function parseUserFormular($session, &$user = null) { $username = $session->getVariable("username"); $password = $session->getVariable("password"); $aktiv = $session->getBoolVariable("aktiv"); $defaultgliederungid = $session->getVariable("defaultgliederungid"); $defaultdokumentkategorieid = $session->getVariable("defaultdokumentkategorieid"); $defaultdokumentstatusid = $session->getVariable("defaultdokumentstatusid"); $generateapikey = $session->hasVariable("apikey") && $session->getVariable("apikey") == "generate"; $removeapikey = $session->hasVariable("apikey") && $session->getVariable("apikey") == "remove"; if ($user == null) { $user = new User($session->getStorage()); } $user->setUsername($username); if (!empty($password)) { $user->changePassword($password); } if ($generateapikey) { $user->generateAPIKey(); } if ($removeapikey) { $user->unsetAPIKey(); } $user->setAktiv($aktiv); $user->setDefaultGliederungID($defaultgliederungid); $user->setDefaultDokumentKategorieID($defaultdokumentkategorieid); $user->setDefaultDokumentStatusID($defaultdokumentstatusid); $user->save(); }
public function testMultiChangePassword() { $firstPassword = '******'; $secondPassword = '******'; $otpKey = 'I am a test key'; $data = openssl_random_pseudo_bytes(117); // Set up a user $user = new User(); $user->setOtpKey($otpKey, $firstPassword); // Setup a key $defaultKeyPassphrase = $user->dangerouslyRegenerateAccountKeyPassphrase($firstPassword); $key = Key::generate($defaultKeyPassphrase, 1024); $user->accountKey = $key; // Encrypt some data $encryptedData = $user->getAccountKey()->encrypt($data); // Change user's password // This must update the password on the default key and OTP key as well $user->changePassword($firstPassword, $secondPassword); // Decrypt data $newKeyPassphrase = $user->getAccountKeyPassphrase($secondPassword); $decrypted = $user->getAccountKey()->decrypt($encryptedData, $newKeyPassphrase); // Default Key passphrase should have changed and remain valid $this->assertNotEquals($newKeyPassphrase, $defaultKeyPassphrase); $this->assertEquals($data, $decrypted); // OTP key should have been encrypted with the new password $this->assertEquals($otpKey, $user->getOtpKey($secondPassword)); }
function changePassword() { global $error; $use_captcha = true; $arr_submit = array(array('passw1', 'string', true, ''), array('passw2', 'string', true, ''), array('uid', 'int', true, '')); $frm_submitted = validate_var($arr_submit); if (!$error) { $bln_success = User::changePassword($frm_submitted); } }
/** * @return string the user's new password. */ public static function resetPassword($username, $expires, $hash, $password = null) { $user = User::get($username); $validhash = User::getPasswordResetHash($username, $expires, $user); if (!$validhash) { return false; } if ($expires < time()) { return false; } if ($hash != $validhash) { return false; } if ($user === false || $user->username != $username) { return false; } if ($password === null) { //If we don't get a password, generate an 8-character one for the user, using the Base64 character set (0-9A-Za-z+-. $password = base64_encode(pack("n*", mt_rand(0, 65535), mt_rand(0, 65535), mt_rand(0, 65535))); } User::changePassword($user->username, $password); return $password; }
public function remindReset(Request $request, Response $response, array $args) { $template = new \App\Template('remind_reset.twig'); // First check that the passwords match. $password = $request->get('password'); if ($password !== $request->get('password-confirmation')) { $template->alert('warning', 'Your passwords did not match.', true); return new RedirectResponse($this->config->baseUrl() . "/remind/" . $args['userid'] . "/" . $args['token']); } // Then see if the token is valid. $user = new User($this->db); $user->load($args['userid']); if (!$user->checkReminderToken($args['token'])) { $template->alert('warning', 'That reminder token has expired. Please try again.', true); return new RedirectResponse($this->config->baseUrl() . "/remind"); } // Finally change the password. This will delete the token as well. $user->changePassword($password); $template->alert('success', 'Your password has been changed. Please log in.', true); return new RedirectResponse($this->config->baseUrl() . "/login?name=" . $user->getName()); }
