Exemplo n.º 1
0
         return TRUE;
     }
 }
 if ($submit) {
     if ($email && $password && $repassword) {
         if (checkEmail($email)) {
             if ($password == $repassword) {
                 $r1 = '/[A-Z]/';
                 //Uppercase
                 $r2 = '/[a-z]/';
                 //lowercase
                 $r3 = '/[!@#$%^&*()\\-_=+{};:,<.>]/';
                 // whatever you mean by 'special char'
                 $r4 = '/[0-9]/';
                 //numbers
                 if (valid_pass($password) == FALSE) {
                     $notice[] = 'Password entered is invalid! Please enter a new password.';
                 } else {
                     $password = md5($password);
                     $connect = mysql_connect("locahost", "root", "secret");
                     mysql_select_db("iicssched");
                     mysql_query("INSERT INTO tbl_user VALUES('','{$email}','{$password}',1,3);");
                     header('Location: scheduler.php');
                 }
             } else {
                 $notice[] = 'Passwords do not match! Please retype your password.';
             }
         } else {
             $notice[] = 'Email is existing! Please try again';
         }
     } else {
Exemplo n.º 2
0
function set_new_nickname()
{
    global $C, $I, $U, $db;
    if (!isset($_REQUEST['new_pass']) || !valid_pass($_REQUEST['new_pass'])) {
        send_profile(sprintf($I['nopass'], get_setting('minpass')));
    }
    if (!valid_nick($_REQUEST['newnickname'])) {
        send_profile(sprintf($I['invalnick'], get_setting('maxname')));
    }
    $U['passhash'] = md5(sha1(md5($_REQUEST['newnickname'] . $_REQUEST['new_pass'])));
    $stmt = $db->prepare("SELECT id FROM {$C['prefix']}sessions WHERE nickname=? UNION SELECT id FROM {$C['prefix']}members WHERE nickname=?;");
    $stmt->execute(array($_REQUEST['newnickname'], $_REQUEST['newnickname']));
    if ($stmt->fetch(PDO::FETCH_NUM)) {
        send_profile($I['nicknametaken']);
    } else {
        if ($U['status'] > 1) {
            $entry = 0;
        } else {
            $entry = $U['entry'];
        }
        $stmt = $db->prepare("UPDATE {$C['prefix']}members SET nickname=?, passhash=? WHERE nickname=?;");
        $stmt->execute(array($_REQUEST['newnickname'], $U['passhash'], $U['nickname']));
        $stmt = $db->prepare("UPDATE {$C['prefix']}sessions SET nickname=?, passhash=? WHERE nickname=?;");
        $stmt->execute(array($_REQUEST['newnickname'], $U['passhash'], $U['nickname']));
        $stmt = $db->prepare("UPDATE {$C['prefix']}messages SET poster=? WHERE poster=? AND postdate>?;");
        $stmt->execute(array($_REQUEST['newnickname'], $U['nickname'], $entry));
        $stmt = $db->prepare("UPDATE {$C['prefix']}messages SET recipient=? WHERE recipient=? AND postdate>?;");
        $stmt->execute(array($_REQUEST['newnickname'], $U['nickname'], $entry));
        $stmt = $db->prepare("UPDATE {$C['prefix']}ignored SET ignby=? WHERE ignby=?;");
        $stmt->execute(array($_REQUEST['newnickname'], $U['nickname']));
        $stmt = $db->prepare("UPDATE {$C['prefix']}ignored SET ign=? WHERE ign=?;");
        $stmt->execute(array($_REQUEST['newnickname'], $U['nickname']));
        $U['nickname'] = $_REQUEST['newnickname'];
    }
}
Exemplo n.º 3
0
 function reg()
 {
     $this->load->helper('form');
     $this->load->library('form_validation');
     $rules = array(array('field' => 'fname', 'label' => 'Firstname', 'rules' => 'required'), array('field' => 'lname', 'label' => 'Lastname', 'rules' => 'required'), array('field' => 'mname', 'label' => 'Middlename', 'rules' => 'required'), array('field' => 'username', 'label' => 'Username', 'rules' => 'required'), array('field' => 'password', 'label' => 'Password', 'rules' => 'required'));
     $this->form_validation->set_rules($rules);
     if ($this->form_validation->run() === FALSE) {
         $d['error'] = '';
         $this->load->view('user/register', $d);
     } else {
         $username = $this->input->post('username');
         $this->db->where('username', $username);
         $count = $this->db->count_all_results('users');
         if ($count > 0) {
             $this->load->helper('string');
             $ar = $this->db->get('users')->result_array();
             $data = array();
             foreach ($ar as $user) {
                 $data[] = $user['username'];
             }
             $suggest = increment_exists($username, $data);
             $d['error'] = '<div class="alert alert-danger text-center">
                     Username is already taken <br/>
                     Recommended username: '******'</div>';
             $this->load->view('user/register', $d);
         } else {
             $password = $this->input->post('password');
             $con_pass = $this->input->post('con_pass');
             // TODO: check for a strong password
             if (valid_pass($password)) {
                 if ($password == $con_pass) {
                     $config['upload_path'] = './assets/uploads/';
                     // check if the attachment belongs to image
                     $config['allowed_types'] = 'jpg|png|jpeg';
                     $config['max_size'] = 2048;
                     $config['encrypt_name'] = TRUE;
                     $this->load->library('upload', $config);
                     if ($this->upload->do_upload()) {
                         $data['pic'] = $this->upload->data('file_name');
                         $data['fname'] = ucwords($this->input->post('fname'));
                         $data['lname'] = ucwords($this->input->post('lname'));
                         $data['mname'] = ucwords($this->input->post('mname'));
                         $data['email'] = $this->input->post('email');
                         $data['bday'] = $this->input->post('bday');
                         $data['contact'] = $this->input->post('contact');
                         $data['username'] = $username;
                         $data['password'] = md5($password);
                         $data['address'] = $this->input->post('address');
                         $data['gender'] = $this->input->post('gender');
                         $data['question'] = $this->input->post('secret_q');
                         $data['answer'] = $this->input->post('answer_q');
                         $this->db->insert('users', $data);
                         $this->session->set_flashdata('message', alert('Successfully registered', 'success'));
                         redirect('/register');
                     } else {
                         $d['error'] = alert($this->upload->display_errors());
                         $this->load->view('user/register', $d);
                     }
                 } else {
                     $d['error'] = alert('Please confirm your password');
                     $this->load->view('user/register', $d);
                 }
             } else {
                 $d['error'] = '<div class="alert alert-danger">Password must have at
                                 least one capital letter a small letter a number and special character</div>';
                 $this->load->view('user/register', $d);
             }
         }
     }
 }
    $salt = "thispasswordcannotbehacked";
    $oldpass = hash('sha256', $salt . $oldpass);
    if ($oldpass == $row['pass']) {
        $olderr = "";
    } else {
        $olderr = "Your password doesnot match your previous password.";
    }
    if (isset($_POST['email']) && isset($_POST['pass']) && isset($_POST['repass'])) {
        $pass = $_POST['pass'];
        $repass = $_POST['repass'];
        if ($pass == $repass) {
            $matcherr = "";
        } else {
            $matcherr = "Passwords do not match. Please try again";
        }
        if (valid_pass($pass)) {
            $passerr = "";
        } else {
            $passerr = "Password is not valid. ";
        }
        if ($passerr == "") {
            $salt = "thispasswordcannotbehacked";
            $pass = hash('sha256', $salt . $pass);
            $query1 = "update login set pass = '******' where email = '" . $_SESSION['email'] . "'";
            $q1 = mysqli_query($con, $query1) or die(mysqli_error($con));
            $success = "Your changes have been saved";
        }
    }
}
?>
        <!-- Main -->
Exemplo n.º 5
0
            array_push($error_messages, "Passwords Do Not Meet Requirement");
        } else {
            $update = generateCAPassword($newCAPassword);
        }
    }
}
if (isset($_POST['newLANPassword1']) and isset($_POST['newLANPassword2'])) {
    $update = false;
    if (strcmp($_POST['newLANPassword1'], $_POST['newLANPassword2']) !== 0) {
        $newLANPassword = false;
        logToSyslog("LANPasswords were set, and not match");
        array_push($error_messages, "Passwords Do Not Match");
        $dirtyBit = true;
    } else {
        $newLANPassword = $_POST['newLANPassword1'];
        if (!valid_pass($newLANPassword)) {
            $dirtyBit = true;
            logToSyslog("Password did not match Requirement");
            array_push($error_messages, "Passwords Do Not Meet Requirement");
        } else {
            $update = generateLANPassword($newLANPassword);
        }
    }
}
if (isset($_POST['uid']) and isset($_POST['_domain']) and isset($_POST['currentPassword'])) {
    $domain = trim(str_replace(array('?', '+', 'string:'), '', $_POST['_domain']));
    $email = $_POST['uid'] . $domain;
    $baseDn = "dc=iiit,dc=ac,dc=in";
    if (strcmp($domain, "") === 0) {
        $filter = '(mailForwardingAddress=' . $email . ')';
    } else {
Exemplo n.º 6
0
 function all_users($id = '')
 {
     $this->load->helper('form');
     $this->load->library('form_validation');
     // set all rules
     $rules = array(array('field' => 'fname', 'label' => 'Firstname', 'rules' => 'required'), array('field' => 'lname', 'label' => 'Lastname', 'rules' => 'required'), array('field' => 'mname', 'label' => 'Middlename', 'rules' => 'required'), array('field' => 'office', 'label' => 'Office', 'rules' => 'required'), array('field' => 'contact', 'label' => 'Contact Number', 'rules' => 'required'));
     $this->form_validation->set_rules($rules);
     if ($this->form_validation->run() === FALSE) {
         if (empty($id)) {
             $d['error'] = '';
             $d['id'] = '';
             $d['fname'] = set_value('fname');
             $d['lname'] = set_value('lname');
             $d['mname'] = set_value('mname');
             $d['office'] = set_value('office');
             $d['contact'] = set_value('contact');
         } else {
             // @todo: ask if the username and password is neccessary in
             // edit user
             $this->db->where('id', $id);
             $u = $this->db->get('users')->row_array();
             $d['fname'] = $u['fname'];
             $d['lname'] = $u['lname'];
             $d['mname'] = $u['mname'];
             $d['office'] = $u['office'];
             $d['contact'] = $u['contact'];
             $d['id'] = $id;
             $d['error'] = '';
         }
         $this->load->view('admin/all_users', $d);
     } else {
         if (empty($id)) {
             // check if the length is 11
             $contact = $this->input->post('contact');
             if (strlen($contact) == 11) {
                 $password = $this->input->post('password');
                 $con_pass = $this->input->post('con_pass');
                 // check for strong password
                 if (valid_pass($password)) {
                     // does it match the password and confirm password
                     if ($password == $con_pass) {
                         $username = $this->input->post('username');
                         // check if the username already exists
                         $this->db->where('username', $username);
                         $c = $this->db->count_all_results('users');
                         if ($c > 0) {
                             // if it exists recommend a username
                             $this->load->helper('string');
                             $ar = $this->db->get('users')->result_array();
                             $data1 = array();
                             foreach ($ar as $user) {
                                 $data1[] = $user['username'];
                             }
                             $suggest = increment_exists($username, $data1);
                             $d['error'] = '<div class="alert alert-danger text-center">
                                 Username is already taken <br/>
                                 Recommended username: '******'</div>';
                             $d['id'] = '';
                             $d['fname'] = set_value('fname');
                             $d['lname'] = set_value('lname');
                             $d['mname'] = set_value('mname');
                             $d['office'] = set_value('office');
                             $d['contact'] = set_value('contact');
                             $this->load->view('admin/all_users', $d);
                         } else {
                             // after all the validation insert it to table
                             $data['fname'] = ucwords($this->input->post('fname'));
                             $data['lname'] = ucwords($this->input->post('lname'));
                             $data['mname'] = ucwords($this->input->post('mname'));
                             $data['office'] = ucwords($this->input->post('office'));
                             $data['type'] = 'ngo';
                             $data['contact'] = $contact;
                             $data['username'] = $this->input->post('username');
                             $data['password'] = md5($password);
                             $this->db->insert('users', $data);
                             redirect('/users');
                         }
                     } else {
                         $d['error'] = alert('Please Confirm Password');
                         $d['id'] = '';
                         $d['fname'] = set_value('fname');
                         $d['lname'] = set_value('lname');
                         $d['mname'] = set_value('mname');
                         $d['office'] = set_value('office');
                         $d['contact'] = set_value('contact');
                         $this->load->view('admin/all_users', $d);
                     }
                 } else {
                     $d['error'] = alert('Password must have at
                                 least one capital letter a small letter a number and special character');
                     $d['id'] = '';
                     $d['fname'] = set_value('fname');
                     $d['lname'] = set_value('lname');
                     $d['mname'] = set_value('mname');
                     $d['office'] = set_value('office');
                     $d['contact'] = set_value('contact');
                     $this->load->view('admin/all_users', $d);
                 }
             } else {
                 $d['error'] = alert('Invalid Contact Number');
                 $d['id'] = '';
                 $d['fname'] = set_value('fname');
                 $d['lname'] = set_value('lname');
                 $d['mname'] = set_value('mname');
                 $d['office'] = set_value('office');
                 $d['contact'] = set_value('contact');
                 $this->load->view('admin/all_users', $d);
             }
         } else {
             $data['fname'] = $this->input->post('fname');
             $data['lname'] = $this->input->post('lname');
             $data['mname'] = $this->input->post('mname');
             $data['office'] = $this->input->post('office');
             $data['contact'] = $this->input->post('contact');
             $this->db->where('id', $id);
             $this->db->update('users', $data);
             $this->session->set_flashdata('message', alert('Successfully edited', 'success'));
             redirect('/users');
         }
     }
 }
Exemplo n.º 7
0
		<div id="right_panel">
			<div id="main_heading">Change user password</div><?php 
if ($user) {
    if (isset($_POST['submit'])) {
        $oldpassword = md5($_POST['oldpassword']);
        $newpassword = $_POST['newpassword'];
        $repeatnewpassword = $_POST['repeatnewpassword'];
        $queryget = mysql_query("SELECT user_password FROM sys_users WHERE user_id = '{$user}'") or die("Query didn't work");
        $row = mysql_fetch_assoc($queryget);
        $oldpassworddb = $row['user_password'];
        //check password
        if ($oldpassword == $oldpassworddb) {
            //check two new passwords
            if ($newpassword == $repeatnewpassword) {
                //check password complexity
                if (!valid_pass($newpassword)) {
                    echo "<div id='pm' title='Passwords'>\n";
                    echo "Password must be at least 8 characters, contain at least 1 small letter , number , Capital letters & sepecial characters";
                    echo "</div>\n";
                } else {
                    //Success
                    //Encrypt password
                    $newpassword = md5($newpassword);
                    $repeatnewpassword = md5($repeatnewpassword);
                    //change password in db
                    $querychange = mysql_query("UPDATE sys_users SET user_password = '******' WHERE user_id = '{$user}'");
                    //session_destroy();
                    //include ('../includes/popup_password.php');
                    echo "Passowrd changed successfully!";
                }
            } else {