function verifyPasswd($inputPass, $correctPass)
{
if (empty($correctPass)) {
return false;
}
if (substr($correctPass, 0, 6) == '$apr1$') {
if (cryptMD5Pass($inputPass, $correctPass) == $correctPass) {
return true;
}
return false;
}
if (substr($correctPass, 0, 6) == '{SHA}') {
$para_arr = array('passwd' => $inputPass);
if (genPass($para_arr, 'SHA') == $correctPass) {
return true;
}
return false;
}
if (crypt($inputPass, $correctPass) == $correctPass) {
return true;
}
return false;
}
$sys .= "<strong>Error</strong>:php版本太低({$php_v}),程序无法正常运行<br>";
}
if (!empty($_POST['dbname'])) {
$server = $_POST['server'];
$dbname = $_POST['dbname'];
$dbuser = $_POST['dbuser'];
$dbpasswd = $_POST['dbpasswd'];
$svnpasswd = $_POST['svnpasswd'];
$svnpasswd0 = $_POST['svnpasswd0'];
if ($svnpasswd != $svnpasswd0) {
echo " <script>window.alert(\"svn超级用户密码不一致!请确认并牢记!\")</script>";
echo "<script>setTimeout('document.location.href=\"./setup.php\"',3)</script>";
exit;
}
include '../include/basefunction.php';
$svnpasswd = cryptMD5Pass($svnpasswd);
$mlink = mysql_connect($server, $dbuser, $dbpasswd);
$conn_error = mysql_error();
$sql_enc = "set names 'utf8'";
mysql_query($sql_enc);
$query = "create database IF NOT EXISTS {$dbname}";
mysql_query($query);
//get mysql version
$pattern = '/(\\d+)\\.\\d+\\.\\d+/i';
preg_match($pattern, mysql_get_server_info(), $out);
$encode = '';
if ($out[1] > 4) {
echo "Mysql version:" . mysql_get_server_info() . "<br>";
$encode = " DEFAULT CHARSET=utf8 ";
}
//------
echo " <script>window.alert(\"两次输入的新密码不一致,请重新输入!\")</script>";
echo " <a href='javascript:history.back()'>点击这里返回</a>";
echo "<script>history.go(-1);</script>";
exit;
}
//SQL查询语句;
$query = "SELECT user_name,password FROM svnauth_user WHERE user_name ='{$usr}'";
$result = mysql_query($query);
if ($result) {
$totalnum = mysql_num_rows($result);
}
if ($totalnum > 0) {
while ($result and $row = mysql_fetch_array($result, MYSQL_BOTH)) {
$fpasswd = $row['password'];
if (verifyPasswd($oldpwd, $fpasswd)) {
$passwd = cryptMD5Pass($passwd);
$query = "update svnauth_user set password='******' WHERE user_name ='{$usr}'";
// 执行查询
mysql_query($query);
$err = mysql_error();
if (empty($err)) {
$passwd0 = escapeshellcmd($passwd0);
$usr = escapeshellcmd($usr);
exec($cmdpath . ' -m -b ' . $pwdpath . ' ' . $usr . ' ' . $passwd0);
//echo ($cmdpath.' -m -b '. $pwdpath . ' '.$usr.' '.$passwd);
echo "<script>window.alert(\"密码更改成功! \")</script>";
echo " <script>setTimeout('document.location.href=\"javascript:history.back()\"',5)</script>";
mysql_close($mlink);
exit;
}
} else {
exit;
}
$mlink = mysql_connect(SERVER, USERNAME2, PASSWORD2) or die("数据库链接失败!请联系管理员");
mysql_select_db(DBNAME) or die("不能选择数据库!");
if ($newpasswd != $newpasswd1 or strlen($newpasswd) < 6) {
echo " <script>window.alert(\"两次输入的密码不一致,请重新输入!\")</script>";
echo " <a href='javascript:history.back()'>点击这里返回</a>";
echo " <script>setTimeout('document.location.href=\"javascript:history.go(-1)\"',5)</script>\r\n ";
exit;
}
include '../../config/config.php';
$pwdpath = $passwdfile;
$cmdpath = $htpasswd;
$usr = mysql_real_escape_string($user, $mlink);
$passwd1 = mysql_real_escape_string($newpasswd, $mlink);
$passwd1 = cryptMD5Pass($passwd1);
if ($passwd1 == "" || $usr == "") {
echo " <script>window.alert(\"密码和用户名不能为空,请输入!\")</script>";
echo " <a href='javascript:history.back()'>点击这里返回</a>";
echo "<script>history.go(-1);</script>";
exit;
}
//SQL查询语句;
//$query = "SELECT user_name,password FROM svnauth_user WHERE user_name =\"$usr\"";
$query = "update svnauth_user set password=\"{$passwd1}\" WHERE user_name =\"{$usr}\";";
// 执行查询
$result = mysql_query($query);
if (mysql_affected_rows($mlink) == 0) {
echo "<script>window.alert(\"用户名不存在!或新密码与原密码相同!\")</script>";
echo "<script>history.go(-1);</script>";
mysql_close($mlink);
