Viewing File server/web/pref.php of 0.02.14a
|
1: <?php 2: ob_start(); 3: require("include.php"); 4: $NATS->Start(); 5: if (!$NATS_Session->Check($NATS->DB)) 6: { 7: header("Location: ./?login_msg=Invalid+Or+Expired+Session"); 8: exit(); 9: } 10: ob_end_flush(); 11: 12: if (isset($_REQUEST['action'])) 13: { 14: switch ($_REQUEST['action']) 15: { 16: case "password": 17: if ($_REQUEST['p_new']!=$_REQUEST['p_confirm']) $message="Passwords Do Not Match"; 18: else if ($_REQUEST['p_new']=="") $message="Illegal New Password"; 19: else 20: { 21: $q="UPDATE fnuser SET password=MD5(\"".ss($_REQUEST['p_new'])."\") WHERE username=\"".ss($NATS_Session->username)."\""; 22: $q.=" AND password=MD5(\"".ss($_REQUEST['p_current'])."\")"; 23: $NATS->DB->Query($q); 24: if ($NATS->DB->Affected_Rows()>0) $message="Password Changed"; 25: else $message="Password Change Failed"; 26: } 27: break; 28: 29: } 30: } 31: 32: Screen_Header("User Preferences",1); 33: 34: if (isset($_REQUEST['message'])) echo "<br><b>".$_REQUEST['message']."</b><br>"; 35: if (isset($message)) echo "<br><b>".$message."</b><br>"; 36: 37: ?> 38: <br> 39: <b class="minortitle">User Preferences</b><br><br> 40: 41: <table border=0> 42: <tr><td colspan=2><b><u>Change Password</u></b></td></tr> 43: <form action=pref.php method=post> 44: <input type=hidden name=action value=password> 45: <tr><td align=right>Current :</td> 46: <td><input type=password name=p_current size=20 maxlength=60></td></tr> 47: <tr><td align=right>New :</td> 48: <td><input type=password name=p_new size=20 maxlength=60></td></tr> 49: <tr><td align=right>Confirm :</td> 50: <td><input type=password name=p_confirm size=20 maxlength=60></td></tr> 51: <tr><td colspan=2><input type=submit value="Change Password"></td></tr> 52: </form> 53: </table> 54: <br><br> 55: 56: 57: <?php 58: Screen_Footer(); 59: ?> 60: