function Init()
{
LoadConfig();
LoadUsers();
LoadEntries();
LoadThemes();
LoadAssets();
InitStream();
GetNextJamDateAndTime();
}
function EditUserPassword($username, $newPassword1, $newPassword2)
{
global $users, $dbConn;
//Authorize user (is admin)
if (IsAdmin() === false) {
die("Only admins can edit entries.");
}
$newPassword1 = trim($newPassword1);
$newPassword2 = trim($newPassword2);
if ($newPassword1 != $newPassword2) {
die("passwords don't match");
}
$password = $newPassword1;
//Check password length
if (strlen($password) < 8) {
die("password must be longer than 8 characters");
}
//Check that the user exists
if (!isset($users[$username])) {
die("User does not exist");
return;
}
//Generate new salt, number of iterations and hashed password.
$newUserSalt = GenerateSalt();
$newUserPasswordIterations = intval(rand(10000, 20000));
$newPasswordHash = HashPassword($password, $newUserSalt, $newUserPasswordIterations);
$users[$loggedInUser["username"]]["salt"] = $newUserSalt;
$users[$loggedInUser["username"]]["password_hash"] = $newPasswordHash;
$users[$loggedInUser["username"]]["password_iterations"] = $newUserPasswordIterations;
$newUserSaltClean = mysqli_real_escape_string($dbConn, $newUserSalt);
$newPasswordHashClean = mysqli_real_escape_string($dbConn, $newPasswordHash);
$newUserPasswordIterationsClean = mysqli_real_escape_string($dbConn, $newUserPasswordIterations);
$usernameClean = mysqli_real_escape_string($dbConn, $username);
$sql = "\t\n\t\tUPDATE user\n\t\tSET\n\t\tuser_password_salt = '{$newUserSaltClean}',\n\t\tuser_password_iterations = '{$newUserPasswordIterationsClean}',\n\t\tuser_password_hash = '{$newPasswordHashClean}'\n\t\tWHERE user_username = '******';\n\t";
$data = mysqli_query($dbConn, $sql);
$sql = "";
LoadUsers();
$loggedInUser = IsLoggedIn(TRUE);
}
