return TRUE;
}
}
if ($submit) {
if ($email && $password && $repassword) {
if (checkEmail($email)) {
if ($password == $repassword) {
$r1 = '/[A-Z]/';
//Uppercase
$r2 = '/[a-z]/';
//lowercase
$r3 = '/[!@#$%^&*()\\-_=+{};:,<.>]/';
// whatever you mean by 'special char'
$r4 = '/[0-9]/';
//numbers
if (valid_pass($password) == FALSE) {
$notice[] = 'Password entered is invalid! Please enter a new password.';
} else {
$password = md5($password);
$connect = mysql_connect("locahost", "root", "secret");
mysql_select_db("iicssched");
mysql_query("INSERT INTO tbl_user VALUES('','{$email}','{$password}',1,3);");
header('Location: scheduler.php');
}
} else {
$notice[] = 'Passwords do not match! Please retype your password.';
}
} else {
$notice[] = 'Email is existing! Please try again';
}
} else {
function set_new_nickname()
{
global $C, $I, $U, $db;
if (!isset($_REQUEST['new_pass']) || !valid_pass($_REQUEST['new_pass'])) {
send_profile(sprintf($I['nopass'], get_setting('minpass')));
}
if (!valid_nick($_REQUEST['newnickname'])) {
send_profile(sprintf($I['invalnick'], get_setting('maxname')));
}
$U['passhash'] = md5(sha1(md5($_REQUEST['newnickname'] . $_REQUEST['new_pass'])));
$stmt = $db->prepare("SELECT id FROM {$C['prefix']}sessions WHERE nickname=? UNION SELECT id FROM {$C['prefix']}members WHERE nickname=?;");
$stmt->execute(array($_REQUEST['newnickname'], $_REQUEST['newnickname']));
if ($stmt->fetch(PDO::FETCH_NUM)) {
send_profile($I['nicknametaken']);
} else {
if ($U['status'] > 1) {
$entry = 0;
} else {
$entry = $U['entry'];
}
$stmt = $db->prepare("UPDATE {$C['prefix']}members SET nickname=?, passhash=? WHERE nickname=?;");
$stmt->execute(array($_REQUEST['newnickname'], $U['passhash'], $U['nickname']));
$stmt = $db->prepare("UPDATE {$C['prefix']}sessions SET nickname=?, passhash=? WHERE nickname=?;");
$stmt->execute(array($_REQUEST['newnickname'], $U['passhash'], $U['nickname']));
$stmt = $db->prepare("UPDATE {$C['prefix']}messages SET poster=? WHERE poster=? AND postdate>?;");
$stmt->execute(array($_REQUEST['newnickname'], $U['nickname'], $entry));
$stmt = $db->prepare("UPDATE {$C['prefix']}messages SET recipient=? WHERE recipient=? AND postdate>?;");
$stmt->execute(array($_REQUEST['newnickname'], $U['nickname'], $entry));
$stmt = $db->prepare("UPDATE {$C['prefix']}ignored SET ignby=? WHERE ignby=?;");
$stmt->execute(array($_REQUEST['newnickname'], $U['nickname']));
$stmt = $db->prepare("UPDATE {$C['prefix']}ignored SET ign=? WHERE ign=?;");
$stmt->execute(array($_REQUEST['newnickname'], $U['nickname']));
$U['nickname'] = $_REQUEST['newnickname'];
}
}
function reg()
{
$this->load->helper('form');
$this->load->library('form_validation');
$rules = array(array('field' => 'fname', 'label' => 'Firstname', 'rules' => 'required'), array('field' => 'lname', 'label' => 'Lastname', 'rules' => 'required'), array('field' => 'mname', 'label' => 'Middlename', 'rules' => 'required'), array('field' => 'username', 'label' => 'Username', 'rules' => 'required'), array('field' => 'password', 'label' => 'Password', 'rules' => 'required'));
$this->form_validation->set_rules($rules);
if ($this->form_validation->run() === FALSE) {
$d['error'] = '';
$this->load->view('user/register', $d);
} else {
$username = $this->input->post('username');
$this->db->where('username', $username);
$count = $this->db->count_all_results('users');
if ($count > 0) {
$this->load->helper('string');
$ar = $this->db->get('users')->result_array();
$data = array();
foreach ($ar as $user) {
$data[] = $user['username'];
}
$suggest = increment_exists($username, $data);
$d['error'] = '<div class="alert alert-danger text-center">
Username is already taken <br/>
Recommended username: '******'</div>';
$this->load->view('user/register', $d);
} else {
$password = $this->input->post('password');
$con_pass = $this->input->post('con_pass');
// TODO: check for a strong password
if (valid_pass($password)) {
if ($password == $con_pass) {
$config['upload_path'] = './assets/uploads/';
// check if the attachment belongs to image
$config['allowed_types'] = 'jpg|png|jpeg';
$config['max_size'] = 2048;
$config['encrypt_name'] = TRUE;
$this->load->library('upload', $config);
if ($this->upload->do_upload()) {
