if(!preg_match("/([A-Z]+)/s", $password)) {
//$error.="<br>Password should contain at least one (1) UPPER CASE Character";
}
if(!preg_match("/([^a-zA-Z0-9]+)/s", $password)) {
//$error.="<br>Password should contain at least one (1) Special Character e.g. @#%&!?";
}
if(strlen($password)<$default_passwordLength) {
$error.="<br>Password should be at least $default_passwordLength characters in length";
}
}
//password must not match any of last $default_passwordsHistory historical passwords
$query=0;
$query=mysqlquery("select * from vl_users_history where userID='$id' order by created desc limit $default_passwordsHistory");
if(mysqlnumrows($query)) {
while($q=mysqlfetcharray($query)) {
if($password && $q["history"] && (vlSimpleDecrypt($q["history"])==hash("sha256",$password))) {
$error.="<br>Please select another Password. Your current choice of New Password is similar to a previously used Password on this very Account.";
}
}
}
//email
if(!$email)
$error.="<br>No Email provided";
//process
if(!$error) {
//log table change
logTableChange("vl_users","names",$id,getDetailedTableInfo2("vl_users","id='$id'","names"),$names);
logTableChange("vl_users","email",$id,getDetailedTableInfo2("vl_users","id='$id'","email"),$email);
logTableChange("vl_users","phone",$id,getDetailedTableInfo2("vl_users","id='$id'","phone"),$phone);
logTableChange("vl_users","role",$id,getDetailedTableInfo2("vl_users","id='$id'","role"),$role);
resetPassword($remindEmail);
go("/sentreminder/$remindEmail/");
}
if($login && $email && $pass) {
//validate
$email=validate($email);
//authenticate
$u=0;
$u=mysqlquery("select * from vl_users where lower(email)='".strtolower($email)."'");
if(mysqlnumrows($u)) {
while($un=mysqlfetcharray($u)) {
if(strtolower($email)==strtolower($un["email"])) {
//email authentic
if(vlSimpleDecrypt($un["xp"])==hash("sha256",$pass)) {
//has this account been de-activated?
if(!$un["active"]) {
go("/login/in/");
} else {
//register session variables
$_SESSION["VLEMAIL"]=$email;
//log
mysqlquery("update vl_users set lastLogin='******' where email='$_SESSION[VLEMAIL]'");
//redirect
go("/dashboard/welcome/");
}
} else {
go("/login/er/");
}
}
}
if($x) {
include "conf.db.php";
include_once("functions.datetime.php");
include_once("functions.strings.php");
include_once("functions.debug.php");
if($vl_name && $vl_pass) {
$u=0;
$u=mysqlquery("select * from vl_admins where username='******'");
if(mysqlnumrows($u)) {
while($un=mysqlfetcharray($u)) {
if($vl_name==$un["username"]) {
//username authentic
if(vlSimpleDecrypt($un["password"])==hash("sha256",$vl_pass)) {
//get the users email
$_SESSION["VLADMIN"] = $un["email"];
go("?");
} else {
//echo "<script>alert('Invalid Credentials');document.location.href='?';</script>";
}
}
}
} else {
echo "<script>alert('Invalid Credentials');document.location.href='?';</script>";
}
} else {
echo "<SCRIPT>alert('Missing Credentials');document.location.href='?';</SCRIPT>";
}
}