File: 1.02.1a/server/web/pref.php (View as HTML)

  1: <?php
  2: /* -------------------------------------------------------------
  3: This file is part of FreeNATS
  4: 
  5: FreeNATS is (C) Copyright 2008 PurplePixie Systems
  6: 
  7: FreeNATS is free software: you can redistribute it and/or modify
  8: it under the terms of the GNU General Public License as published by
  9: the Free Software Foundation, either version 3 of the License, or
 10: (at your option) any later version.
 11: 
 12: FreeNATS is distributed in the hope that it will be useful,
 13: but WITHOUT ANY WARRANTY; without even the implied warranty of
 14: MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 15: GNU General Public License for more details.
 16: 
 17: You should have received a copy of the GNU General Public License
 18: along with FreeNATS.  If not, see www.gnu.org/licenses
 19: 
 20: For more information see www.purplepixie.org/freenats
 21: -------------------------------------------------------------- */
 22: 
 23: ob_start();
 24: require("include.php");
 25: $NATS->Start();
 26: if (!$NATS_Session->Check($NATS->DB))
 27: 	{
 28: 	header("Location: ./?login_msg=Invalid+Or+Expired+Session");
 29: 	exit();
 30: 	}
 31: ob_end_flush();
 32: 
 33: if (isset($_REQUEST['action']))
 34: 	{
 35: 	switch ($_REQUEST['action'])
 36: 		{
 37: 		case "password":
 38: 			if ($_REQUEST['p_new']!=$_REQUEST['p_confirm']) $message="Passwords Do Not Match";
 39: 			else if ($_REQUEST['p_new']=="") $message="Illegal New Password";
 40: 			else
 41: 				{
 42: 				$q="UPDATE fnuser SET password=MD5(\"".ss($_REQUEST['p_new'])."\") WHERE username=\"".ss($NATS_Session->username)."\"";
 43: 				$q.=" AND password=MD5(\"".ss($_REQUEST['p_current'])."\")";
 44: 				$NATS->DB->Query($q);
 45: 				if ($NATS->DB->Affected_Rows()>0) $message="Password Changed";
 46: 				else $message="Password Change Failed";
 47: 				}
 48: 		break;
 49: 			
 50: 		}
 51: 	}
 52: 
 53: Screen_Header("User Preferences",1,0,"","main","pref");
 54: 
 55: if (isset($_REQUEST['message'])) echo "<br><b>".$_REQUEST['message']."</b><br>";
 56: if (isset($message)) echo "<br><b>".$message."</b><br>";
 57: 
 58: ?>
 59: <br>
 60: <b class="subtitle">User Preferences</b><br><br>
 61: 
 62: <table border=0>
 63: <tr><td colspan=2><b><u>Change Password</u></b></td></tr>
 64: <form action=pref.php method=post>
 65: <input type=hidden name=action value=password>
 66: <tr><td align=right>Current :</td>
 67: <td><input type=password name=p_current size=20 maxlength=60></td></tr>
 68: <tr><td align=right>New :</td>
 69: <td><input type=password name=p_new size=20 maxlength=60></td></tr>
 70: <tr><td align=right>Confirm :</td>
 71: <td><input type=password name=p_confirm size=20 maxlength=60></td></tr>
 72: <tr><td colspan=2><input type=submit value="Change Password"></td></tr>
 73: </form>
 74: </table>
 75: <br><br>
 76: 
 77: 
 78: <?php
 79: Screen_Footer();
 80: ?>
 81: