Пример #1
0
/**
 *	Log login attempt
 */
function log_attempt($u, $ip, $succ)
{
    tquery("INSERT INTO login_log(USER_ID, IP, RESULT) \n\t\t\t\tVALUES(?, ?, ?);\n\t\t\n\t\t\t\tUPDATE users\n\t\t\t\tSET failed_logins = ?*(failed_logins+1)\n\t\t\t\tWHERE user_id = ?;", [$u["user_id"], $ip, $succ ? "SUCCESS" : "FAILURE"], [$succ ? 0 : 1, $u["user_id"]]);
}
Пример #2
0
verify_access();
if (empty($_POST)) {
    render_mult(["change_passfm.php"], ["title" => "Change Password"]);
} else {
    if ($_SERVER["REQUEST_METHOD"] != "POST") {
        redirect("index.php");
    }
    // if form was submitted...
    // validate submission
    if (empty($_POST["old_pass"])) {
        apologize("You must provide your current password.");
    }
    if (empty($_POST["new_pass"])) {
        apologize("You must provide a new password.");
    }
    if (empty($_POST["confirmation"])) {
        apologize("You must confirm your new password.");
    }
    if ($_POST["new_pass"] != $_POST["confirmation"]) {
        apologize("Password and confirmation do not match.");
    }
    // compare hash of user's input against the old hash
    if (!password_verify($_POST["old_pass"], $_SESSION["user"]["password"])) {
        apologize("Invalid username and/or password.");
    }
    if (tquery(" \tUPDATE users\n\t\t\t\t\t\tSET password = ?\n\t\t\t\t\t\tWHERE user_id = ?", [password_hash($_POST["new_pass"], PASSWORD_DEFAULT), $_SESSION["user"]["user_id"]]) === false) {
        apologize("Failed to change password.");
    }
    // redirect to home
    redirect("index.php");
}
Пример #3
0
function edit_soc_info($sid, $info)
{
    if (!am_mod(get_society_by_id($sid))) {
        apologize("Access Denied.");
    }
    return tquery("INSERT INTO soc_details(soc_id, revised_by, info) \n\t\t\t\t\t\tVALUES(?, ?, ?);\n\n\t\t\t\t\t\tSET @last_id = LAST_INSERT_ID();\n\n\t\t\t\t\t\tUPDATE societies\n\t\t\t\t\t\t   SET rev_id = @last_id\n\t\t\t\t\t\t WHERE soc_id = ?;", [$sid, $_SESSION["user"]["user_id"], $info], [], [$sid]);
}