diff options
Diffstat (limited to 'dash')
| -rw-r--r-- | dash/css/dash.css | 2 | ||||
| -rw-r--r-- | dash/dash_common.php | 1 | ||||
| -rw-r--r-- | dash/dash_functions.php | 9 | ||||
| -rw-r--r-- | dash/settings.php | 12 |
4 files changed, 20 insertions, 4 deletions
diff --git a/dash/css/dash.css b/dash/css/dash.css index 040aab0..f6f390d 100644 --- a/dash/css/dash.css +++ b/dash/css/dash.css @@ -221,7 +221,7 @@ body { padding-top: 1em; } #fulljob.fjsettings { - margin: 5em auto 1em auto; + margin: 2em auto 0 auto; height: 500px; border-radius: 5px; } diff --git a/dash/dash_common.php b/dash/dash_common.php index 5a836cb..cc1d0b1 100644 --- a/dash/dash_common.php +++ b/dash/dash_common.php @@ -1,5 +1,6 @@ <?php require('../inc/common.php'); +require('dash_functions.php'); if ($b_user['id'] < 1) l_redirect('login.php'); define('ACC_TYPE', $b_user['type']); diff --git a/dash/dash_functions.php b/dash/dash_functions.php new file mode 100644 index 0000000..49664a3 --- /dev/null +++ b/dash/dash_functions.php @@ -0,0 +1,9 @@ +<?php +function dash_fatal ($msg = null, $link = null, $label = null) { + if ($link === null) $link = 'javascript:history.go(-1);'; + if ($label == null) $label = '← Got It'; + echo tpl(array('message' => $msg, 'link' => $link, 'label' => $label), 'dash_fatal.tpl').PHP_EOL; + require('footer.php'); + die; +} +?> diff --git a/dash/settings.php b/dash/settings.php index 8c29a90..5dc2e3d 100644 --- a/dash/settings.php +++ b/dash/settings.php @@ -4,9 +4,15 @@ define('HEIRARCHY', 1); require('dash_common.php'); $title = 'Account Settings / Bulletin'; require('header.php'); -//if (!empty($_POST[''])) { - -//} +if (!empty($_POST['changepass'])) { + if ($b_user['password'] != hash('sha512', $_POST['oldpass'])) dash_fatal('The password you entered does not match your current password.'); + if ($_POST['newpass1'] != $_POST['newpass2']) dash_fatal('Your new passwords do not match.'); + $db->query('UPDATE users SET password = \''.hash('sha512', $_POST['newpass1']).'\' WHERE id = '.$b_user['id']) or dash_fatal($db->error); + if ($db->affected_rows < 1) dash_fatal('No user with your ID is in the database'); + dash_fatal('Password changed successfully.'); +} else if (!empty($_POST['changetype'])) { + if ($b_user['password'] != hash('sha512', $_POST['curpass'])) dash_fatal('The password you entered does not match your current password.'); +} ?> <div id="fulljob" class="fjsettings"> <div id="fjheader"> |