diff options
| author | cflem <carson.fl3ming@gmail.com> | 2017-01-01 19:32:37 -0700 |
|---|---|---|
| committer | cflem <carson.fl3ming@gmail.com> | 2017-01-01 19:32:37 -0700 |
| commit | d8543707426d6a4645c270929f999df8209bb587 (patch) | |
| tree | 7ae008b2844bad684e9b4b81f1281939be37bdee | |
| parent | cab89c911147b4dcf9027d972995b981b8247673 (diff) | |
| download | bulletin-d8543707426d6a4645c270929f999df8209bb587.tar.gz | |
Added inc/config.php to the gitignore, opting for a sample version instead
| -rw-r--r-- | .gitignore | 4 | ||||
| -rw-r--r-- | dash/css/dash.css | 2 | ||||
| -rw-r--r-- | dash/dash_common.php | 1 | ||||
| -rw-r--r-- | dash/dash_functions.php | 9 | ||||
| -rw-r--r-- | dash/settings.php | 12 | ||||
| -rw-r--r-- | inc/dash_fatal.tpl | 9 | ||||
| -rw-r--r-- | inc/functions.php | 2 |
7 files changed, 34 insertions, 5 deletions
@@ -2,3 +2,7 @@ *.swp .*.swp *~ + +# sensitive config file +# contains database passwords and site-specific options +inc/config.php diff --git a/dash/css/dash.css b/dash/css/dash.css index 040aab0..f6f390d 100644 --- a/dash/css/dash.css +++ b/dash/css/dash.css @@ -221,7 +221,7 @@ body { padding-top: 1em; } #fulljob.fjsettings { - margin: 5em auto 1em auto; + margin: 2em auto 0 auto; height: 500px; border-radius: 5px; } diff --git a/dash/dash_common.php b/dash/dash_common.php index 5a836cb..cc1d0b1 100644 --- a/dash/dash_common.php +++ b/dash/dash_common.php @@ -1,5 +1,6 @@ <?php require('../inc/common.php'); +require('dash_functions.php'); if ($b_user['id'] < 1) l_redirect('login.php'); define('ACC_TYPE', $b_user['type']); diff --git a/dash/dash_functions.php b/dash/dash_functions.php new file mode 100644 index 0000000..49664a3 --- /dev/null +++ b/dash/dash_functions.php @@ -0,0 +1,9 @@ +<?php +function dash_fatal ($msg = null, $link = null, $label = null) { + if ($link === null) $link = 'javascript:history.go(-1);'; + if ($label == null) $label = '← Got It'; + echo tpl(array('message' => $msg, 'link' => $link, 'label' => $label), 'dash_fatal.tpl').PHP_EOL; + require('footer.php'); + die; +} +?> diff --git a/dash/settings.php b/dash/settings.php index 8c29a90..5dc2e3d 100644 --- a/dash/settings.php +++ b/dash/settings.php @@ -4,9 +4,15 @@ define('HEIRARCHY', 1); require('dash_common.php'); $title = 'Account Settings / Bulletin'; require('header.php'); -//if (!empty($_POST[''])) { - -//} +if (!empty($_POST['changepass'])) { + if ($b_user['password'] != hash('sha512', $_POST['oldpass'])) dash_fatal('The password you entered does not match your current password.'); + if ($_POST['newpass1'] != $_POST['newpass2']) dash_fatal('Your new passwords do not match.'); + $db->query('UPDATE users SET password = \''.hash('sha512', $_POST['newpass1']).'\' WHERE id = '.$b_user['id']) or dash_fatal($db->error); + if ($db->affected_rows < 1) dash_fatal('No user with your ID is in the database'); + dash_fatal('Password changed successfully.'); +} else if (!empty($_POST['changetype'])) { + if ($b_user['password'] != hash('sha512', $_POST['curpass'])) dash_fatal('The password you entered does not match your current password.'); +} ?> <div id="fulljob" class="fjsettings"> <div id="fjheader"> diff --git a/inc/dash_fatal.tpl b/inc/dash_fatal.tpl new file mode 100644 index 0000000..31106a2 --- /dev/null +++ b/inc/dash_fatal.tpl @@ -0,0 +1,9 @@ + <div class="errbox"> + <p>[tpl:message]</p> + <div class="hr"></div> + <p class="back"> + <a href="[tpl:link]"> + [tpl:label] + </a> + </p> + </div> diff --git a/inc/functions.php b/inc/functions.php index 4e98342..4793d3d 100644 --- a/inc/functions.php +++ b/inc/functions.php @@ -36,7 +36,7 @@ function tpl ($options, $file) { return $tpl_htm; } -function fatal ($msg, $link, $label) { +function fatal ($msg = null, $link = null, $label = null) { if ($link === null) $link = 'javascript:history.go(-1);'; if ($label === null) $label = '← Got It'; die(tpl(array('message' => $msg, 'link' => $link, 'label' => $label), 'fatal.tpl')); |