1 files changed, 118 insertions, 0 deletions
diff --git a/central/trunk/changepassword.php b/central/trunk/changepassword.php
new file mode 100644
index 0000000..bdbcf6e
--- /dev/null
+++ b/central/trunk/changepassword.php

@@ -0,0 +1,118 @@
+<?php
+/* InstaDisc Server - A Four Island Project */
+include('includes/instadisc.php');
+include('includes/template.php');
+if (!isset($_GET['submit']))
+{
+        showForm('','','',array());
+} else {
+        $numOfErrors = 0;
+        $errors = array();
+        if ($_POST['old'] == '')
+        {
+                addError($numOfErrors, $errors, 'old', 'Old Password is a required field');
+        } else {
+                $getuser = "SELECT * FROM users WHERE username = \"" . mysql_real_escape_string($_SESSION['username']) . "\" AND password = \"" . mysql_real_escape_string(md5($_POST['old'])) . "\"";
+                $getuser2 = mysql_query($getuser);
+                $getuser3 = mysql_fetch_array($getuser2);
+                if ($getuser3['password'] != md5($_POST['password']))
+                {
+                        addError($numOfErrors, $errors, 'old', 'Old password is not correct');
+                }
+        }
+        if ($_POST['new'] == '')
+        {
+                addError($numOfErrors, $errors, 'new', 'New Password is a required field');
+        }
+        if ($_POST['confirm'] == '')
+        {
+                addError($numOfErrors, $errors, 'confirm', 'Confirm New Password is a required field');
+        }
+        if ($_POST['new'] != $_POST['confirm'])
+        {
+                addError($numOfErrors, $errors, 'confirm', 'Passwords do not match');
+        }
+        if ($numOfErrors > 0)
+        {
+                showForm($_POST['old'], $_POST['new'], $_POST['confirm'], $errors);
+        } else {
+                instaDisc_changePassword($_SESSION['username'], $_POST['new']);
+                $template = new FITemplate('changedpassword');
+                $template->add('SITENAME', instaDisc_getConfig('siteName'));
+                $template->display();
+        }
+}
+function showForm($old, $new, $confirm, $errors)
+{
+        $template = new FITemplate('changepassword');
+        $template->add('SITENAME', instaDisc_getConfig('siteName'));
+        if (isset($errors[1]))
+        {
+                $template->adds('ERROR', array('ex'=>'1'));
+                foreach ($errors as $name => $value)
+                {
+                        $template->adds('ERRORS', array(        'NAME' => $name,
+                                                                'MSG' => $value['msg']));
+                }
+        }
+        $template->add('OLD_ERR', ifErrors($errors, 'old'));
+        $template->add('NEW_ERR', ifErrors($errors, 'new'));
+        $template->add('CONFIRM_ERR', ifErrors($errors, 'confirm'));
+        doErrors($template, $errors, 'old');
+        doErrors($template, $errors, 'new');
+        doErrors($template, $errors, 'confirm');
+        $template->add('OLD', $old);
+        $template->add('NEW', $new);
+        $template->add('CONFIRM', $confirm);
+        $template->display();
+}
+function ifErrors($errors, $id)
+{
+        foreach ($errors as $name => $value)
+        {
+                if ($value['field'] == $id)
+                {
+                        return ' error';
+                }
+        }
+        return '';
+}
+function doErrors($template, $errors, $id)
+{
+        foreach ($errors as $name => $value)
+        {
+                if ($value['field'] == $id)
+                {
+                        $template->adds(strtoupper($id) . '_ERRS', array(       'NAME' => $name,
