function Init() { LoadConfig(); LoadUsers(); LoadEntries(); LoadThemes(); LoadAssets(); InitStream(); GetNextJamDateAndTime(); }
function EditUserPassword($username, $newPassword1, $newPassword2) { global $users, $dbConn; //Authorize user (is admin) if (IsAdmin() === false) { die("Only admins can edit entries."); } $newPassword1 = trim($newPassword1); $newPassword2 = trim($newPassword2); if ($newPassword1 != $newPassword2) { die("passwords don't match"); } $password = $newPassword1; //Check password length if (strlen($password) < 8) { die("password must be longer than 8 characters"); } //Check that the user exists if (!isset($users[$username])) { die("User does not exist"); return; } //Generate new salt, number of iterations and hashed password. $newUserSalt = GenerateSalt(); $newUserPasswordIterations = intval(rand(10000, 20000)); $newPasswordHash = HashPassword($password, $newUserSalt, $newUserPasswordIterations); $users[$loggedInUser["username"]]["salt"] = $newUserSalt; $users[$loggedInUser["username"]]["password_hash"] = $newPasswordHash; $users[$loggedInUser["username"]]["password_iterations"] = $newUserPasswordIterations; $newUserSaltClean = mysqli_real_escape_string($dbConn, $newUserSalt); $newPasswordHashClean = mysqli_real_escape_string($dbConn, $newPasswordHash); $newUserPasswordIterationsClean = mysqli_real_escape_string($dbConn, $newUserPasswordIterations); $usernameClean = mysqli_real_escape_string($dbConn, $username); $sql = "\t\n\t\tUPDATE user\n\t\tSET\n\t\tuser_password_salt = '{$newUserSaltClean}',\n\t\tuser_password_iterations = '{$newUserPasswordIterationsClean}',\n\t\tuser_password_hash = '{$newPasswordHashClean}'\n\t\tWHERE user_username = '******';\n\t"; $data = mysqli_query($dbConn, $sql); $sql = ""; LoadUsers(); $loggedInUser = IsLoggedIn(TRUE); }