| 1 |
<?PHP |
|---|
| 2 |
/* |
|---|
| 3 |
* Copyright (c) 2006 Gregor Richards |
|---|
| 4 |
* |
|---|
| 5 |
* Permission is hereby granted, free of charge, to any person obtaining a |
|---|
| 6 |
* copy of this software and associated documentation files (the "Software"), |
|---|
| 7 |
* to deal in the Software without restriction, including without limitation |
|---|
| 8 |
* the rights to use, copy, modify, merge, publish, distribute, sublicense, |
|---|
| 9 |
* and/or sell copies of the Software, and to permit persons to whom the |
|---|
| 10 |
* Software is furnished to do so, subject to the following conditions: |
|---|
| 11 |
* |
|---|
| 12 |
* The above copyright notice and this permission notice shall be included in |
|---|
| 13 |
* all copies or substantial portions of the Software. |
|---|
| 14 |
* |
|---|
| 15 |
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR |
|---|
| 16 |
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, |
|---|
| 17 |
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE |
|---|
| 18 |
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER |
|---|
| 19 |
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING |
|---|
| 20 |
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER |
|---|
| 21 |
* DEALINGS IN THE SOFTWARE. |
|---|
| 22 |
*/ |
|---|
| 23 |
|
|---|
| 24 |
require("chkpw.php"); |
|---|
| 25 |
validate(); |
|---|
| 26 |
|
|---|
| 27 |
if (!isset($_POST['s'])) { |
|---|
| 28 |
// not yet submitted, ask |
|---|
| 29 |
?> |
|---|
| 30 |
<HTML><head><title>DSSS Source Management Interface - Change Password</title></head><body> |
|---|
| 31 |
<form action='changepw.php' method='post'> |
|---|
| 32 |
<input type='hidden' name='s' value='1'> |
|---|
| 33 |
|
|---|
| 34 |
<table border=0> |
|---|
| 35 |
|
|---|
| 36 |
<tr> |
|---|
| 37 |
<td>Old password:</td> |
|---|
| 38 |
<td><input type='password' name='oldpw'></td> |
|---|
| 39 |
</tr> |
|---|
| 40 |
|
|---|
| 41 |
<tr> |
|---|
| 42 |
<td>New password:</td> |
|---|
| 43 |
<td><input type='password' name='newpw'></td> |
|---|
| 44 |
</tr> |
|---|
| 45 |
|
|---|
| 46 |
<tr> |
|---|
| 47 |
<td>New password (again):</td> |
|---|
| 48 |
<td><input type='password' name='newpw2'></td> |
|---|
| 49 |
</tr> |
|---|
| 50 |
|
|---|
| 51 |
</table> |
|---|
| 52 |
|
|---|
| 53 |
<input type='submit' value='Change'> |
|---|
| 54 |
</form> |
|---|
| 55 |
|
|---|
| 56 |
</body></HTML> |
|---|
| 57 |
<?PHP |
|---|
| 58 |
|
|---|
| 59 |
} else { |
|---|
| 60 |
// submitted, make sure everything is logical: |
|---|
| 61 |
|
|---|
| 62 |
// 1) sanity |
|---|
| 63 |
if (!isset($_POST['oldpw']) || |
|---|
| 64 |
!isset($_POST['newpw']) || |
|---|
| 65 |
!isset($_POST['newpw2'])) |
|---|
| 66 |
die("Old or new password unset."); |
|---|
| 67 |
|
|---|
| 68 |
// 2) Check old password |
|---|
| 69 |
if (!chkpw($_COOKIE['DSSS_SMI_UN'], |
|---|
| 70 |
$_POST['oldpw'])) die("Old password incorrect."); |
|---|
| 71 |
|
|---|
| 72 |
// 3) Check that new passwords match |
|---|
| 73 |
if ($_POST['newpw'] != $_POST['newpw2']) die("New passwords don't match."); |
|---|
| 74 |
|
|---|
| 75 |
// 4) Change |
|---|
| 76 |
if (!chpasswd($_COOKIE['DSSS_SMI_UN'], |
|---|
| 77 |
$_POST['newpw'])) |
|---|
| 78 |
die("Failed to change password."); |
|---|
| 79 |
|
|---|
| 80 |
?> |
|---|
| 81 |
<HTML><head><title>DSSS Source Management Interface - Change Password</title></head><body> |
|---|
| 82 |
Your password has been changed. <a href='index.php'>Return to the front page.</a> |
|---|
| 83 |
</body></HTML> |
|---|
| 84 |
<?PHP |
|---|
| 85 |
} |
|---|
| 86 |
?> |
|---|
