3 files changed, 219 insertions, 0 deletions
diff --git a/series/core/trunk/admin/chpwd.php b/series/core/trunk/admin/chpwd.php
new file mode 100644
index 0000000..2f5368d
--- /dev/null
+++ b/series/core/trunk/admin/chpwd.php

@@ -0,0 +1,132 @@
+<?php
+/* InstaDisc Series - A Four Island Project */
+/** 
+ * require_once() is used to ensure
+ * the ACP files are being called by
+ * admin.php instead of their actual
+ * locations admin/.
+ * The _once() part ensures no problem
+ * arises as includes/instadisc.php has
+ * already been included from admin.php
+ */
+require_once('includes/instadisc.php');
+if (!isset($_SESSION['username']))
+{
+        header('Location: index.php');
+}
+if (isset($_SESSION['username']))
+{
+        if (!isset($_GET['submit']))
+        {
+                showForm('','','',array());
+        } else {
+                $numOfErrors = 0;
+                $errors = array();
+                if ($_POST['old'] == '')
+                {
+                        addError($numOfErrors, $errors, 'old', 'Old Password is a required field');
+                } else {
+                        if (!instaDisc_verifyUser($_SESSION['username'], $_POST['old']))
+                        {
+                                addError($numOfErrors, $errors, 'old', 'Old password is not correct');
+                        }
+                }
+                if ($_POST['new'] == '')
+                {
+                        addError($numOfErrors, $errors, 'new', 'New Password is a required field');
+                }
+                if ($_POST['confirm'] == '')
+                {
+                        addError($numOfErrors, $errors, 'confirm', 'Confirm New Password is a required field');
+                }
+                if ($_POST['new'] != $_POST['confirm'])
+                {
+                        addError($numOfErrors, $errors, 'confirm', 'Passwords do not match');
+                }
+                if ($numOfErrors > 0)
+                {
+                        showForm($_POST['old'], $_POST['new'], $_POST['confirm'], $errors);
+                } else {
+                        instaDisc_changePassword( $_POST['new']);
+                        $template = new FITemplate('changedpassword');
+                        $template->add('SITENAME', instaDisc_getConfig('siteName'));
+                        $template->display();
+                }
+        }
+} else {
+        header('Location: index.php');
+}
+function showForm($old, $new, $confirm, $errors)
+{
+        $template = new FITemplate('changepassword');
+        $template->add('SITENAME', instaDisc_getConfig('siteName'));
+        if (isset($errors[1]))
+        {
+                $template->adds_block('ERROR', array('ex'=>'1'));
+                foreach ($errors as $name => $value)
+                {
+                        $template->adds_block('ERRORS', array(  'NAME' => $name,
+                                                                'MSG' => $value['msg']));
+                }
+        }
+        $template->add('OLD_ERR', ifErrors($errors, 'old'));
+        $template->add('NEW_ERR', ifErrors($errors, 'new'));
+        $template->add('CONFIRM_ERR', ifErrors($errors, 'confirm'));
+        doErrors($template, $errors, 'old');
+        doErrors($template, $errors, 'new');
+        doErrors($template, $errors, 'confirm');
+        $template->add('OLD', $old);
+        $template->add('NEW', $new);
+        $template->add('CONFIRM', $confirm);
+        $template->display();
+}
+function ifErrors($errors, $id)
+{
+        foreach ($errors as $name => $value)
+        {
+                if ($value['field'] == $id)
+                {
+                        return ' error';
+                }
+        }
+        return '';
+}
+function doErrors($template, $errors, $id)
+{
+        foreach ($errors as $name => $value)
+        {
+                if ($value['field'] == $id)
+                {
+                        $template->adds_block(strtoupper($id) . '_ERRS', array( 'NAME' => $name,
+                                                                                'VALUE' => $value['msg']));
+                }
+        }
+}
+function addError(&$numOfErrors, &$errors, $field, $msg)
+{
+        $numOfErrors++;
+        $errors[$numOfErrors] = array('field' => $field, 'msg' => $msg);
+}
+?>
diff --git a/series/core/trunk/theme/changedpassword.tpl b/series/core/trunk/theme/changedpassword.tpl
new file mode 100644
index 0000000..9d5b153
--- /dev/null
+++ b/series/core/trunk/theme/changedpassword.tpl

@@ -0,0 +1,13 @@
+<HTML>
+        <HEAD>
+                <TITLE><!--SITENAME--> InstaDisc Series Control</TITLE>
+        </HEAD>
+        <BODY>
+                <CENTER>
+                        <H1>InstaDisc Change Password</H1>
+                        <P>You've sucessfully changed your password. <A HREF="admin.php">Return to the ACP</A>
+                </CENTER>
+        </BODY>
+</HTML>
diff --git a/series/core/trunk/theme/changepassword.tpl b/series/core/trunk/theme/changepassword.tpl
new file mode 100644
index 0000000..50ae3c6
--- /dev/null
+++ b/series/core/trunk/theme/changepassword.tpl

@@ -0,0 +1,74 @@
+<HTML>
+        <HEAD>
+                <TITLE><!--SITENAME--> InstaDisc Series Control</TITLE>
+                <LINK REL="stylesheet" TYPE="text/css" HREF="theme/uniform.css">
+        </HEAD>
+        <BODY>
+                <CENTER>
+                        <H1>InstaDisc Change Password</H1>
+                        <P>If you would like to change your password, please fill out the form below.
+                </CENTER>
+                <FORM CLASS="uniform" ACTION="./admin.php?id=chpwd&amp;submit=" METHOD="POST">
+                        <!--BEGIN ERROR-->
+                        <DIV ID="errorMsg">Uh oh! Validation errors!<P>
+                                <OL>
+                        <!--END ERROR-->
+                        <!--BEGIN ERRORS-->
+                                        <LI><A HREF="#error<!--ERRORS.NAME-->"><!--ERRORS.MSG--></A></LI>
+                        <!--END ERRORS-->
+                        <!--BEGIN ERROR-->
+                                </OL>
+                        </DIV>
+                        <!--END ERROR-->
+                        <FIELDSET CLASS="inlineLabels">
+                                <LEGEND>Password Details</LEGEND>
+                                <DIV CLASS="ctrlHolder<!--OLD_ERR-->">
+                                        <!--BEGIN OLD_ERRS-->
+                                                <P ID="error<!--OLD_ERRS.NAME-->" CLASS="errorField"><EM>*</EM>
+                                                        <!--OLD_ERRS.MSG-->
+                                                </P>
+                                        <!--END OLD_ERRS-->
+                                        <LABEL FOR="old"><EM>*</EM> Old Password: </LABEL>
+                                        <INPUT TYPE="password" ID="old" NAME="old" CLASS="textInput" VALUE="<!--OLD-->">                        
+                                </DIV>
+                                <DIV CLASS="ctrlHolder<!--NEW_ERR-->">
+                                        <!--BEGIN NEW_ERRS-->
+                                                <P ID="error<!--NEW_ERRS.NAME-->" CLASS="errorField"><EM>*</EM>
+                                                        <!--NEW_ERRS.MSG-->
+                                                </P>
+                                        <!--END NEW_ERRS-->
+                                        <LABEL FOR="new"><EM>*</EM> New Password: </LABEL>
+                                        <INPUT TYPE="password" ID="new" NAME="new" CLASS="textInput" VALUE="<!--NEW-->">
+                                </DIV>
+                                <DIV CLASS="ctrlHolder<!--EMAIL_ERR-->">
+                                        <!--BEGIN CONFIRM_ERRS-->
+                                                <P ID="error<!--CONFIRM_ERRS.NAME-->" CLASS="errorField"><EM>*</EM>
+                                                        <!--CONFIRM_ERRS.MSG-->
+                                                </P>
+                                        <!--END CONFIRM_ERRS-->
+                                        <LABEL FOR="confirm"><EM>*</EM> Confirm New Password: </LABEL>
+                                        <INPUT TYPE="password" ID="confirm" NAME="confirm" CLASS="textInput" VALUE="<!--CONFIRM-->">
+                                        <P CLASS="formHint">Please re-type your new password</P>
+                                </DIV>
+                        </FIELDSET>
+                        <DIV CLASS="buttonHolder">
+                                <INPUT TYPE="submit" NAME="submit" VALUE="Submit">
+                        </DIV>
+                </FORM>
+        </BODY>
+</HTML>

diff --git a/series/core/trunk/admin/chpwd.php b/series/core/trunk/admin/chpwd.php new file mode 100644 index 0000000..2f5368d --- /dev/null +++ b/series/core/trunk/admin/chpwd.php
@@ -0,0 +1,132 @@
	1	<?php
	2
	3	/* InstaDisc Series - A Four Island Project */
	4
	5	/**
	6	* require_once() is used to ensure
	7	* the ACP files are being called by
	8	* admin.php instead of their actual
	9	* locations admin/.
