Esempi in PHP per validate_and_confirm_pass

Esempio n. 1

File: create.php Progetto: jlgaffney/Group14

?>
			
			<!-- MAIN CONTENT STARTS -->
			<div id="centredDiv">
				<h2>Create New User</h2>
				<?php 
if (isset($_SESSION['user']) && $_SESSION['user'] != '') {
    // Check if user is logged in
    if (isset($_SESSION['type']) && $_SESSION['type'] == 3) {
        // Check if user can create other users
        $errors = array();
        // Check if register values are set. If false, user has opened page the first time
        if (isset($_POST["email"]) && isset($_POST["pass"]) && isset($_POST["cnfrmPass"]) && isset($_POST["fname"]) && isset($_POST["lname"]) && isset($_POST["type"])) {
            require $relative . 'data/php/user/validate.inc';
            validate_email($errors, $_POST['email']);
            validate_and_confirm_pass($errors, $_POST["pass"], $_POST["cnfrmPass"]);
            validate_name($errors, $_POST["fname"], 'fname', 'a valid first name');
            validate_name($errors, $_POST["mnames"], 'mnames', 'valid middle name(s)');
            validate_name($errors, $_POST["lname"], 'lname', 'a valid last name');
            validate_phone($errors, $_POST["phone"]);
            if (!isset($_POST['type']) || $_POST['type'] == '') {
                $errors['type'] = 'Please select a user type';
            }
            if (!isset($errors['email']) && !isset($errors['pass']) && !isset($errors['cnfrmPass']) && !isset($errors['fname']) && !isset($errors['mnames']) && !isset($errors['lname']) && !isset($errors['phone']) && !isset($errors['type'])) {
                // No errors, form is valid
                $password = $_POST["pass"];
                $salt = uniqid();
                // Check if email exists in user table
                require $relative . 'data/php/database/pdo.inc';
                $email = trim($_POST["email"]);
                $fname = trim($_POST["fname"]);

Esempio n. 2

File: password.php Progetto: jlgaffney/Group14

			<?php 
require $relative . 'data/php/site/header-menu.inc';
?>
			
			<!-- MAIN CONTENT STARTS -->
			<div id="centredDiv">
				<h2>Change Password</h2>
				<?php 
// Check if user is logged in
if (isset($_SESSION['user']) && $_SESSION['user'] != '') {
    $errors = array();
    // Check if register values are set. If false, user has opened page the first time
    if (isset($_POST['pass']) && isset($_POST['newPass']) && isset($_POST['cnfrmPass'])) {
        require $relative . 'data/php/user/validate.inc';
        validate_password($errors, $_POST['pass']);
        validate_and_confirm_pass($errors, $_POST['newPass'], $_POST['cnfrmPass']);
        if (!isset($errors['pass']) && !isset($errors['newPass']) && !isset($errors['cnfrmPass'])) {
            // No errors, form is valid
            require $relative . 'data/php/database/pdo.inc';
            // Check if old password is correct
            $query = "SELECT email FROM user WHERE email = ? AND password = SHA2(CONCAT(?,salt),0);";
            $user = select($query, array($_SESSION['user'], $_POST['pass']), false);
            if ($user != false) {
                // Old password is correct
                // Check new password isn't the same
                if ($_POST['pass'] == $_POST['newPass']) {
                    $errors['newPass'] = '******';
                    include $relative . 'data/php/user/change/password.inc';
                } else {
                    // Change password
                    // Update new password for user's row in user table