Exemple #1
0
<?php 
if (isset($_POST['submit'])) {
    $password1 = null;
    $password2 = null;
    if (isset($_POST['password1']) && isset($_POST['password2'])) {
        $password1 = $_POST['password1'];
        $password2 = $_POST['password2'];
    }
    $username = $_POST['username'];
    $newPassword = $password1;
    if ($username == '') {
        echo 'Please specify a username\\n';
    }
    meetsPasswordLength($password1, true);
    passwordsMatch($password1, $password2, true);
    if (meetsPasswordLength($password1, false) && passwordsMatch($password1, $password2, false) && $username !== '') {
        $hash = password_hash($newPassword, PASSWORD_DEFAULT);
        $query = "UPDATE users SET hash = :hash WHERE username LIKE :username";
        $result = getDB()->prepare($query);
        $result->bindParam(':hash', $hash);
        $result->bindParam(':username', $username);
        $result->execute();
        echo 'Password for ' . $username . ' changed';
    }
}
?>
</body>
</html>


Exemple #2
0
    $newPassword = $_POST['newPassword'];
    $userLevel = $_POST['userLevel'];
    // Administrator or regular user
    if (userExists($newName)) {
        // If username exists, prompt error
        echo 'User already exists; please specify a different username';
        return;
    } else {
        // If username entered is empty, prompt error
        if (strlen(trim($newName)) == 0) {
            echo 'Please specify a username';
            return;
        }
    }
    // Perform password add; check requirements; only checks password length
    if (meetsPasswordLength($newPassword, true)) {
        $hash = password_hash($newPassword, PASSWORD_DEFAULT);
        $query = "INSERT INTO users (username, hash, groups) values (:newName, :hash, :userLevel)";
        $result = getDB()->prepare($query);
        $result->bindParam(':newName', $newName);
        $result->bindParam(':hash', $hash);
        $result->bindParam(':userLevel', $userLevel);
        $result->execute();
        printSuccess('User ' . $newName . ' added to database');
    }
}
// Navigation link action controller
navPOST();
?>

</div>