Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- ob_start();
- session_start();
- require_once 'includes/dbconnect.php';
- require_once 'includes/config.php';
- // if session is not set this will redirect to login page
- if( !isset($_SESSION['user']) ) {
- header("Location: login.php");
- exit;
- }
- $error = false;
- // select loggedin users detail
- $res=mysql_query("SELECT * FROM users WHERE userId=".$_SESSION['user']);
- $userRow=mysql_fetch_array($res);
- if( isset($_POST['repass']) ) {
- // prevent sql injections/ clear user invalid inputs
- $name = trim($userRow['userName']);
- $name = strip_tags($name);
- $name = htmlspecialchars($name);
- $pass = trim($_POST['pass_old']);
- $pass = strip_tags($pass);
- $pass = htmlspecialchars($pass);
- $pass_new = trim($_POST['pass_new']);
- $pass_new = strip_tags($pass_new);
- $pass_new = htmlspecialchars($pass_new);
- $pass_new_r = trim($_POST['pass_new_r']);
- $pass_new_r = strip_tags($pass_new_r);
- $pass_new_r = htmlspecialchars($pass_new_r);
- // prevent sql injections / clear user invalid inputs
- if(empty($pass)){
- $error = true;
- $pass_oldError = "Введите ваш текущий пароль.";
- }
- if(empty($pass_new)){
- $error = true;
- $pass_newError = "Введите ваш новый пароль.";
- }else if(strlen($pass_new) < 6) {
- $error = true;
- $pass_newError = "Пароль должен состоять как минимум из 6 символов.";
- }
- if(empty($pass_new_r)){
- $error = true;
- $pass_new_rError = "Вы забыли повторить ваш пароль.";
- }else if(strlen($pass_new_r) < 6) {
- $error = true;
- $pass_new_rError = "Пароль должен состоять как минимум из 6 символов и совпадать с новым паролем.";
- }
- // if there's no error, continue to login
- if (!$error) {
- $password = $pass;
- // password hashing using SHA256
- $res=mysql_query("SELECT userId, userName, userPass FROM users WHERE userName='$name'");
- $row=mysql_fetch_array($res);
- $count = mysql_num_rows($res); // if uname/pass correct it returns must be 1 row
- if( $count == 1 && $row['userPass']==$password && $pass_new_r == $pass_new) {
- mysql_query("UPDATE users SET userPass='$pass_new' WHERE userName='$name'";
- $okMSG = "Ваш пароль успешно изменён";
- } else {
- $errMSG = "Вы ввели некорректные данные. Попробуйте снова.";
- }
- }
- }
- ?>
- <!DOCTYPE html>
- <html lang="en">
- <head>
- <meta charset="utf-8">
- <title>Смена пароля | <?php echo $server_name;?> <?php echo $prefix; ?></title>
- <link rel="shortcut icon" href="assets/img/csgo.gif" />
- <meta name="viewport" content="width=device-width, initial-scale=1.0">
- <meta name="keywords" content="Игровой сервер <?php echo $server_name; ?>">
- <meta name="description" content="Игровой сервер <?php echo $server_name; ?>">
- <meta name="robots" content="index,follow">
- <meta name="generator" content="hernya v.0.9" />
- <meta name="author" content="Rekbx" />
- <link href="/assets/css/bootstrap.css" rel="stylesheet">
- </head>
- <body>
- <nav class="navbar navbar-default">
- <div class="container-fluid">
- <div class="navbar-header">
- <button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#navbar" aria-expanded="false" aria-controls="navbar">
- <span class="sr-only">Toggle navigation</span>
- <span class="icon-bar"></span>
- <span class="icon-bar"></span>
- <span class="icon-bar"></span>
- </button>
- <a class="navbar-brand" href="/"><?php echo $server_name; ?> <?php echo $prefix; ?></a>
- </div>
- <div class="collapse navbar-collapse" id="bs-example-navbar-collapse-1">
- <?php echo $table_top;?>
- <?php if( !isset($_SESSION['user']) ) {
- echo '<ul class="nav navbar-nav navbar-right">
- <li><a href="/login"><span class="glyphicon glyphicon-user"></span> Авторизация</a></li>
- <li><a href="/register"><span class="glyphicon glyphicon-star"></span> Региистрация</a></li>
- </ul>';
- }else{
- echo '<ul class="nav navbar-nav navbar-right">
- <li class="dropdown">
- <a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-haspopup="true" aria-expanded="false">
