function OnRequest() { $requestMethod = $_SERVER['REQUEST_METHOD']; if ($requestMethod == "GET") { if (isset($_GET['id'])) { $currentUser = ModelFacade::getLoggedInUser(); $userDetails = ModelFacade::getUserDetails($_GET['id']); if ($userDetails) { if ($userDetails->id != $currentUser->id) { $message = "Access denied."; include_once '/Views/ErrorPage.html'; } else { include_once '/Views/UserChangePassword.html'; } } else { $message = "No user exists with the specified id"; include_once '/Views/ErrorPage.html'; } } else { $message = "Sorry no user id was set"; include_once '/Views/ErrorPage.html'; } } else { ChangePassword(); } }
function MAIN_MENU() { $unix = new unix(); $clear = $unix->find_program("clear"); if (is_file($clear)) { system("{$clear}"); } echo "Credentials Menu\n"; echo "---------------------------------------------\n"; echo "Display SuperAdmin credentials...: [1]\n"; echo "Modify SuperAdmin credentials....: [2]\n"; echo "Exit menu........................: [q]\n"; echo "\n"; $answer = trim(strtolower(fgets(STDIN))); switch ($answer) { case "1": ShowPassword(); break; case "2": ChangePassword(); break; case "q": die; break; default: break; MAIN_MENU(); return; } }
public function testChangePasswordOfNonExistingUser() { // If user doesn't exist, the password should not be changed $username = '******'; $newPassword = '******'; $this->db->expects($this->once())->method('get')->with($username)->willReturn(null); $this->db->expects($this->never())->method('update'); ChangePassword($this->db, $username, $newPassword); }
function Changepwd($mysqli) { if (!empty($_SESSION["userid"])) { $query = $mysqli->query("SELECT * FROM users WHERE id = '" . $_SESSION["userid"] . "'"); if (!($row = $query->fetch_array(MYSQLI_BOTH))) { echo "SORRY...YOU ARE NOT REGISTERED USER..."; } else { if ($_POST['password'] == $row["password"]) { ChangePassword($mysqli); } else { header('Location: userchangepassword_failure.html'); exit; } } } }
<?php session_start(); define('DB_HOST', 'localhost'); define('DB_NAME', 'texaskitchen'); define('DB_USER', 'root'); define('DB_PASSWORD', ''); $mysqli = new mysqli(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME); if ($mysqli->connect_errno) { echo "Failed to connect to MySQL: (" . $mysqli->connect_errno . ") " . $mysqli->connect_error; } function ChangePassword($mysqli) { $newpassword = $_POST['newpassword']; $confirmnewpassword = $_POST['confirmnewpassword']; $query = "UPDATE texaskitchen.users SET password='******' WHERE id=" . $_SESSION["forgotpwduserid"] . ";"; $data = $mysqli->query($query); if ($data) { header('Location: userchangepassword_success.html'); exit; //echo "YOUR REGISTRATION IS COMPLETED..."; } else { header('Location: userchangepassword_failure.html'); exit; } } ChangePassword($mysqli);
<title>NiDB - Manage Public Downloads</title> </head> <body> <div id="wrapper"> <?php require "functions.php"; require "includes.php"; require "menu.php"; require "nidbapi.php"; /* ----- setup variables ----- */ $action = GetVariable("action"); $id = GetVariable("id"); /* determine action */ if ($action == "changepassword") { ChangePassword($id); } elseif ($action == "delete") { DeleteDownload($id); } else { DisplayDownloadList(); } /* ------------------------------------ functions ------------------------------------ */ /* -------------------------------------------- */ /* ------- ChangePassword --------------------- */ /* -------------------------------------------- */ function ChangePassword($id, $password) { /* perform data checks */ $pwd = sha1($password); /* update the site */ $sqlstring = "update public_downloads set pd_password = '******' where pd_id = {$id}";
} else { if (isset($_GET["no"]) && $_GET["no"] == "14") { // for getting the mentor of a particular mentee. GetMentorDetailsOfMentee($_GET["email"], $_GET["id"]); } else { if (isset($_GET["no"]) && $_GET["no"] == "15") { // for sending the message from the mentee to the mentor. SendMessageFromMenteeToMentor($_GET["toEmail"], $_GET["msg"], $_GET["email"]); } else { if (isset($_GET["no"]) && $_GET["no"] == "16") { // for adding the user to the User and the Specified table. AddUser($_GET["organ"], $_GET["course"], $_GET["email"], $_GET["level"]); } else { if (isset($_GET["no"]) && $_GET["no"] == "17") { // for changing the password of the specified Account. ChangePassword($_GET["email"], $_GET["oldPassword"], $_GET["newPassword"], $_GET["newPasswordConfirm"], $_GET["table"]); } else { if (isset($_GET["no"]) && $_GET["no"] == "18") { // for getting the assignments based on a mentor email and id. GetMentorAssignment($_GET["email"], $_GET["id"]); } else { if (isset($_GET["no"]) && $_GET["no"] == "19") { // for getting the calender image on the mentor page. GetMentorCalender($_GET["mentorEmail"]); } else { if (isset($_GET["no"]) && $_GET["no"] == "20") { // for getting the director details of a particular mentor. GetDirectorDetailsOfMentor($_GET["email"], $_GET["id"]); } else { if (isset($_GET["no"]) && $_GET["no"] == "21") { // for sending the message from the mentor to the director.
