thooge/ipreg
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Added administrative password change feature

Browse Source
This commit is contained in:
Thomas Hooge
2023-03-12 17:05:34 +01:00
parent 4266a211e0
commit c76e8fe9d3
6 changed files with 59 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
user.php
View File

@@ -18,6 +18,23 @@ if (isset($_REQUEST['id'])) {
$id = (int) $_REQUEST['id'] or $id = 0;
}
function makepwd($length) {
mt_srand((double) microtime() * 1000000);
$digits = "0123456789";
$chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
$umlauts = "ÄÖÜäöüß";
$specials = "$%&/()=?[]{}+~*#.,;:<>|";
$vocals = "AEIOUaeiou";
$consonants = "BCDFGHJKLMNPQRSTVWXYZbcdfghjklmnpqrstvwxyz";
$passwd = '';
$possible = $chars . $digits;
$l = strlen($possible)-1;
for ($k = 0; $k < $length; $k += 1) {
$passwd .= $possible[mt_rand(0, $l)];
}
return $passwd;
}
// ========== ACTIONS START ===================================================
switch ($submit = form_get_action()) {
@@ -28,6 +45,22 @@ switch ($submit = form_get_action()) {
case 'edit': $action = ACT_EDIT; break;
case 'del': $action = ACT_DELETE; break;
case 'pass':
// Create new random password to display once
$newpass = makepwd(8);
$sql = "UPDATE user SET user_pass=:pass WHERE user_id=:id";
$sth = $dbh->prepare($sql);
$sth->bindValue(':id', $id, PDO::PARAM_INT);
$sth->bindValue(':pass', password_hash($newpass, PASSWORD_BCRYPT), PDO::PARAM_STR);
try {
$sth->execute();
} catch (PDOException $e) {
$g_warning->Add($e->getMessage());
}
$smarty->assign('newpass', $newpass);
$action = ACT_VIEW;
break;
case 'insert':
$user_name = strtolower(sanitize($_POST['user_name']));
$user_displayname = sanitize($_POST['user_displayname']);