- <span class="glyphicon glyphicon-user"></span> Привет, '.$userRow['userName'].' <span class="caret"></span></a>
- <ul class="dropdown-menu">
- <li><a href="/profile"><span class="glyphicon glyphicon-user"></span> Личный кабинет</a></li>';
- if ( $userRow['admin'] == 1 ){
- echo '<li><a href="/adminpanel"><span class="glyphicon glyphicon-cog"></span> Админ панель</a></li>';
- }
- echo '<li role="separator" class="divider"></li>
- <li><a href="#balance"><span class="glyphicon glyphicon-usd"></span> Баланс: ';
- echo $userRow['balance'] ;
- echo ' руб.</a></li>
- <li><a href="/pay"><span class="glyphicon glyphicon-plus-sign"></span> Пополнить баланс</a></li>
- <li role="separator" class="divider"></li>
- <li><a href="logout.php?logout"><span class="glyphicon glyphicon-log-out"></span> Выйти</a></li>
- </ul>
- </li>
- </ul>';
- }?>
- </div>
- </div>
- </nav>
- <div class="container-fluid">
- <div class="row-fluid">
- <div class="col-lg-3">
- <?php echo $table_left;?>
- <script type="text/javascript" src="//vk.com/js/api/openapi.js?121"></script>
- <!-- VK Widget -->
- <div id="vk_groups"></div>
- <script type="text/javascript">VK.Widgets.Group("vk_groups", {mode: <?php echo $vk_group_mode;?>, width: "<?php echo $vk_group_width;?>", height: "<?php echo $vk_group_height;?>", color1: '<?php echo $vk_group_color1;?>', color2: '<?php echo $vk_group_color2;?>', color3: '<?php echo $vk_group_color3;?>'}, <?php echo $vk_group_id;?>);</script><br>
- </div><!--/col-lg-->
- <div class="col-lg-9">
- <div class="well">
- <?php
- if ( isset($errMSG) ) {
- ?>
- <div class="form-group">
- <div class="alert alert-danger">
- <span class="glyphicon glyphicon-info-sign"></span> <?php echo $errMSG; ?>
- </div>
- </div>
- <?php
- }
- ?>
- <?php
- if ( isset($okMSG) ) {
- ?>
- <div class="form-group">
- <div class="alert alert-success">
- <span class="glyphicon glyphicon-info-sign"></span> <?php echo $okMSG; ?>
- </div>
- </div>
- <?php
- }
- ?>
- <?php
- echo ' <form method="POST" action="/repass" autocomplete="off">
- <h4>Смена пароля: </h4><span class="text-danger">'.$pass_oldError.'</span>
- <input type="text" name="pass_old" class="form-control" placeholder="Ваш старый пароль" maxlength="15" /><br />
- <span class="text-danger">'.$pass_newError.'</span>
- <input type="text" name="pass_new" class="form-control" placeholder="Ваш новый пароль" maxlength="15" /><br />
- <span class="text-danger">'.$pass_new_rError.'</span>
- <input type="text" name="pass_new_r" class="form-control" placeholder="Повторите ваш новый пароль" maxlength="15" /><br />
- <button type="submit" class="btn btn-primary form-control" name="repass">Сменить пароль</button><br /></div>
- </form>'?>
- <?php
- if ( $ShowMonitoring == '1' ) {
- echo '<div class="row-fluid" style="display: block"> '.$monitoring_text.' '.$gametracker.' </div>';
- }
- ?>
- </div><!--/col-lg-9-->
- </div><!--/row-->
- </div><!--/.fluid-container-->
- <div class="container-fluid">
- <hr>
- <footer>
- <div class="panel panel-default">
- <div class="panel-body">
- <p><a href="https://<?php echo $vk_group ?>"><img src="assets/img/vk.png" width="36" height="36" alt="assets/img/vk"></a>
- <a href="skype:<?php echo $skype ?>"><img src="assets/img/skype.png" width="40" height="40" alt="assets/img/skype"></a>
- <a href="https://<?php echo $steam ?>"><img src="assets/img/steam.png" width="30" height="30" alt="assets/img/steam"></a>
- © <?php echo $server_name; ?> 2017.</p>
- </div>
- </div>
- </div>
- </footer>
- <!-- Le javascript
- ================================================== -->
- <!-- Placed at the end of the document so the pages load faster -->
- <script src="http://code.jquery.com/jquery-latest.js"></script>
- <script src="/assets/js/bootstrap.min.js"></script>
- </body>
- </html>
- <?php ob_end_flush(); ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement