diff options
-rw-r--r-- | central/trunk/changepassword.php | 118 | ||||
-rw-r--r-- | central/trunk/includes/instadisc.php | 6 | ||||
-rw-r--r-- | central/trunk/theme/changedpassword.tpl | 13 | ||||
-rw-r--r-- | central/trunk/theme/changepassword.tpl | 74 |
4 files changed, 211 insertions, 0 deletions
diff --git a/central/trunk/changepassword.php b/central/trunk/changepassword.php new file mode 100644 index 0000000..bdbcf6e --- /dev/null +++ b/central/trunk/changepassword.php | |||
@@ -0,0 +1,118 @@ | |||
1 | <?php | ||
2 | |||
3 | /* InstaDisc Server - A Four Island Project */ | ||
4 | |||
5 | include('includes/instadisc.php'); | ||
6 | include('includes/template.php'); | ||
7 | |||
8 | if (!isset($_GET['submit'])) | ||
9 | { | ||
10 | showForm('','','',array()); | ||
11 | } else { | ||
12 | $numOfErrors = 0; | ||
13 | $errors = array(); | ||
14 | |||
15 | if ($_POST['old'] == '') | ||
16 | { | ||
17 | addError($numOfErrors, $errors, 'old', 'Old Password is a required field'); | ||
18 | } else { | ||
19 | $getuser = "SELECT * FROM users WHERE username = \"" . mysql_real_escape_string($_SESSION['username']) . "\" AND password = \"" . mysql_real_escape_string(md5($_POST['old'])) . "\""; | ||
20 | $getuser2 = mysql_query($getuser); | ||
21 | $getuser3 = mysql_fetch_array($getuser2); | ||
22 | |||
23 | if ($getuser3['password'] != md5($_POST['password'])) | ||
24 | { | ||
25 | addError($numOfErrors, $errors, 'old', 'Old password is not correct'); | ||
26 | } | ||
27 | } | ||
28 | |||
29 | if ($_POST['new'] == '') | ||
30 | { | ||
31 | addError($numOfErrors, $errors, 'new', 'New Password is a required field'); | ||
32 | } | ||
33 | |||
34 | if ($_POST['confirm'] == '') | ||
35 | { | ||
36 | addError($numOfErrors, $errors, 'confirm', 'Confirm New Password is a required field'); | ||
37 | } | ||
38 | |||
39 | if ($_POST['new'] != $_POST['confirm']) | ||
40 | { | ||
41 | addError($numOfErrors, $errors, 'confirm', 'Passwords do not match'); | ||
42 | } | ||
43 | |||
44 | if ($numOfErrors > 0) | ||
45 | { | ||
46 | showForm($_POST['old'], $_POST['new'], $_POST['confirm'], $errors); | ||
47 | } else { | ||
48 | instaDisc_changePassword($_SESSION['username'], $_POST['new']); | ||
49 | |||
50 | $template = new FITemplate('changedpassword'); | ||
51 | $template->add('SITENAME', instaDisc_getConfig('siteName')); | ||
52 | $template->display(); | ||
53 | } | ||
54 | } | ||
55 | |||
56 | function showForm($old, $new, $confirm, $errors) | ||
57 | { | ||
58 | $template = new FITemplate('changepassword'); | ||
59 | $template->add('SITENAME', instaDisc_getConfig('siteName')); | ||
60 | |||
61 | if (isset($errors[1])) | ||
62 | { | ||
63 | $template->adds('ERROR', array('ex'=>'1')); | ||
64 | |||
65 | foreach ($errors as $name => $value) | ||
66 | { | ||