+                                                                                'VALUE' => $value['msg']));
+                }
+        }
+}
+function addError(&$numOfErrors, &$errors, $field, $msg)
+{
+        $numOfErrors++;
+        $errors[$numOfErrors] = array('field' => $field, 'msg' => $msg);
+}
+?>

diff --git a/central/trunk/changepassword.php b/central/trunk/changepassword.php new file mode 100644 index 0000000..bdbcf6e --- /dev/null +++ b/central/trunk/changepassword.php
@@ -0,0 +1,118 @@
	1	<?php
	2
	3	/* InstaDisc Server - A Four Island Project */
	4
	5	include('includes/instadisc.php');
	6	include('includes/template.php');
	7
	8	if (!isset($_GET['submit']))
	9	{
	10	showForm('','','',array());
	11	} else {
	12	$numOfErrors = 0;
	13	$errors = array();
	14
	15	if ($_POST['old'] == '')
	16	{
	17	addError($numOfErrors, $errors, 'old', 'Old Password is a required field');
	18	} else {
	19	$getuser = "SELECT * FROM users WHERE username = \"" . mysql_real_escape_string($_SESSION['username']) . "\" AND password = \"" . mysql_real_escape_string(md5($_POST['old'])) . "\"";
	20	$getuser2 = mysql_query($getuser);
	21	$getuser3 = mysql_fetch_array($getuser2);
	22
	23	if ($getuser3['password'] != md5($_POST['password']))
	24	{
	25	addError($numOfErrors, $errors, 'old', 'Old password is not correct');
	26	}
	27	}
	28
	29	if ($_POST['new'] == '')
	30	{
	31	addError($numOfErrors, $errors, 'new', 'New Password is a required field');
	32	}
	33
	34	if ($_POST['confirm'] == '')
	35	{
	36	addError($numOfErrors, $errors, 'confirm', 'Confirm New Password is a required field');
	37	}
	38
	39	if ($_POST['new'] != $_POST['confirm'])
	40	{
	41	addError($numOfErrors, $errors, 'confirm', 'Passwords do not match');
	42	}
	43
	44	if ($numOfErrors > 0)
	45	{
	46	showForm($_POST['old'], $_POST['new'], $_POST['confirm'], $errors);
	47	} else {
	48	instaDisc_changePassword($_SESSION['username'], $_POST['new']);
	49
	50	$template = new FITemplate('changedpassword');
	51	$template->add('SITENAME', instaDisc_getConfig('siteName'));
	52	$template->display();
	53	}
	54	}
	55
	56	function showForm($old, $new, $confirm, $errors)
	57	{
	58	$template = new FITemplate('changepassword');
	59	$template->add('SITENAME', instaDisc_getConfig('siteName'));
	60
	61	if (isset($errors[1]))
	62	{
	63	$template->adds('ERROR', array('ex'=>'1'));
	64
	65	foreach ($errors as $name => $value)
	66	{
	67	$template->adds('ERRORS', array( 'NAME' => $name,
	68	'MSG' => $value['msg']));
	69	}
	70	}
	71
	72	$template->add('OLD_ERR', ifErrors($errors, 'old'));
	73	$template->add('NEW_ERR', ifErrors($errors, 'new'));
	74	$template->add('CONFIRM_ERR', ifErrors($errors, 'confirm'));
	75
	76	doErrors($template, $errors, 'old');
	77	doErrors($template, $errors, 'new');
	78	doErrors($template, $errors, 'confirm');
	79
	80	$template->add('OLD', $old);
	81	$template->add('NEW', $new);
	82	$template->add('CONFIRM', $confirm);
	83
	84	$template->display();
	85	}
	86
	87	function ifErrors($errors, $id)
	88	{
	89	foreach ($errors as $name => $value)
	90	{
	91	if ($value['field'] == $id)
	92	{
	93	return ' error';
	94	}
	95	}
	96
	97	return '';
	98	}
	99
	100	function doErrors($template, $errors, $id)
	101	{
	102	foreach ($errors as $name => $value)
	103	{
	104	if ($value['field'] == $id)
	105	{
	106	$template->adds(strtoupper($id) . '_ERRS', array( 'NAME' => $name,
	107	'VALUE' => $value['msg']));
	108	}
	109	}
	110	}
	111
	112	function addError(&$numOfErrors, &$errors, $field, $msg)
	113	{
	114	$numOfErrors++;
	115	$errors[$numOfErrors] = array('field' => $field, 'msg' => $msg);
	116	}
	117
	118	?>