Location: PHPKode > projects > Course-manager > courseman-0.1.1/change_password.php
<?php
  require('global-php.php');
  require('local-criteria.php');
  header('Content-type: text/html; charset=utf-8');
  $verbindung = database_connection($lang_database_failure[$language]);
  $PHP_AUTH_USER = $_SERVER["PHP_AUTH_USER"];
  $PHP_AUTH_PW = $_SERVER["PHP_AUTH_PW"];
  $ergebnis = db_exec($verbindung,
			"SELECT * FROM staff_authorization "
				. "WHERE "
				. login_query_clauses(
					$PHP_AUTH_USER,
					$PHP_AUTH_PW)
				. ";");
  if (pg_numrows($ergebnis) < 1) {
    header('WWW-Authenticate: Basic realm="Kursverwaltung"');
    header("HTTP/1.0 401 Unauthorized");
    echo $lang_authentication_failure[$language];
    db_close($verbindung);
    exit;
  }
  $account = pg_escape_string($PHP_AUTH_USER);
  $passwort_alt = pg_escape_string($_REQUEST["passwort_alt"]);
  if ($passwort_alt) {
    $passwort = pg_escape_string($_REQUEST["passwort"]);
    $passwort_gleich = pg_escape_string($_REQUEST["passwort_gleich"]);
    $salt = generated_password(64);
    $ergebnis = db_exec($verbindung, "SELECT hashed_password "
  					. "FROM staff_authorization "
					. "WHERE name='$account';");
    $old_hash = pg_result($ergebnis,0,0);
    db_exec($verbindung, "UPDATE staff_authorization "
  			. "SET salt='$salt',"
			. "hashed_password=md5('$salt'||'$passwort') "
			. "WHERE name='$account' "
			. "AND hashed_password=md5(salt||'$passwort_alt') "
			. "AND '$passwort'='$passwort_gleich';");
    $ergebnis = db_exec($verbindung, "SELECT hashed_password "
  					. "FROM staff_authorization "
					. "WHERE name='$account';");
    $new_hash = pg_result($ergebnis,0,0);
    if ($old_hash == $new_hash) {
      $status = $lang_password_not_changed[$language];
    } else {
      $status = $lang_password_changed[$language];
    }
  }
  db_close($verbindung);
  require_once('template-change_password.php');
?>
Web-based Email Marketing Software for sending email newsletters
Return current item: Course-manager