<?php if (isset($_POST['submit'])) { $password1 = null; $password2 = null; if (isset($_POST['password1']) && isset($_POST['password2'])) { $password1 = $_POST['password1']; $password2 = $_POST['password2']; } $username = $_POST['username']; $newPassword = $password1; if ($username == '') { echo 'Please specify a username\\n'; } meetsPasswordLength($password1, true); passwordsMatch($password1, $password2, true); if (meetsPasswordLength($password1, false) && passwordsMatch($password1, $password2, false) && $username !== '') { $hash = password_hash($newPassword, PASSWORD_DEFAULT); $query = "UPDATE users SET hash = :hash WHERE username LIKE :username"; $result = getDB()->prepare($query); $result->bindParam(':hash', $hash); $result->bindParam(':username', $username); $result->execute(); echo 'Password for ' . $username . ' changed'; } } ?> </body> </html>
$newPassword = $_POST['newPassword']; $userLevel = $_POST['userLevel']; // Administrator or regular user if (userExists($newName)) { // If username exists, prompt error echo 'User already exists; please specify a different username'; return; } else { // If username entered is empty, prompt error if (strlen(trim($newName)) == 0) { echo 'Please specify a username'; return; } } // Perform password add; check requirements; only checks password length if (meetsPasswordLength($newPassword, true)) { $hash = password_hash($newPassword, PASSWORD_DEFAULT); $query = "INSERT INTO users (username, hash, groups) values (:newName, :hash, :userLevel)"; $result = getDB()->prepare($query); $result->bindParam(':newName', $newName); $result->bindParam(':hash', $hash); $result->bindParam(':userLevel', $userLevel); $result->execute(); printSuccess('User ' . $newName . ' added to database'); } } // Navigation link action controller navPOST(); ?> </div>