	10	* The _once() part ensures no problem
	11	* arises as includes/instadisc.php has
	12	* already been included from admin.php
	13	*/
	14	require_once('includes/instadisc.php');
	15
	16	if (!isset($_SESSION['username']))
	17	{
	18	header('Location: index.php');
	19	}
	20
	21	if (isset($_SESSION['username']))
	22	{
	23	if (!isset($_GET['submit']))
	24	{
	25	showForm('','','',array());
	26	} else {
	27	$numOfErrors = 0;
	28	$errors = array();
	29
	30	if ($_POST['old'] == '')
	31	{
	32	addError($numOfErrors, $errors, 'old', 'Old Password is a required field');
	33	} else {
	34	if (!instaDisc_verifyUser($_SESSION['username'], $_POST['old']))
	35	{
	36	addError($numOfErrors, $errors, 'old', 'Old password is not correct');
	37	}
	38	}
	39
	40	if ($_POST['new'] == '')
	41	{
	42	addError($numOfErrors, $errors, 'new', 'New Password is a required field');
	43	}
	44
	45	if ($_POST['confirm'] == '')
	46	{
	47	addError($numOfErrors, $errors, 'confirm', 'Confirm New Password is a required field');
	48	}
	49
	50	if ($_POST['new'] != $_POST['confirm'])
	51	{
	52	addError($numOfErrors, $errors, 'confirm', 'Passwords do not match');
	53	}
	54
	55	if ($numOfErrors > 0)
	56	{
	57	showForm($_POST['old'], $_POST['new'], $_POST['confirm'], $errors);
	58	} else {
	59	instaDisc_changePassword( $_POST['new']);
	60
	61	$template = new FITemplate('changedpassword');
	62	$template->add('SITENAME', instaDisc_getConfig('siteName'));
	63	$template->display();
	64	}
	65	}
	66	} else {
	67	header('Location: index.php');
	68	}
	69
	70	function showForm($old, $new, $confirm, $errors)
	71	{
	72	$template = new FITemplate('changepassword');
	73	$template->add('SITENAME', instaDisc_getConfig('siteName'));
	74
	75	if (isset($errors[1]))
	76	{
	77	$template->adds_block('ERROR', array('ex'=>'1'));
	78
	79	foreach ($errors as $name => $value)
	80	{
	81	$template->adds_block('ERRORS', array( 'NAME' => $name,
	82	'MSG' => $value['msg']));
	83	}
	84	}
	85
	86	$template->add('OLD_ERR', ifErrors($errors, 'old'));
	87	$template->add('NEW_ERR', ifErrors($errors, 'new'));
	88	$template->add('CONFIRM_ERR', ifErrors($errors, 'confirm'));
	89
	90	doErrors($template, $errors, 'old');
	91	doErrors($template, $errors, 'new');
	92	doErrors($template, $errors, 'confirm');
	93
	94	$template->add('OLD', $old);
	95	$template->add('NEW', $new);
	96	$template->add('CONFIRM', $confirm);
	97
	98	$template->display();
	99	}
	100
	101	function ifErrors($errors, $id)
	102	{
	103	foreach ($errors as $name => $value)
	104	{
	105	if ($value['field'] == $id)
	106	{
	107	return ' error';
	108	}
	109	}
	110
	111	return '';
	112	}
	113
	114	function doErrors($template, $errors, $id)
	115	{
	116	foreach ($errors as $name => $value)
	117	{
	118	if ($value['field'] == $id)
	119	{
	120	$template->adds_block(strtoupper($id) . '_ERRS', array( 'NAME' => $name,
	121	'VALUE' => $value['msg']));
	122	}
	123	}
	124	}
	125
	126	function addError(&$numOfErrors, &$errors, $field, $msg)
	127	{
	128	$numOfErrors++;
	129	$errors[$numOfErrors] = array('field' => $field, 'msg' => $msg);
	130	}
	131
	132	?>


diff --git a/series/core/trunk/theme/changedpassword.tpl b/series/core/trunk/theme/changedpassword.tpl new file mode 100644 index 0000000..9d5b153 --- /dev/null +++ b/series/core/trunk/theme/changedpassword.tpl
@@ -0,0 +1,13 @@
	1	<HTML>
	2	<HEAD>
	3	<TITLE><!--SITENAME--> InstaDisc Series Control</TITLE>
	4	</HEAD>
	5
	6	<BODY>
	7	<CENTER>
	8	<H1>InstaDisc Change Password</H1>
	9
	10	<P>You've sucessfully changed your password. <A HREF="admin.php">Return to the ACP</A>
	11	</CENTER>
	12	</BODY>
	13	</HTML>


diff --git a/series/core/trunk/theme/changepassword.tpl b/series/core/trunk/theme/changepassword.tpl new file mode 100644 index 0000000..50ae3c6 --- /dev/null +++ b/series/core/trunk/theme/changepassword.tpl
@@ -0,0 +1,74 @@
	1	<HTML>
	2	<HEAD>
	3	<TITLE><!--SITENAME--> InstaDisc Series Control</TITLE>
	4	<LINK REL="stylesheet" TYPE="text/css" HREF="theme/uniform.css">
	5	</HEAD>
	6
	7	<BODY>
	8	<CENTER>
	9	<H1>InstaDisc Change Password</H1>
	10
	11	<P>If you would like to change your password, please fill out the form below.