<?php require_once 'classes/errors.php'; require_once 'functions/global.php'; require_once 'classes/user.php'; SqlConnect(); $user = new User(); $verifier = $_GET['v']; $valid = false; $allowchange = false; $ans1 = $_POST['answer1']; $ans2 = $_POST['answer2']; if (isset($_POST['newpass'])) { $user->changePassword($verifier, $_POST['newpass']); header("Location: login.php"); } if ($verifier != "") { $user = $user->GetUserByValidationCode($verifier); if ($user != null) { $valid = true; if (isset($_POST['answer1'])) { if ($user->checkSecurityQuestionOne($verifier, $ans1)) { $allowchange = true; } else { //echo ('sec 1 is not valid'); } } if (!$allowchange && isset($_POST['answer2'])) { if ($user->checkSecurityQuestionTwo($verifier, $ans2)) { $allowchange = true; } else {
function changePassword() { if (defined('ALLOW_ACCESS_BY') && (ALLOW_ACCESS_BY == 'login' || ALLOW_ACCESS_BY == 'free')) { global $error; $use_captcha = true; $arr_submit = array(array('passw1', 'string', true, ''), array('passw2', 'string', true, ''), array('uid', 'int', true, '')); $frm_submitted = validate_var($arr_submit); if (!$error) { $bln_success = User::changePassword($frm_submitted); } if ($bln_success) { header('location:' . FULLCAL_URL); exit; } } else { header('location:' . FULLCAL_URL); exit; } }
$rcodes[] = $mod_user->changeEmail($mail); } $ajax_message['token_data'] = tokenTool('get'); } $newlogin = Filter::input('new_login'); $newpass = Filter::input('new_password'); $delete_skin = Filter::input('new_delete_skin', 'post', 'bool'); $delete_cloak = Filter::input('new_delete_cloak', 'post', 'bool'); if ($newlogin) { $rcodes[] = $mod_user->changeName($newlogin); } if ($newpass) { $oldpass = Filter::input('old_password'); $newrepass = Filter::input('new_repassword'); if ($user->lvl() >= 15 and $user_id) { $rcodes[] = $mod_user->changePassword($newpass); } else { $rcodes[] = $mod_user->changePassword($newpass, $newrepass, $oldpass); } } if (empty($_FILES['new_skin']['tmp_name']) and $delete_skin and !$mod_user->defaultSkinTrigger() and $user->getPermission('change_skin')) { $rcodes[] = $mod_user->setDefaultSkin(); } if (empty($_FILES['new_cloak']['tmp_name']) and $delete_cloak and $user->getPermission('change_cloak')) { $mod_user->deleteCloak(); $rcodes[] = 1; } if (!empty($_FILES['new_skin']['tmp_name'])) { $rcodes[] = (int) $mod_user->changeVisual('new_skin', 'skin'); } if (!empty($_FILES['new_cloak']['tmp_name'])) {
<html> <body> <?php require "dbfunctions.php"; $dbh = db_connect(); if ($subject_name) { if (isvaliduser($dbh, $subject_name)) { $info = get_items($dbh, "userid,email", "accounts", "username", $subject_name); $subject_id = $info[0][0]; $email = $info[0][1]; if (!$password) { srand(time()); $password = rand(0, 999999); } User::changePassword($subject_name, $password); echo "<form action=\"email.php\" method=\"POST\">"; echo "<input type=\"hidden\" name=\"email\" value=\"" . $email . "\">"; echo "<input type=\"hidden\" name=\"username\" value=\"" . $subject_name . "\">"; echo "<input type=\"hidden\" name=\"password\" value=\"" . $password . "\">"; echo "<input type=\"hidden\" name=\"whatoperation\" \nvalue=\"changepassword\">"; echo "<input type=\"submit\" value=\"Send Email\"></form>"; } else { echo $subject_name . "does not exist."; } } //if no username ?> <form action="changepassword.php" method="POST"> Username : <input type="text" name="username"><br> Password : <input type="text" name="password"><br>
$toReturn->set("success", "false"); $toReturn->set("message", Utils::translate('noEmailFound')); //echo "No "; } else { if ($generateInfo['match']) { // generated password $template = new Template("./templates/" . __LANGUAGE__ . "/recover.html"); $confirmationMsg = $template->replace(array("username" => $info['username'], "password" => $generateInfo['generated'], "productName" => $productTranslate)); // $confirmationMsg = "Your new generated password for user name = ".$info['username']." is ".$generateInfo['generated']; $mail = new Mail(); $mail->Subject("[" . $productTranslate . "] " . Utils::translate('RecoveredEmailSubject')); $mail->To($info['email']); $mail->From(__EMAIL__); $mail->Body($confirmationMsg); $mail->Send(); $user->changePassword($info['email'], $generateInfo['generated']); $toReturn->set("success", "true"); $toReturn->set("message", Utils::translate('passwordChanged')); } else { // confirmation link $data = date('Y-m-d H:i:s'); $template = new Template("./templates/" . __LANGUAGE__ . "/confirmRecover.html"); $id = base64_encode($info['email'] . "|" . $data . "|recover|" . $generateInfo['generated']); $link = "<a href='" . __BASE_URL__ . "oxygen-webhelp/resources/confirm.html?id={$id}'>" . __BASE_URL__ . "oxygen-webhelp/resources/confirm.html?id={$id}</a>"; $confirmationMsg = $template->replace(array("product" => $info['product'], "link" => $link, "productName" => $productTranslate)); $mail = new Mail(); $mail->Subject("[" . $productTranslate . "] " . Utils::translate('RecoverConfirmationEmailSubject')); $mail->To($info['email']); $mail->From(__EMAIL__); $mail->Body($confirmationMsg); $mail->Send();
<?php // Include common functions and declarations require_once "../../include/common.php"; // Create user object $user = new User(getGetValue("userId")); // Check if user owns this profile $forgotPassword = getValue("forgotPassword"); if ($login->isLoggedIn() || $forgotPassword) { if (!empty($user->id)) { if ($login->isWebmaster() || $login->id == $user->id || $forgotPassword) { if (!empty($_GET["save"])) { // Change user password $errors = $user->changePassword(getPostValue("password")); // Redirect to user index if (!$errors->hasErrors()) { redirect($forgotPassword ? scriptUrl . '/' . fileProfileForgotPassword . '?success=1' : scriptUrl . "/" . folderAdmin); } } // Add navigation links $site->addNavigationLink(scriptUrl . "/" . folderAdmin, $lAdminIndex["Header"]); $site->addNavigationLink(scriptUrl . "/" . folderAdmin, $lAdminIndex["ChangePassword"]); // Print common header $site->printHeader(); // Print page description printf("<p>" . ($login->id == $user->id ? $lChangePassword["HeaderText"] : $lChangePassword["HeaderText2"]) . "</p>", $user->username); // Check for errors if ($errors->hasErrors()) { $errors->printErrorMessages(); } // Include edit user form
echo "<p class=\"error\">" . T_("This is the demo account") . ".</p>"; } else { $success = false; include "includes/protection.php"; if ($actpass != null) { remhtml($actpass); } if ($newpass != null) { remhtml($newpass); } if ($renewpass != null) { remhtml($renewpass); } if ($_POST['submitted']) { $user = new User(); $resultArr = $user->changePassword($actpass, $newpass, $renewpass); $success = $resultArr['success']; if ($success) { echo "<p class=\"success\">" . $resultArr['message'] . "</p>"; echo "<p><a href=\"controlpanel.php\"><< " . T_("Back to") . " " . T_("Settings") . "</a></p>"; } } if (!$success) { if ($resultArr['message'] != null) { echo "<p class=\"error\">" . $resultArr['message'] . "</p>"; } ?> <p><?php echo T_("In order to change your password, enter the current one and then type the new\tone twice to confirm"); ?>
function changepassword($data) { $outp = array("ec" => 1, "data" => 0); if (!User::changePassword($data["opassword"], $data["npassword"])) { $outp["ec"] = -26; } return $outp; }
<div id="container"> <?php if (isset($_POST['save'])) { ?> <?php User::saveUserInfo($_SESSION['username'], $_POST['name'], $_POST['email']); ?> <p class="message success">Account Settings Saved</p> <?php if ($_POST['current'] != '' && $_POST['new'] != '' && $_POST['confirm'] != '') { if ($_POST['new'] != $_POST['confirm']) { echo '<p class="message notice">Sorry, your new passwords don\'t match!</p>'; } else { User::changePassword($_SESSION['username'], $_POST['current'], $_POST['new']); } } ?> <?php } ?> <form action="dashboard.php?page=profile" method="post"> <fieldset> <ul> <li> <label>Full Name</label> <input type="text" name="name" value="<?php echo $info[0]->name; ?>
<?php session_start(); require_once "lib/config.inc.php"; require_once "lib/classes/User.php"; require_once "lib/encryption.inc.php"; $encryptObj = new Encryption(); $UserObj = new User(); $UserObj->validateUserLogin(); $commonObj->cleanInput(); if (isset($_POST['submitForm']) && $_POST['submitForm'] == "yes") { $old_password = $encryptObj->encode($_POST['old_password']); $new_password = $encryptObj->encode($_POST['new_password']); $UserObj->changePassword($old_password, $new_password); } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <link rel="shortcut icon" type="image/x-icon" href="images/favicon.ico"> <link rel="shortcut icon" type="image/x-icon" href="images/favicon.ico"><link rel="shortcut icon" type="image/x-icon" href="images/favicon.ico"><link rel="shortcut icon" type="image/x-icon" href="images/favicon.ico"> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title><?php echo ucfirst(SITE_TITLE); ?> </title> <link href="css/style.css" rel="stylesheet" type="text/css" /> <link rel="shortcut icon" type="image/x-icon" href="images/favicon.ico" /> <script> function validateFrm(obj) { var errArr = new Array();
array_push($errorArr, "Password Mismatch !!! "); if (filter_input(INPUT_POST, $postVar) == "") { array_push($errorArr, "Please confirm your password. "); } } default: if (filter_input(INPUT_POST, $postVar) == "") { array_push($errorArr, "Please enter a {$postVar} "); } } } if (count($errorArr) < 1) { $thisUser->password = mysqli_real_escape_string($dbObj->connection, filter_input(INPUT_POST, 'password1')); $thisUser->id = $_SESSION['USERID']; $newPassword = mysqli_real_escape_string($dbObj->connection, filter_input(INPUT_POST, 'password')); switch ($thisUser->changePassword($dbObj, 'users', $newPassword)) { case 'success': $_SESSION['topmsg'] = $thisPage->messageBox('Password successfully changed.', 'success'); $thisPage->redirectTo($_SERVER['HTTP_REFERER']); break; case 'error': $_SESSION['topmsg'] = $thisPage->messageBox('Password update failed. Please re-enter your details.', 'error'); $thisPage->redirectTo($_SERVER['HTTP_REFERER']); break; } } else { $_SESSION['topmsg'] = $thisPage->showError($errorArr); $thisPage->redirectTo($_SERVER['HTTP_REFERER']); } //Display error messages }
if (count($args) > 2) { $action = $args[2]; $newPassword = $args[3]; } $user = new User($dbConnectionInfo); //echo "id=".$id." date=".$date; $currentDate = date("Y-m-d G:i:s"); $days = Utils::getTimeDifference($currentDate, $date, 3); if ($days > 7) { $toReturn->set("error", true); $toReturn->set("msg", "Confirmation code expired!"); } else { $productTranslate = defined("__PRODUCT_NAME__") ? __PRODUCT_NAME__ : $_POST['productName']; if ($action == "recover") { $email = $id; $userName = $user->changePassword($email, $newPassword); if ($userName != "") { $template = new Template("./templates/" . __LANGUAGE__ . "/recover.html"); $confirmationMsg = $template->replace(array("username" => $userName, "password" => $newPassword, "productName" => $productTranslate)); // // $confirmationMsg = "Your generated password form username '".$userName."' is '".$newPassword."'"; // $confirmationMsg.="<br/>Thank you !"; $mail = new Mail(); $mail->Subject("[" . $productTranslate . "] " . $translate['RecoveredEmailSubject']); $mail->To($email); $mail->From(__EMAIL__); $mail->Body($confirmationMsg); $mail->Send(); $toReturn->set("error", false); $toReturn->set("msg", Utils::translate('passwordChanged')); } else {
function saveProfile() { global $error; global $obj_smarty; $arr_submit = array(array('user_id', 'int', true, ''), array('firstname', 'string', false, ''), array('infix', 'string', false, ''), array('lastname', 'string', true, ''), array('country', 'string', false, ''), array('username', 'string', true, ''), array('email', 'email', true, ''), array('birthdate_day', 'int', false, ''), array('birthdate_month', 'int', false, ''), array('birthdate_year', 'int', false, ''), array('password', 'string', false, ''), array('confirm', 'string', false, ''), array('user_info', 'string', false, ''), array('active', 'bool', false, 0)); $frm_submitted = validate_var($arr_submit); if (User::isAdmin() || User::isAdminUser($frm_submitted['user_id'])) { if (!$error || is_null($error)) { $bln_success = User::adminSaveProfile($frm_submitted); if (is_string($bln_success)) { echo json_encode(array('success' => false, 'error' => $bln_success)); exit; } if (!empty($frm_submitted['password']) && !empty($frm_submitted['confirm'])) { if ($frm_submitted['password'] === $frm_submitted['confirm']) { $frm_submitted['passw1'] = $frm_submitted['password']; $frm_submitted['uid'] = $frm_submitted['user_id']; $bln_success = User::changePassword($frm_submitted); } else { $obj_smarty->assign('save_profile_error', 'Passwords do not match'); exit; } } } else { $obj_smarty->assign('save_profile_error', $error); } } else { $error = 'NO rights to change this user'; $obj_smarty->assign('save_profile_error', $error); } if (!is_null($error) && $error !== false) { // give feedback about the error $arr_user = User::getUserById($frm_submitted['user_id']); $arr_birthdate = explode('-', $arr_user['birth_date']); $arr_user['birthdate_month'] = $arr_user['birth_date'] !== '0000-00-00' ? $arr_birthdate[1] : ''; $arr_user['birthdate_day'] = $arr_user['birth_date'] !== '0000-00-00' ? $arr_birthdate[2] : ''; $arr_user['birthdate_year'] = $arr_user['birth_date'] !== '0000-00-00' ? $arr_birthdate[0] : ''; unset($arr_user['password']); unset($arr_user['birth_date']); $obj_smarty->assign('active', 'profile'); $obj_smarty->assign('profile', $arr_user); $obj_smarty->display(FULLCAL_DIR . '/view/admin_panel.tpl'); exit; } else { header('location: ' . FULLCAL_URL . '/admin/users'); exit; } }
switch ($divcommand) { case 1: $subdiv = 1; $div = 0; break; case 2: $subdiv = 1; $div = 1; break; } Event::addEvent($name . '\'s account has been modified.', $_SESSION['user'], 2); $user->update($login, $email, $division, $clearance, $name, $rank, $div, $subdiv); } else { if ($do == 'resetpass') { $pass = User::createPassword(); $user->changePassword($pass); $to = $user->getEmail(); $subject = 'IRIN - Password Reset'; $headers = "MIME-Version: 1.0" . "\r\n"; $headers .= "Content-type: text/html; charset=iso-8859-1" . "\r\n"; $headers .= "From: IRIN <*****@*****.**>" . "\r\n"; $message = 'Your password has been reset by an admin.<br /><br /><b>Login ID:</b> ' . $user->getUsername() . '<br /><b>New Password:</b> ' . $pass; //mail($to, $subject, $message, $headers); $mail->setFrom('*****@*****.**', 'IRIN'); $mail->addAddress($to); $mail->Subject = $subject; $mail->Body = $message; if (!$mail->send()) { throw new MailException($mail->ErrorInfo); } ?>
