about summary refs log tree commit diff stats
diff options
context:
space:
mode:
authorKelly Rauchenberger <fefferburbia@gmail.com>2008-08-15 18:39:18 +0000
committerKelly Rauchenberger <fefferburbia@gmail.com>2008-08-15 18:39:18 +0000
commit9aec4d669f8d9efb74372e3755131e042c62761f (patch)
tree8fd2491e1efb923392e3b8a39ce045d83f94bd9a
parent4c9677691d59bd6d743bd544b6be38084e095a22 (diff)
downloadinstadisc-9aec4d669f8d9efb74372e3755131e042c62761f.tar.gz
instadisc-9aec4d669f8d9efb74372e3755131e042c62761f.tar.bz2
instadisc-9aec4d669f8d9efb74372e3755131e042c62761f.zip
Central: Add change password
Refs #25 and closes #35
-rw-r--r--central/trunk/changepassword.php118
-rw-r--r--central/trunk/includes/instadisc.php6
-rw-r--r--central/trunk/theme/changedpassword.tpl13
-rw-r--r--central/trunk/theme/changepassword.tpl74
4 files changed, 211 insertions, 0 deletions
diff --git a/central/trunk/changepassword.php b/central/trunk/changepassword.php new file mode 100644 index 0000000..bdbcf6e --- /dev/null +++ b/central/trunk/changepassword.php
@@ -0,0 +1,118 @@
1<?php
2
3/* InstaDisc Server - A Four Island Project */
4
5include('includes/instadisc.php');
6include('includes/template.php');
7
8if (!isset($_GET['submit']))
9{
10 showForm('','','',array());
11} else {
12 $numOfErrors = 0;
13 $errors = array();
14
15 if ($_POST['old'] == '')
16 {
17 addError($numOfErrors, $errors, 'old', 'Old Password is a required field');
18 } else {
19 $getuser = "SELECT * FROM users WHERE username = \"" . mysql_real_escape_string($_SESSION['username']) . "\" AND password = \"" . mysql_real_escape_string(md5($_POST['old'])) . "\"";
20 $getuser2 = mysql_query($getuser);
21 $getuser3 = mysql_fetch_array($getuser2);
22
23 if ($getuser3['password'] != md5($_POST['password']))
24 {
25 addError($numOfErrors, $errors, 'old', 'Old password is not correct');
26 }
27 }
28
29 if ($_POST['new'] == '')
30 {
31 addError($numOfErrors, $errors, 'new', 'New Password is a required field');
32 }
33
34 if ($_POST['confirm'] == '')
35 {
36 addError($numOfErrors, $errors, 'confirm', 'Confirm New Password is a required field');
37 }
38
39 if ($_POST['new'] != $_POST['confirm'])
40 {
41 addError($numOfErrors, $errors, 'confirm', 'Passwords do not match');
42 }
43
44 if ($numOfErrors > 0)
45 {
46 showForm($_POST['old'], $_POST['new'], $_POST['confirm'], $errors);
47 } else {
48 instaDisc_changePassword($_SESSION['username'], $_POST['new']);
49
50 $template = new FITemplate('changedpassword');
51 $template->add('SITENAME', instaDisc_getConfig('siteName'));
52 $template->display();
53 }
54}
55
56function showForm($old, $new, $confirm, $errors)
57{
58 $template = new FITemplate('changepassword');
59 $template->add('SITENAME', instaDisc_getConfig('siteName'));
60
61 if (isset($errors[1]))
62 {
63 $template->adds('ERROR', array('ex'=>'1'));
64
65 foreach ($errors as $name => $value)
66 {
67 $template->adds('ERRORS', array( 'NAME' => $name,
68 'MSG' => $value['msg']));
69 }
70 }
71
72 $template->add('OLD_ERR', ifErrors($errors, 'old'));
73 $template->add('NEW_ERR', ifErrors($errors, 'new'));
74 $template->add('CONFIRM_ERR', ifErrors($errors, 'confirm'));
75
76 doErrors($template, $errors, 'old');
77 doErrors($template, $errors, 'new');
78 doErrors($template, $errors, 'confirm');
79
80 $template->add('OLD', $old);
81 $template->add('NEW', $new);
82 $template->add('CONFIRM', $confirm);
83
84 $template->display();
85}
86
87function ifErrors($errors, $id)
88{
89 foreach ($errors as $name => $value)
90 {
91 if ($value['field'] == $id)
92 {
93 return ' error';
94 }
95 }
96
97 return '';
98}
99
100function doErrors($template, $errors, $id)
101{
102 foreach ($errors as $name => $value)
103 {
104 if ($value['field'] == $id)