67 | $template->adds('ERRORS', array( 'NAME' => $name, | ||
68 | 'MSG' => $value['msg'])); | ||
69 | } | ||
70 | } | ||
71 | |||
72 | $template->add('OLD_ERR', ifErrors($errors, 'old')); | ||
73 | $template->add('NEW_ERR', ifErrors($errors, 'new')); | ||
74 | $template->add('CONFIRM_ERR', ifErrors($errors, 'confirm')); | ||
75 | |||
76 | doErrors($template, $errors, 'old'); | ||
77 | doErrors($template, $errors, 'new'); | ||
78 | doErrors($template, $errors, 'confirm'); | ||
79 | |||
80 | $template->add('OLD', $old); | ||
81 | $template->add('NEW', $new); | ||
82 | $template->add('CONFIRM', $confirm); | ||
83 | |||
84 | $template->display(); | ||
85 | } | ||
86 | |||
87 | function ifErrors($errors, $id) | ||
88 | { | ||
89 | foreach ($errors as $name => $value) | ||
90 | { | ||
91 | if ($value['field'] == $id) | ||
92 | { | ||
93 | return ' error'; | ||
94 | } | ||
95 | } | ||
96 | |||
97 | return ''; | ||
98 | } | ||
99 | |||
100 | function doErrors($template, $errors, $id) | ||
101 | { | ||
102 | foreach ($errors as $name => $value) | ||
103 | { | ||
104 | if ($value['field'] == $id) | ||
105 | { | ||
106 | $template->adds(strtoupper($id) . '_ERRS', array( 'NAME' => $name, | ||
107 | 'VALUE' => $value['msg'])); | ||
108 | } | ||
109 | } | ||
110 | } | ||
111 | |||
112 | function addError(&$numOfErrors, &$errors, $field, $msg) | ||
113 | { | ||
114 | $numOfErrors++; | ||
115 | $errors[$numOfErrors] = array('field' => $field, 'msg' => $msg); | ||
116 | } | ||
117 | |||
118 | ?> | ||
diff --git a/central/trunk/includes/instadisc.php b/central/trunk/includes/instadisc.php index 96f4940..95aeb88 100644 --- a/central/trunk/includes/instadisc.php +++ b/central/trunk/includes/instadisc.php | |||
@@ -397,4 +397,10 @@ function instaDisc_cancelSubscription($username, $url) | |||
397 | return false; | 397 | return false; |
398 | } | 398 | } |
399 | 399 | ||
400 | function instaDisc_changePassword($username, $password) | ||
401 | { | ||
402 | $setpass = "UPDATE users WHERE username = \"" . mysql_real_escape_string($username) . "\" SET password = \"" . mysql_real_escape_string(md5($password)) . "\""; | ||
403 | $setpass2 = mysql_query($setpass); | ||
404 | } | ||
405 | |||
400 | ?> | 406 | ?> |
diff --git a/central/trunk/theme/changedpassword.tpl b/central/trunk/theme/changedpassword.tpl new file mode 100644 index 0000000..c9ff252 --- /dev/null +++ b/central/trunk/theme/changedpassword.tpl | |||
@@ -0,0 +1,13 @@ | |||
1 | <HTML> | ||
2 | <HEAD> | ||
3 | <TITLE><!--SITENAME--> InstaDisc Central Server</TITLE> | ||
4 | </HEAD> | ||
5 | |||
6 | <BODY> | ||
7 | <CENTER> | ||
8 | <H1>InstaDisc Change Password</H1> | ||
9 | |||
10 | <P>You've sucessfully changed your password. Make sure that you change it on your Client as well. <A HREF="userpanel.php">Return to the User Panel</A> | ||