$app->put('/user', function () use($user, $app, $login) { $details = json_decode($app->request->getBody(), true); echo json_encode($user->updateUserGeneral($_SESSION['auth']['user_id'], $details, $login)); }); /** * User profile */ $app->post('/uploadPhoto', function () use($user, $app, $login) { echo json_encode($user->uploadPhoto($_SESSION['auth']['user_id'], $_FILES['photo'], $login)); }); $app->post('/uploadCover', function () use($user, $app, $login) { echo json_encode($user->uploadCover($_SESSION['auth']['user_id'], $_FILES['cover'], $login)); }); $app->put('/changePassword', function () use($user, $app) { $passwords = json_decode($app->request->getBody(), true); echo json_encode($user->changePassword($_SESSION['auth']['user_id'], $passwords)); }); /** * Posts */ $app->get('/posts/:type/:user_id/:offset/:limit', function ($type, $user_id, $offset, $limit) use($post, $app) { echo json_encode($post->getPosts($type, $user_id, null, $offset, $limit)); }); $app->get('/post/:id', function ($id) use($post) { echo json_encode($post->getPostById($id)); }); $app->post('/post', function () use($post, $app) { $data = json_decode($app->request->getBody()); echo json_encode($post->publishPost($_SESSION['auth']['user_id'], $data->friend_id, $data->content)); }); $app->delete('/post', function () use($post, $app) {
$id = $_POST['id']; $qry = "delete from file where File_Id = {$id}"; $result = mysql_query($qry); if ($result) { echo "true"; } break; case "loadUserName": //session_start(); $user1 = new User($_SESSION['USERID']); $result = $user1->getUserDetail('Name'); break; case "changePassword": //session_start(); $user1 = new User($_SESSION['USERID']); $result["success"] = $user1->changePassword($_POST['newPass'], $_POST['oldPass']); break; /****End of Genral APIs*****/ //Start By Vidhan /****End of Genral APIs*****/ //Start By Vidhan case "createPoll": //@session_start(); $course = new Course($_POST["courseid"], PRESENT_YEAR, PRESENT_SEM); $result['poll'] = $course->createPoll($_POST['question'], $_POST['response']); break; case "getPoll": //@session_start(); $course = new Course($_POST["courseid"], PRESENT_YEAR, PRESENT_SEM); $result1 = $course->getPolls(); for ($i = 0; $i <= count($result1) - 1; $i++) {
function saveProfile() { global $error; global $obj_smarty; $arr_submit = array(array('user_id', 'int', true, ''), array('firstname', 'string', false, ''), array('infix', 'string', false, ''), array('lastname', 'string', true, ''), array('country', 'string', false, ''), array('username', 'string', false, ''), array('email', 'email', true, ''), array('birthdate_day', 'int', false, ''), array('birthdate_month', 'int', false, ''), array('birthdate_year', 'int', false, ''), array('password', 'string', false, ''), array('confirm', 'string', false, '')); $frm_submitted = validate_var($arr_submit); $arr_user = User::getUser(); if ($arr_user['user_id'] == $frm_submitted['user_id']) { if (!$error) { $bln_success = User::saveProfile($frm_submitted); if (is_string($bln_success)) { $obj_smarty->assign('save_profile_error', $bln_success); } else { $obj_smarty->assign('save_profile_success', 'Saved succesfully'); } if (!empty($frm_submitted['password']) && !empty($frm_submitted['confirm'])) { if ($frm_submitted['password'] === $frm_submitted['confirm']) { $frm_submitted['passw1'] = $frm_submitted['password']; $frm_submitted['uid'] = $_SESSION['calendar-uid']['uid']; $bln_success = User::changePassword($frm_submitted); } else { $obj_smarty->assign('save_profile_error', 'Passwords do not match'); exit; } } } else { $obj_smarty->assign('save_profile_error', $error); } } else { $obj_smarty->assign('save_profile_error', 'NO rights to change this user'); } $obj_smarty->assign('name', $arr_user['firstname'] . ' ' . (!empty($arr_user['infix']) ? $arr_user['infix'] : '') . $arr_user['lastname']); $obj_smarty->assign('active', 'profile'); $obj_smarty->assign('profile', $arr_user); $obj_smarty->display(FULLCAL_DIR . '/view/user_panel.tpl'); //header('location: '.FULLCAL_URL.'/user'); exit; }