$password = ''; } //check if user exists if ($dbh_user->check_user($username)->user_exists) { //Good } else { $message = 'Specified username does not exist.'; } if ($message == "") { require 'password_crypto.php'; $hashed_password = cobalt_password_hash('NEW', $password, $username, $new_salt, $new_iteration, $new_method); $data_con = new data_abstraction(); $data_con->set_query_type('UPDATE'); $data_con->set_table('user'); $data_con->set_update("`password`='{$hashed_password}', `salt`='{$new_salt}', `iteration`='{$new_iteration}', `method`='{$new_method}'"); $data_con->set_where("username='******'"); $data_con->make_query(); $message = 'The password has been successfully reset.'; $message_type = 'SYSTEM'; $password = ''; } } } require 'subclasses/user_html.php'; $html = new user_html(); $html->draw_header('Reset Password', $message, $message_type); $html->fields['password']['control_type'] = 'password'; $html->fields['password']['label'] = 'Temporary Password'; $html->exception = array('person_id', 'role_id', 'skin_id'); $html->draw_controls('add', 'Password Reset Form'); $html->draw_footer();
function check_if_unique($db, $table, $where, $errMsg) { $error_message = ''; $data_con = new data_abstraction(); $data_con->set_database($db); $data_con->set_table($table); $data_con->set_where($where); $data_con->make_query(); if ($data_con->Num_Rows > 0) { $error_message = $errMsg; } return $error_message; }
$dbh->close_db(); //Get the role permissions require_once 'subclasses/user_role_links.php'; $obj_role = new user_role_links(); $obj_role->get_user_role_links($role); $arrLink = $obj_role->dump['link_id']; $numLinks = $obj_role->num_rows; $obj_role->close_db(); //Assign permissions to user $dbh = new data_abstraction(); foreach ($arrLink as $link_id) { $dbh->set_query_type('SELECT'); $dbh->set_table('user_passport'); $dbh->set_fields('username, link_id'); $dbh->set_where("username='******' AND link_id='" . quote_smart($link_id) . "'"); $dbh->make_query(); if ($dbh->num_rows == 0) { $dbh->set_query_type('INSERT'); $dbh->set_values("'" . quote_smart($Username) . "','" . quote_smart($link_id) . "'"); $dbh->make_query(); } } $dbh->close_db(); } $message = 'Success! User passport has been updated.'; $message_type = 'system'; } } $html_writer = new html(); $html_writer->draw_header('Set User Passports', $message, $message_type); ?>
$Username = cobalt_htmlentities($Username); $Module = cobalt_htmlentities($Module); $Keyword = cobalt_htmlentities($Keyword); $IPAddress = cobalt_htmlentities($IPAddress); } if (!isset($start)) { $start = 0; } //Pagination **************************** //->Query to get total number of records. $data_con = new data_abstraction(); $data_con->set_fields("entry_id, ip_address, user, datetime, action, module"); $data_con->set_table("`system_log`"); $data_con->set_where("{$TimeFilter} AND {$UserFilter} AND {$ModuleFilter} AND {$KeywordFilter} AND {$IPAddressFilter}"); $data_con->set_order("entry_id"); if ($result = $data_con->make_query()->result) { $total_records = $data_con->num_rows; } else { die("Error getting log entries: " . $data_con->QUERY); } //-> Now instantiate the pagination class and feed it the necessary information. require 'paged_result_class.php'; $results_per_page = 50; $pager = new paged_result($total_records, $results_per_page); $pager->get_page_data($result_pager, $current_page); $current_page = $pager->current_page; $data_con->set_limit($pager->offset, $pager->records_per_page); $html_writer = new html(); $html_writer->draw_header('Security Monitor', $message, $message_type); require '../javascript/submitenter.php'; ?>
function log_action($action, $module = '') { if (isset($_SESSION['user'])) { $username = quote_smart($_SESSION['user']); } else { $username = '******'; } if ($module == '') { $module = $_SERVER['SCRIPT_NAME']; } $date = date("m-d-Y"); $real_time = date("G:i:s"); $new_date = explode("-", $date); $new_time = explode(":", $real_time); $timestamp = mktime($new_time[0], $new_time[1], $new_time[2], $new_date[0], $new_date[1], $new_date[2]); $date_time = date("l, F d, Y -- h:i:s a"); $ip_address = get_ip(); $action = quote_smart($action); $data_con = new data_abstraction(); $data_con->set_query_type('INSERT'); $data_con->set_table('system_log'); $data_con->set_fields('ip_address, user, datetime, action, module'); $data_con->set_values("'{$ip_address}', '{$username}', '{$timestamp}', '{$action}', '{$module}'"); $data_con->make_query(TRUE, FALSE); }