11 | </CENTER> | ||
12 | </BODY> | ||
13 | </HTML> | ||
diff --git a/central/trunk/theme/changepassword.tpl b/central/trunk/theme/changepassword.tpl new file mode 100644 index 0000000..406cb40 --- /dev/null +++ b/central/trunk/theme/changepassword.tpl | |||
@@ -0,0 +1,74 @@ | |||
1 | <HTML> | ||
2 | <HEAD> | ||
3 | <TITLE><!--SITENAME--> InstaDisc Central Server</TITLE> | ||
4 | <LINK REL="stylesheet" TYPE="text/css" HREF="theme/uniform.css"> | ||
5 | </HEAD> | ||
6 | |||
7 | <BODY> | ||
8 | <CENTER> | ||
9 | <H1>InstaDisc Change Password</H1> | ||
10 | |||
11 | <P>If you would like to change your password, please fill out the form below. | ||
12 | </CENTER> | ||
13 | |||
14 | <FORM CLASS="uniform" ACTION="./changepassword.php?submit=" METHOD="POST"> | ||
15 | |||
16 | <!--BEGIN ERROR--> | ||
17 | <DIV ID="errorMsg">Uh oh! Validation errors!<P> | ||
18 | <OL> | ||
19 | <!--END ERROR--> | ||
20 | |||
21 | <!--BEGIN ERRORS--> | ||
22 | <LI><A HREF="#error<!--ERRORS.NAME-->"><!--ERRORS.MSG--></A></LI> | ||
23 | <!--END ERRORS--> | ||
24 | |||
25 | <!--BEGIN ERROR--> | ||
26 | </OL> | ||
27 | </DIV> | ||
28 | <!--END ERROR--> | ||
29 | |||
30 | <FIELDSET CLASS="inlineLabels"> | ||
31 | <LEGEND>Password Details</LEGEND> | ||
32 | |||
33 | <DIV CLASS="ctrlHolder<!--OLD_ERR-->"> | ||
34 | <!--BEGIN OLD_ERRS--> | ||
35 | <P ID="error<!--OLD_ERRS.NAME-->" CLASS="errorField"><EM>*</EM> | ||
36 | <!--OLD_ERRS.MSG--> | ||
37 | </P> | ||
38 | <!--END OLD_ERRS--> | ||
39 | |||
40 | <LABEL FOR="old"><EM>*</EM> Old Password: </LABEL> | ||
41 | <INPUT TYPE="password" ID="old" NAME="old" CLASS="textInput" VALUE="<!--OLD-->"> | ||
42 | </DIV> | ||
43 | |||
44 | <DIV CLASS="ctrlHolder<!--NEW_ERR-->"> | ||
45 | <!--BEGIN NEW_ERRS--> | ||
46 | <P ID="error<!--NEW_ERRS.NAME-->" CLASS="errorField"><EM>*</EM> | ||
47 | <!--NEW_ERRS.MSG--> | ||
48 | </P> | ||
49 | <!--END NEW_ERRS--> | ||
50 | |||
51 | <LABEL FOR="new"><EM>*</EM> New Password: </LABEL> | ||
52 | <INPUT TYPE="password" ID="new" NAME="new" CLASS="textInput" VALUE="<!--NEW-->"> | ||
53 | </DIV> | ||
54 | |||
55 | <DIV CLASS="ctrlHolder<!--EMAIL_ERR-->"> | ||
56 | <!--BEGIN CONFIRM_ERRS--> | ||
57 | <P ID="error<!--CONFIRM_ERRS.NAME-->" CLASS="errorField"><EM>*</EM> | ||
58 | <!--CONFIRM_ERRS.MSG--> | ||
59 | </P> | ||
60 | <!--END CONFIRM_ERRS--> | ||
61 | |||
62 | <LABEL FOR="confirm"><EM>*</EM> Confirm New Password: </LABEL> | ||
63 | <INPUT TYPE="password" ID="confirm" NAME="confirm" CLASS="textInput" VALUE="<!--CONFIRM-->"> | ||
64 | |||
65 | <P CLASS="formHint">Please re-type your new password</P> | ||
66 | </DIV> | ||
67 | </FIELDSET> | ||
68 | |||
69 | <DIV CLASS="buttonHolder"> | ||
70 | <INPUT TYPE="submit" NAME="submit" VALUE="Submit"> | ||
71 | </DIV> | ||
72 | </FORM> | ||
73 | </BODY> | ||
74 | </HTML> | ||