h1 style="color:#ccc;">Change Password</h1> <form action="" method="POST"> <input type="password" name="old" placeholder="Old password"> <input type="password" name="new" placeholder="New password"> <input type="password" name="confnew" placeholder="Confirm new password"> <p></p> <center><input type="submit" value="Change Password" name="submit" id="Button" /></center> </form></center> <?php if (isset($_POST["submit"])) { $oldpassword = PasswordCheck($_POST['old']); $newpassword = PasswordCheck($_POST['new']); $confirmpassword = PasswordCheck($_POST['confnew']); if (!empty($oldpassword) && !empty($newpassword) && !empty($confirmpassword)) { $result = mysql_query("SELECT *from members WHERE user='******'"); $name = $row = mysql_fetch_array($result); $ramdom = $name['nitid']; $email = $name['email']; $oldpass = md5(md5(md5($oldpassword . $PasswordEncryptText1 . $ramdom) . $PasswordEncryptText2) . $PasswordEncryptText3); $new = md5(md5(md5($newpassword . $PasswordEncryptText1 . $ramdom) . $PasswordEncryptText2) . $PasswordEncryptText3); if ($name['pass'] == $oldpass) { if ($newpassword == $confirmpassword) { mysql_query("UPDATE members set pass='******' WHERE user='******'"); if (mail($email, $websitename . " - Password Changed", "Your password has been changed.\n \n New password: "******"\n \n If wasn't you please contact the administrator.")) { echo '<h3>Password changed</h3>'; unset($_SESSION['sess_user']); unset($_SESSION["pages"]); unset($_SESSION["number"]);
<form action="" method="POST"> <h1>Login</h1> <input type="text" name="user" placeholder="Username"> <input type="password" name="pass" placeholder="•••••••"> <p></p> <center><input type="submit" value="Login" name="submit" id="Button" /></center> </form> </center> </div> </div> </body> </html> <?php if (isset($_POST["submit"])) { $user = SecurityCheck($_POST['user']); $password = PasswordCheck($_POST['pass']); $query = mysql_query("SELECT * FROM members WHERE user='******'"); $numrows = mysql_num_rows($query); if ($user == "fd87yr6t3rwhuifsdho8yu3r" || $password == "fd87yr6t3rwhuifsdho8yu3r") { $SQLinjectDetection = 1; } else { $SQLinjectDetection = 0; } if ($SQLinjectDetection == 0) { if ($numrows != 0) { $name = $row = mysql_fetch_array($query); $ramdom = $name['nitid']; $md5pass = md5(md5(md5($password . $PasswordEncryptText1 . $ramdom) . $PasswordEncryptText2) . $PasswordEncryptText3); $removeme = $password + $ramdom; if (!empty($user) && !empty($password)) { $query = mysql_query("SELECT * FROM members WHERE user='******' AND pass='******' AND nitid='" . $ramdom . "'");
<?php include 'common.php'; $path = "users/{$nick}.txt"; if (!$nick) { exit("wrong params"); } if ($login) { Password($nick, $passw); exit(Success); } if ($registr) { if (!$nick || !$passw || !$xml) { exit("wrong params"); } if (PasswordCheck($nick, $passw)) { exit(Success); } $filetext = file_get_contents("users.txt"); if ($filetext) { $stringArray = explode("\r\n", $filetext); for ($i = 0; $i < count($stringArray); $i++) { $row = explode("\t", $stringArray[$i]); if ($row[0] == $nick) { exit("User Already Exists"); } } } // if(file_exists("ips.txt")) // { // $d = date("d", filemtime("ips.txt"));
function AttemptLogin($username, $password) { $found_admin = FindAdminByUsername($username); if ($found_admin) { if (PasswordCheck($password, $found_admin["hashed_password"])) { return $found_admin; } else { return false; } } else { return false; } }
$isCreator = false; //Get even data $EventData = GetEventData($conn, $event); $eventName = $EventData["Name"]; $eventTracks = $EventData["Tracks"]; $creatorID = $EventData["CreatorUserID"]; //Load "creator options" if userID matches if ($userID === $creatorID) { $isCreator = true; } //Die if eventname and tracks don't exist if ($eventName == '' && $eventTracks == 0) { die(include 'php/views/notfound.php'); } //Check for password PasswordCheck($conn, $event, $pwd, "event"); ////////////////////////////////////////////////// // Get tracks and runners with specified format // ////////////////////////////////////////////////// $runnerDataHTML = ""; $Tracks = []; foreach (GetTrackData($conn, $event) as $track) { if ($track["Name"] != "notracks") { $Anmalda = "<div id='Track-" . $track["TrackID"] . "'><h3>" . $track["Name"] . "</h3><ul class='list-group'>"; } else { $Anmalda = "<div id='Track-" . $track["TrackID"] . "'><ul class='list-group'>"; } //Get all runners for specified track $getRunners = GetRunnerData($conn, $event, $track["TrackID"]); $runnerCount = 0; foreach ($getRunners as $key => $runner) {