Esempio n. 1
0
function dldc_update_profile(DLDC_User $user, $password)
{
    $data = array('email' => trim(Common::getPostString('email')), 'firstname' => trim(Common::getPostString('firstname')), 'lastname' => trim(Common::getPostString('lastname')));
    if (!empty($password)) {
        if (!DLDC_User::login(dldc_username(), Common::getPostString('password_old'))) {
            return dldc_error('You have to supply your current password to change it.');
        }
        if ($password !== Common::getPostString('password_retype')) {
            return dldc_error('You have to retype your new password correctly.');
        }
        $data['password'] = DLDC_User::hashPassword($password);
        dldc_message('Your password has been changed!');
    }
    $user->saveVars($data);
    dldc_message('Information has been saved.');
}
Esempio n. 2
0
}
if (isset($_GET['login'])) {
    $username = trim(Common::getGetString('username'));
    if (!strcasecmp($username, 'administrator')) {
        # Prevent bruteforcing here, password has to be entered in challenge index.php
        dldc_error("The administrator account got disabled for security reasons.");
    } elseif (dldc_login($username, Common::getGetString('password'))) {
        dldc_message("Welcome back {$username}, you are now authenticated with the service.");
    } else {
        dldc_error("Wrong username or password.");
    }
}
if (dldc_is_logged_in()) {
    ?>
<h1>Hello <?php 
    echo dldc_username();
    ?>
!</h1>
<p>You edit your profile here: <a class="button" href="profile.php">edit profile</a></p>
<p>You can use this button to logout: <a class="button" href="login.php?logout=now">logout</a></p>
<?php 
} else {
    ?>
<h1>Nice to meet you!</h1>
<div>
<form>
<table>
<tr><td>Username</td><td><input type="text" name="username" /></td></tr>
<tr><td>Password</td><td><input type="password" name="password" /></td></tr>
<tr><td colspan="2"><input type="submit" name="login" value="login" /></td></tr>
</table>