$data['pic'] = $this->upload->data('file_name');
$data['fname'] = ucwords($this->input->post('fname'));
$data['lname'] = ucwords($this->input->post('lname'));
$data['mname'] = ucwords($this->input->post('mname'));
$data['email'] = $this->input->post('email');
$data['bday'] = $this->input->post('bday');
$data['contact'] = $this->input->post('contact');
$data['username'] = $username;
$data['password'] = md5($password);
$data['address'] = $this->input->post('address');
$data['gender'] = $this->input->post('gender');
$data['question'] = $this->input->post('secret_q');
$data['answer'] = $this->input->post('answer_q');
$this->db->insert('users', $data);
$this->session->set_flashdata('message', alert('Successfully registered', 'success'));
redirect('/register');
} else {
$d['error'] = alert($this->upload->display_errors());
$this->load->view('user/register', $d);
}
} else {
$d['error'] = alert('Please confirm your password');
$this->load->view('user/register', $d);
}
} else {
$d['error'] = '<div class="alert alert-danger">Password must have at
least one capital letter a small letter a number and special character</div>';
$this->load->view('user/register', $d);
}
}
}
}
$salt = "thispasswordcannotbehacked";
$oldpass = hash('sha256', $salt . $oldpass);
if ($oldpass == $row['pass']) {
$olderr = "";
} else {
$olderr = "Your password doesnot match your previous password.";
}
if (isset($_POST['email']) && isset($_POST['pass']) && isset($_POST['repass'])) {
$pass = $_POST['pass'];
$repass = $_POST['repass'];
if ($pass == $repass) {
$matcherr = "";
} else {
$matcherr = "Passwords do not match. Please try again";
}
if (valid_pass($pass)) {
$passerr = "";
} else {
$passerr = "Password is not valid. ";
}
if ($passerr == "") {
$salt = "thispasswordcannotbehacked";
$pass = hash('sha256', $salt . $pass);
$query1 = "update login set pass = '******' where email = '" . $_SESSION['email'] . "'";
$q1 = mysqli_query($con, $query1) or die(mysqli_error($con));
$success = "Your changes have been saved";
}
}
}
?>
<!-- Main -->
array_push($error_messages, "Passwords Do Not Meet Requirement");
} else {
$update = generateCAPassword($newCAPassword);
}
}
}
if (isset($_POST['newLANPassword1']) and isset($_POST['newLANPassword2'])) {
$update = false;
if (strcmp($_POST['newLANPassword1'], $_POST['newLANPassword2']) !== 0) {
$newLANPassword = false;
logToSyslog("LANPasswords were set, and not match");
array_push($error_messages, "Passwords Do Not Match");
$dirtyBit = true;
} else {
$newLANPassword = $_POST['newLANPassword1'];
if (!valid_pass($newLANPassword)) {
$dirtyBit = true;
logToSyslog("Password did not match Requirement");
array_push($error_messages, "Passwords Do Not Meet Requirement");
} else {
$update = generateLANPassword($newLANPassword);
}
}
}
if (isset($_POST['uid']) and isset($_POST['_domain']) and isset($_POST['currentPassword'])) {
$domain = trim(str_replace(array('?', '+', 'string:'), '', $_POST['_domain']));
$email = $_POST['uid'] . $domain;
$baseDn = "dc=iiit,dc=ac,dc=in";
if (strcmp($domain, "") === 0) {
$filter = '(mailForwardingAddress=' . $email . ')';
} else {
function all_users($id = '')
{
$this->load->helper('form');
$this->load->library('form_validation');
// set all rules
$rules = array(array('field' => 'fname', 'label' => 'Firstname', 'rules' => 'required'), array('field' => 'lname', 'label' => 'Lastname', 'rules' => 'required'), array('field' => 'mname', 'label' => 'Middlename', 'rules' => 'required'), array('field' => 'office', 'label' => 'Office', 'rules' => 'required'), array('field' => 'contact', 'label' => 'Contact Number', 'rules' => 'required'));
$this->form_validation->set_rules($rules);
if ($this->form_validation->run() === FALSE) {
if (empty($id)) {
$d['error'] = '';
$d['id'] = '';
$d['fname'] = set_value('fname');
$d['lname'] = set_value('lname');
$d['mname'] = set_value('mname');
$d['office'] = set_value('office');
$d['contact'] = set_value('contact');
} else {
// @todo: ask if the username and password is neccessary in
// edit user
$this->db->where('id', $id);
$u = $this->db->get('users')->row_array();
$d['fname'] = $u['fname'];
$d['lname'] = $u['lname'];
$d['mname'] = $u['mname'];
$d['office'] = $u['office'];
$d['contact'] = $u['contact'];
$d['id'] = $id;
