/** * changepass_form * */ function changepass_form() { global $bouncer_message; $email = isset($_GET['email']) ? $_GET['email'] : ''; $auth = isset($_GET['auth']) ? $_GET['auth'] : ''; $key = isset($_GET['key']) ? $_GET['key'] : ''; // put together html $login_form = html_header("Change Password") . ' <div id="content">'; // error messages if (isset($bouncer_message['error'])) { $login_form .= ' <div id="login_message">' . $bouncer_message['error'] . '</div>'; } $login_form .= ' <h2>Please enter your the auth code and key from your email</h2> <form id="bouncer_changepassform" class="bouncer_form" method="post" action="' . targetpage() . '"> <p><label for="auth">Auth code:</label><br/> <input name="auth" type="text" value="' . $auth . '" /></p> <p><label for="key">Key:</label><br/> <input name="key" type="text" value="' . $key . '" /></p> <p>Now enter your new password (needs to be at least 8 characters long)</p> <p><label for="newpass">New Password:</label><br/> <input name="newpass" id="newpass" type="password" /></p> <p><label for="confirmpass">Confirm Password:</label><br/> <input name="confirmpass" id="confirmpass" type="password" /></p> <p><input type="hidden" name="bounce" value="' . md5(WW_BOUNCE_WEB_ROOT) . '" /> <input type="submit" name="changepass" value="Submit" /></p> </form> <h2>Go to <a href="' . $_SERVER["PHP_SELF"] . '">login page</a></h2> </div> ' . html_footer(); return $login_form; }
<?php // get user defined settings and functions include_once 'bouncer_params.php'; // start sessions if needed if (!session_id()) { session_start(); } // set target page for redirects $target_page = targetpage(); // call function for forgotten password if (isset($_POST['forgotpass']) && isset($_POST['email'])) { if (bouncer_verify_email($_POST['email']) == true) { $bouncer_message['error'] = forgotten_password($_POST['email']); $attempt_login = 0; } else { $bouncer_message['error'] = $bouncer_message['wrong_email']; $attempt_login = 0; } } // call function for changed password if (isset($_POST['changepass'])) { $bouncer_message['error'] = change_password(); $attempt_login = 0; } // if a login is attempted we automatically clear the logged_in session if (isset($_POST['email']) && isset($_POST['pass'])) { $_SESSION[WW_SESS]['logged_in'] = 0; $attempt_login = 1; } if (isset($_COOKIE['ww_c_key']) && isset($_COOKIE['ww_c_user'])) {