105 {
106 $template->adds(strtoupper($id) . '_ERRS', array( 'NAME' => $name,
107 'VALUE' => $value['msg']));
108 }
109 }
110}
111
112function addError(&$numOfErrors, &$errors, $field, $msg)
113{
114 $numOfErrors++;
115 $errors[$numOfErrors] = array('field' => $field, 'msg' => $msg);
116}
117
118?>
diff --git a/central/trunk/includes/instadisc.php b/central/trunk/includes/instadisc.php index 96f4940..95aeb88 100644 --- a/central/trunk/includes/instadisc.php +++ b/central/trunk/includes/instadisc.php
@@ -397,4 +397,10 @@ function instaDisc_cancelSubscription($username, $url)
397 return false; 397 return false;
398} 398}
399 399
400function instaDisc_changePassword($username, $password)
401{
402 $setpass = "UPDATE users WHERE username = \"" . mysql_real_escape_string($username) . "\" SET password = \"" . mysql_real_escape_string(md5($password)) . "\"";
403 $setpass2 = mysql_query($setpass);
404}
405
400?> 406?>
diff --git a/central/trunk/theme/changedpassword.tpl b/central/trunk/theme/changedpassword.tpl new file mode 100644 index 0000000..c9ff252 --- /dev/null +++ b/central/trunk/theme/changedpassword.tpl
@@ -0,0 +1,13 @@
1<HTML>
2 <HEAD>
3 <TITLE><!--SITENAME--> InstaDisc Central Server</TITLE>
4 </HEAD>
5
6 <BODY>
7 <CENTER>
8 <H1>InstaDisc Change Password</H1>
9
10 <P>You've sucessfully changed your password. Make sure that you change it on your Client as well. <A HREF="userpanel.php">Return to the User Panel</A>
11 </CENTER>
12 </BODY>
13</HTML>
diff --git a/central/trunk/theme/changepassword.tpl b/central/trunk/theme/changepassword.tpl new file mode 100644 index 0000000..406cb40 --- /dev/null +++ b/central/trunk/theme/changepassword.tpl
@@ -0,0 +1,74 @@
1<HTML>
2 <HEAD>
3 <TITLE><!--SITENAME--> InstaDisc Central Server</TITLE>
4 <LINK REL="stylesheet" TYPE="text/css" HREF="theme/uniform.css">
5 </HEAD>
6
7 <BODY>
8 <CENTER>
9 <H1>InstaDisc Change Password</H1>
10
11 <P>If you would like to change your password, please fill out the form below.
12 </CENTER>
13
14 <FORM CLASS="uniform" ACTION="./changepassword.php?submit=" METHOD="POST">
15
16 <!--BEGIN ERROR-->
17 <DIV ID="errorMsg">Uh oh! Validation errors!<P>
18 <OL>
19 <!--END ERROR-->
20
21 <!--BEGIN ERRORS-->
22 <LI><A HREF="#error<!--ERRORS.NAME-->"><!--ERRORS.MSG--></A></LI>
23 <!--END ERRORS-->
24
25 <!--BEGIN ERROR-->
26 </OL>
27 </DIV>
28 <!--END ERROR-->
29
30 <FIELDSET CLASS="inlineLabels">
31 <LEGEND>Password Details</LEGEND>
32
33 <DIV CLASS="ctrlHolder<!--OLD_ERR-->">
34 <!--BEGIN OLD_ERRS-->
35 <P ID="error<!--OLD_ERRS.NAME-->" CLASS="errorField"><EM>*</EM>
36 <!--OLD_ERRS.MSG-->
37 </P>
38 <!--END OLD_ERRS-->
39
40 <LABEL FOR="old"><EM>*</EM> Old Password: </LABEL>
41 <INPUT TYPE="password" ID="old" NAME="old" CLASS="textInput" VALUE="<!--OLD-->">
42 </DIV>
43
44 <DIV CLASS="ctrlHolder<!--NEW_ERR-->">
45 <!--BEGIN NEW_ERRS-->
46 <P ID="error<!--NEW_ERRS.NAME-->" CLASS="errorField"><EM>*</EM>
47 <!--NEW_ERRS.MSG-->
48 </P>
49 <!--END NEW_ERRS-->
50
51 <LABEL FOR="new"><EM>*</EM> New Password: </LABEL>
52 <INPUT TYPE="password" ID="new" NAME="new" CLASS="textInput" VALUE="<!--NEW-->">
53 </DIV>
54
55 <DIV CLASS="ctrlHolder<!--EMAIL_ERR-->">
56 <!--BEGIN CONFIRM_ERRS-->
57 <P ID="error<!--CONFIRM_ERRS.NAME-->" CLASS="errorField"><EM>*</EM>
58 <!--CONFIRM_ERRS.MSG-->
59 </P>
60 <!--END CONFIRM_ERRS-->
61
62 <LABEL FOR="confirm"><EM>*</EM> Confirm New Password: </LABEL>
63 <INPUT TYPE="password" ID="confirm" NAME="confirm" CLASS="textInput" VALUE="<!--CONFIRM-->">
64
65 <P CLASS="formHint">Please re-type your new password</P>
66 </DIV>
67 </FIELDSET>
68
69 <DIV CLASS="buttonHolder">
70 <INPUT TYPE="submit" NAME="submit" VALUE="Submit">
71 </DIV>
72 </FORM>
73 </BODY>
74</HTML>