function verifyPasswd($inputPass, $correctPass) { if (empty($correctPass)) { return false; } if (substr($correctPass, 0, 6) == '$apr1$') { if (cryptMD5Pass($inputPass, $correctPass) == $correctPass) { return true; } return false; } if (substr($correctPass, 0, 6) == '{SHA}') { $para_arr = array('passwd' => $inputPass); if (genPass($para_arr, 'SHA') == $correctPass) { return true; } return false; } if (crypt($inputPass, $correctPass) == $correctPass) { return true; } return false; }
$sys .= "<strong>Error</strong>:php版本太低({$php_v}),程序无法正常运行<br>"; } if (!empty($_POST['dbname'])) { $server = $_POST['server']; $dbname = $_POST['dbname']; $dbuser = $_POST['dbuser']; $dbpasswd = $_POST['dbpasswd']; $svnpasswd = $_POST['svnpasswd']; $svnpasswd0 = $_POST['svnpasswd0']; if ($svnpasswd != $svnpasswd0) { echo " <script>window.alert(\"svn超级用户密码不一致!请确认并牢记!\")</script>"; echo "<script>setTimeout('document.location.href=\"./setup.php\"',3)</script>"; exit; } include '../include/basefunction.php'; $svnpasswd = cryptMD5Pass($svnpasswd); $mlink = mysql_connect($server, $dbuser, $dbpasswd); $conn_error = mysql_error(); $sql_enc = "set names 'utf8'"; mysql_query($sql_enc); $query = "create database IF NOT EXISTS {$dbname}"; mysql_query($query); //get mysql version $pattern = '/(\\d+)\\.\\d+\\.\\d+/i'; preg_match($pattern, mysql_get_server_info(), $out); $encode = ''; if ($out[1] > 4) { echo "Mysql version:" . mysql_get_server_info() . "<br>"; $encode = " DEFAULT CHARSET=utf8 "; } //------
echo " <script>window.alert(\"两次输入的新密码不一致,请重新输入!\")</script>"; echo " <a href='javascript:history.back()'>点击这里返回</a>"; echo "<script>history.go(-1);</script>"; exit; } //SQL查询语句; $query = "SELECT user_name,password FROM svnauth_user WHERE user_name ='{$usr}'"; $result = mysql_query($query); if ($result) { $totalnum = mysql_num_rows($result); } if ($totalnum > 0) { while ($result and $row = mysql_fetch_array($result, MYSQL_BOTH)) { $fpasswd = $row['password']; if (verifyPasswd($oldpwd, $fpasswd)) { $passwd = cryptMD5Pass($passwd); $query = "update svnauth_user set password='******' WHERE user_name ='{$usr}'"; // 执行查询 mysql_query($query); $err = mysql_error(); if (empty($err)) { $passwd0 = escapeshellcmd($passwd0); $usr = escapeshellcmd($usr); exec($cmdpath . ' -m -b ' . $pwdpath . ' ' . $usr . ' ' . $passwd0); //echo ($cmdpath.' -m -b '. $pwdpath . ' '.$usr.' '.$passwd); echo "<script>window.alert(\"密码更改成功! \")</script>"; echo " <script>setTimeout('document.location.href=\"javascript:history.back()\"',5)</script>"; mysql_close($mlink); exit; } } else {
exit; } $mlink = mysql_connect(SERVER, USERNAME2, PASSWORD2) or die("数据库链接失败!请联系管理员"); mysql_select_db(DBNAME) or die("不能选择数据库!"); if ($newpasswd != $newpasswd1 or strlen($newpasswd) < 6) { echo " <script>window.alert(\"两次输入的密码不一致,请重新输入!\")</script>"; echo " <a href='javascript:history.back()'>点击这里返回</a>"; echo " <script>setTimeout('document.location.href=\"javascript:history.go(-1)\"',5)</script>\r\n "; exit; } include '../../config/config.php'; $pwdpath = $passwdfile; $cmdpath = $htpasswd; $usr = mysql_real_escape_string($user, $mlink); $passwd1 = mysql_real_escape_string($newpasswd, $mlink); $passwd1 = cryptMD5Pass($passwd1); if ($passwd1 == "" || $usr == "") { echo " <script>window.alert(\"密码和用户名不能为空,请输入!\")</script>"; echo " <a href='javascript:history.back()'>点击这里返回</a>"; echo "<script>history.go(-1);</script>"; exit; } //SQL查询语句; //$query = "SELECT user_name,password FROM svnauth_user WHERE user_name =\"$usr\""; $query = "update svnauth_user set password=\"{$passwd1}\" WHERE user_name =\"{$usr}\";"; // 执行查询 $result = mysql_query($query); if (mysql_affected_rows($mlink) == 0) { echo "<script>window.alert(\"用户名不存在!或新密码与原密码相同!\")</script>"; echo "<script>history.go(-1);</script>"; mysql_close($mlink);