$UI_CONFIG->user_page($UserID, $user_login, "edit", "user.password({$UserID})"); BeginHtml($Title12, $Title3 . $Delimeter . $Title6, "http://" . $DOC_DOMAIN . "/management/users/password/"); $perm->ExitIfNotAccess(NC_PERM_ITEM_USER, NC_PERM_ACTION_EDIT, $UserID, 0, 0); ChangePasswordFormAdmin($UserID); break; case 7: # собственно сменим пароль $perm->ExitIfNotAccess(NC_PERM_ITEM_USER, NC_PERM_ACTION_EDIT, $UserID, 0, 1); if (strlen($Password1) == 0 && strlen($Password2) == 0) { BeginHtml($Title2, $Title3 . $Delimeter . $Title6, "http://" . $DOC_DOMAIN . "/management/users/password/"); $UI_CONFIG->user_page($UserID, $user_login, "edit", "user.password({$UserID})"); nc_print_status(CONTROL_USER_ERROR_EMPTYPASS . "<BR>\n" . CONTROL_USER_ERROR_RETRY . "<BR>\n", 'error'); ChangePasswordFormAdmin($UserID); } elseif ($Password1 == $Password2) { BeginHtml($Title2, $Title2, "http://" . $DOC_DOMAIN . "/management/users/"); ChangePassword($UserID, $Password1, $db); unset($UserID); SearchUserResult(); } else { $UI_CONFIG->user_page($UserID, $user_login, "edit", "user.password({$UserID})"); BeginHtml($Title2, $Title3 . $Delimeter . $Title6, "http://" . $DOC_DOMAIN . "/management/users/password/"); nc_print_status(CONTROL_USER_ERROR_PASSDIFF . "<BR>\n" . CONTROL_USER_ERROR_RETRY . "<BR>\n", 'error'); ChangePasswordFormAdmin($UserID); } break; case 8: # показать права доступа пользователя $UI_CONFIG->user_page($UserID, $user_login, "rights"); BeginHtml($Title2, $Title3 . $Delimeter . $Title7, "http://" . $DOC_DOMAIN . "/management/users/rights/"); $perm->ExitIfNotAccess(NC_PERM_ITEM_USER, NC_PERM_ACTION_RIGHT, $UserID, 0, 0); ShowUserPermissions($UserID, 11);
break; case "savenewuserpassword": if (IsAdmin()) { $username = $_POST["username"]; $password1 = $_POST["password1"]; $password2 = $_POST["password2"]; EditUserPassword($username, $password1, $password2); } $page = "editusers"; break; case "changepassword": if (IsLoggedIn()) { $passwordold = $_POST["passwordold"]; $password1 = $_POST["password1"]; $password2 = $_POST["password2"]; ChangePassword($passwordold, $password1, $password2); } $page = "usersettings"; break; case "saveuserchanges": if (IsLoggedIn()) { $displayName = $_POST["displayname"]; $twitterHandle = $_POST["twitterhandle"]; $emailAddress = $_POST["emailaddress"]; ChangeUserData($displayName, $twitterHandle, $emailAddress); } $page = "usersettings"; break; case "savenewtheme": if (IsLoggedIn()) { $newTheme = $_POST["theme"];