// Add to Address table $addsid = db_addAddress($_POST); $logon = generateContactlogon($_POST['fname'], $_POST['sname']); // Insert into DB $contactsNew = new Contacts(); $contactsNew->setFname($_POST['fname']); $contactsNew->setSname($_POST['sname']); $contactsNew->setCo_name($_POST['co_name']); $contactsNew->setRole($_POST['role']); $contactsNew->setCustid($_POST['custid']); $contactsNew->setSuppid($_POST['suppid']); $contactsNew->setAddsid($addsid); $contactsNew->setNotes($_POST['notes']); $contactId = $contactsNew->insertIntoDB(); // Insert into DB $pwdNew = new Pwd(); $pwdNew->setUsr($logon); $pwdNew->setContactsid($contactId); $pwdNew->setSeclev(100); $pwdNew->setPw(mkPwd($pw)); file_put_contents('/etc/athenace/pwd', "{$_POST['custid']}\t{$_POST['suppid']}\t{$logon}\t{$pw}\n", FILE_APPEND); // Dont add to the Password table unless they have a custid or a suppid if (isset($_POST['custid']) && $_POST['custid'] > 0 || isset($_POST['suppid']) && $_POST['suppid'] > 0) { $pwdNew->insertIntoDB(); } else { // Not adding to passwd table // i.e contacts not associated with a customer or supplier cant log in } $logresult = logEvent(6, $logContent); header("Location: /contacts/?Added=" . $result['id']); exit;
if (isset($_GET['go']) && $_GET['go'] == "y") { $logContent = ""; $pw = generatePassword(); // Add to Address table $addsid = db_addAddress($_POST); # Insert into DB $staffNew = new Staff(); $staffNew->setFname($_POST['fname']); $staffNew->setSname($_POST['sname']); $staffNew->setAddsid($addsid); $staffNew->setJobtitle($_POST['jobtitle']); $stfid = $staffNew->insertIntoDB(); $usr = generateStafflogon($_POST['fname'], $_POST['sname']); $staffPwd = mkPwd($pw); # Insert Pwd into DB $pwdNew = new Pwd(); $pwdNew->setUsr($usr); $pwdNew->setStaffid($stfid); $pwdNew->setPw($staffPwd); $pwdNew->insertIntoDB(); file_put_contents('/etc/athenace/pwd', "Staff\t{$stfid}\t{$usr}\t{$pw}\n", FILE_APPEND); $logresult = logEvent(15, $logContent); $done = 1; } include "../tmpl/header.php"; if ($done) { ?> <h1>New staff member has been added</h1> <h2>Write down the password now. It cannot be found anywhere else.</h2> Username: <?php
$pagetitle = "staff"; $navtitle = 'Staff'; $keywords = ''; $description = ''; include "/srv/athenace/lib/shared/common.php"; include "/srv/athenace/lib/intranet/common.php"; include "/srv/athenace/lib/shared/functions_form.php"; if (!is_numeric($_GET['id'])) { header("Location: /staff/?id=notFound"); exit; } $pwhelp = ''; if (isset($_GET['go']) && $_GET['go'] == "y") { $pwdid = getPwdID($_GET['id']); # Update DB $pwdUpdate = new Pwd(); $pwdUpdate->setPwdid($pwdid); $pwdUpdate->setStaffid($_GET['id']); $pwdUpdate->setSeclev($_POST['seclev']); $pwdUpdate->updateDB(); # $logresult = logEvent(15,$logContent); $done = 1; } $pagetitle = "staff"; include "../tmpl/header.php"; ?> <h1>Staff Access</h1> <h2>Choose which site this user should log in to ...</h2>
public function actionFuncpwd() { if(isset($_POST['Pwd'])){ $pwd = $_POST['Pwd']['password']; $new = $_POST['Pwd']['new']; $comf = $_POST['Pwd']['comf']; if($new != $comf || empty($new)){ Yii::app()->user->setFlash('error','两次密码输入不一致!'); }else{ $id = intval($_POST['Pwd']['id']); $model = Pwd::model()->findByPk($id); if($model->password == md5($pwd)){ $model->password = md5($new); $model->save(); Yii::app()->user->setFlash('success','保存成功!'); }else{ Yii::app()->user->setFlash('error','原密码不正确!'); } } } Yii::app()->session['myurl'] = $this->createUrl('funcpwd'); $this->render('funcpwd'); }
$errors[] = 'npw1'; } elseif (!chkUppercase($_POST['npw1'])) { $pwhelp = 'No upper case letters in password'; $errors[] = 'npw1'; } elseif (!chkDigit($_POST['npw1'])) { $pwhelp = 'No numbers in password'; $errors[] = 'npw1'; } elseif ($_POST['npw1'] != $_POST['npw2']) { $pwhelp = 'New passwords are not the same'; $errors[] = 'npw1'; } if (empty($errors)) { $newPwd = mkPwd($_POST['npw1']); $pwdid = getContactPwdID($contactsID); // Update DB $pwdUpdate = new Pwd(); $pwdUpdate->setPwdid($pwdid); $pwdUpdate->setPw($newPwd); $pwdUpdate->updateDB(); $logresult = logEvent(33, $logContent); $token = base64_encode(encrypt($rrt->usr . "|" . $_POST['npw1'])); header("Location: /pass.php?t={$token}"); } } include "tmpl/header.php"; ?> <ol> <li id=subtitle><h3>Your Login Details</h3></li> <li><label>Your Username</label> <span style="font-size: 110%; font-weight: bold;"><?php
$pw_errors[] = 'npw1'; } elseif (!chkUppercase($_POST['npw1'])) { $pwhelp = 'No upper case letters in password'; $pw_errors[] = 'npw1'; } elseif (!chkDigit($_POST['npw1'])) { $pwhelp = 'No numbers in password'; $pw_errors[] = 'npw1'; } elseif ($_POST['npw1'] != $_POST['npw2']) { $pwhelp = 'New passwords are not the same'; $pw_errors[] = 'npw1'; } $stfid = $_POST['stfid']; if (empty($pw_errors)) { $cryptPwd = mkPwd($_POST['npw1']); # Update DB $pwdUpdate = new Pwd(); $pwdUpdate->setUsr($rrt->usr); $pwdUpdate->setPw($cryptPwd); $result = $pwdUpdate->updateDB(); $logresult = logEvent(33, $logContent); $done = 1; } } $pagetitle = "staff"; include "../tmpl/header.php"; ?> <h1>Staff Log In</h1> <?php if (isset($done) && $done) { echo '<h2 style="color:red;margin-top:40px;margin-left:150px;">The password has been changed</h2>';