	12	</CENTER>
	13
	14	<FORM CLASS="uniform" ACTION="./admin.php?id=chpwd&submit=" METHOD="POST">
	15
	16	<!--BEGIN ERROR-->
	17	<DIV ID="errorMsg">Uh oh! Validation errors!<P>
	18	<OL>
	19	<!--END ERROR-->
	20
	21	<!--BEGIN ERRORS-->
	22	<LI><A HREF="#error<!--ERRORS.NAME-->"><!--ERRORS.MSG--></A></LI>
	23	<!--END ERRORS-->
	24
	25	<!--BEGIN ERROR-->
	26	</OL>
	27	</DIV>
	28	<!--END ERROR-->
	29
	30	<FIELDSET CLASS="inlineLabels">
	31	<LEGEND>Password Details</LEGEND>
	32
	33	<DIV CLASS="ctrlHolder<!--OLD_ERR-->">
	34	<!--BEGIN OLD_ERRS-->
	35	<P ID="error<!--OLD_ERRS.NAME-->" CLASS="errorField"><EM>*</EM>
	36	<!--OLD_ERRS.MSG-->
	37	</P>
	38	<!--END OLD_ERRS-->
	39
	40	<LABEL FOR="old"><EM>*</EM> Old Password: </LABEL>
	41	<INPUT TYPE="password" ID="old" NAME="old" CLASS="textInput" VALUE="<!--OLD-->">
	42	</DIV>
	43
	44	<DIV CLASS="ctrlHolder<!--NEW_ERR-->">
	45	<!--BEGIN NEW_ERRS-->
	46	<P ID="error<!--NEW_ERRS.NAME-->" CLASS="errorField"><EM>*</EM>
	47	<!--NEW_ERRS.MSG-->
	48	</P>
	49	<!--END NEW_ERRS-->
	50
	51	<LABEL FOR="new"><EM>*</EM> New Password: </LABEL>
	52	<INPUT TYPE="password" ID="new" NAME="new" CLASS="textInput" VALUE="<!--NEW-->">
	53	</DIV>
	54
	55	<DIV CLASS="ctrlHolder<!--EMAIL_ERR-->">
	56	<!--BEGIN CONFIRM_ERRS-->
	57	<P ID="error<!--CONFIRM_ERRS.NAME-->" CLASS="errorField"><EM>*</EM>
	58	<!--CONFIRM_ERRS.MSG-->
	59	</P>
	60	<!--END CONFIRM_ERRS-->
	61
	62	<LABEL FOR="confirm"><EM>*</EM> Confirm New Password: </LABEL>
	63	<INPUT TYPE="password" ID="confirm" NAME="confirm" CLASS="textInput" VALUE="<!--CONFIRM-->">
	64
	65	<P CLASS="formHint">Please re-type your new password</P>
	66	</DIV>
	67	</FIELDSET>
	68
	69	<DIV CLASS="buttonHolder">
	70	<INPUT TYPE="submit" NAME="submit" VALUE="Submit">
	71	</DIV>
	72	</FORM>
	73	</BODY>
	74	</HTML>