$d['error'] = '';
}
$this->load->view('admin/all_users', $d);
} else {
if (empty($id)) {
// check if the length is 11
$contact = $this->input->post('contact');
if (strlen($contact) == 11) {
$password = $this->input->post('password');
$con_pass = $this->input->post('con_pass');
// check for strong password
if (valid_pass($password)) {
// does it match the password and confirm password
if ($password == $con_pass) {
$username = $this->input->post('username');
// check if the username already exists
$this->db->where('username', $username);
$c = $this->db->count_all_results('users');
if ($c > 0) {
// if it exists recommend a username
$this->load->helper('string');
$ar = $this->db->get('users')->result_array();
$data1 = array();
foreach ($ar as $user) {
$data1[] = $user['username'];
}
$suggest = increment_exists($username, $data1);
$d['error'] = '<div class="alert alert-danger text-center">
Username is already taken <br/>
Recommended username: '******'</div>';
$d['id'] = '';
$d['fname'] = set_value('fname');
$d['lname'] = set_value('lname');
$d['mname'] = set_value('mname');
$d['office'] = set_value('office');
$d['contact'] = set_value('contact');
$this->load->view('admin/all_users', $d);
} else {
// after all the validation insert it to table
$data['fname'] = ucwords($this->input->post('fname'));
$data['lname'] = ucwords($this->input->post('lname'));
$data['mname'] = ucwords($this->input->post('mname'));
$data['office'] = ucwords($this->input->post('office'));
$data['type'] = 'ngo';
$data['contact'] = $contact;
$data['username'] = $this->input->post('username');
$data['password'] = md5($password);
$this->db->insert('users', $data);
redirect('/users');
}
} else {
$d['error'] = alert('Please Confirm Password');
$d['id'] = '';
$d['fname'] = set_value('fname');
$d['lname'] = set_value('lname');
$d['mname'] = set_value('mname');
$d['office'] = set_value('office');
$d['contact'] = set_value('contact');
$this->load->view('admin/all_users', $d);
}
} else {
$d['error'] = alert('Password must have at
least one capital letter a small letter a number and special character');
$d['id'] = '';
$d['fname'] = set_value('fname');
$d['lname'] = set_value('lname');
$d['mname'] = set_value('mname');
$d['office'] = set_value('office');
$d['contact'] = set_value('contact');
$this->load->view('admin/all_users', $d);
}
} else {
$d['error'] = alert('Invalid Contact Number');
$d['id'] = '';
$d['fname'] = set_value('fname');
$d['lname'] = set_value('lname');
$d['mname'] = set_value('mname');
$d['office'] = set_value('office');
$d['contact'] = set_value('contact');
$this->load->view('admin/all_users', $d);
}
} else {
$data['fname'] = $this->input->post('fname');
$data['lname'] = $this->input->post('lname');
$data['mname'] = $this->input->post('mname');
$data['office'] = $this->input->post('office');
$data['contact'] = $this->input->post('contact');
$this->db->where('id', $id);
$this->db->update('users', $data);
$this->session->set_flashdata('message', alert('Successfully edited', 'success'));
redirect('/users');
}
}
}
<div id="right_panel">
<div id="main_heading">Change user password</div><?php
if ($user) {
if (isset($_POST['submit'])) {
$oldpassword = md5($_POST['oldpassword']);
$newpassword = $_POST['newpassword'];
$repeatnewpassword = $_POST['repeatnewpassword'];
$queryget = mysql_query("SELECT user_password FROM sys_users WHERE user_id = '{$user}'") or die("Query didn't work");
$row = mysql_fetch_assoc($queryget);
$oldpassworddb = $row['user_password'];
//check password
if ($oldpassword == $oldpassworddb) {
//check two new passwords
if ($newpassword == $repeatnewpassword) {
//check password complexity
if (!valid_pass($newpassword)) {
echo "<div id='pm' title='Passwords'>\n";
echo "Password must be at least 8 characters, contain at least 1 small letter , number , Capital letters & sepecial characters";
echo "</div>\n";
} else {
//Success
//Encrypt password
$newpassword = md5($newpassword);
$repeatnewpassword = md5($repeatnewpassword);
//change password in db
$querychange = mysql_query("UPDATE sys_users SET user_password = '******' WHERE user_id = '{$user}'");
//session_destroy();
//include ('../includes/popup_password.php');
echo "Passowrd changed successfully!";
}
} else {