MichaelMcDonald
Posts: 640
|
Posted: 10/10/2012, 1:58 AM |
|
Posted: 10/10/2012, 1:45 AM Edit message Delete message Quote message
On Validate
------------------------
$SQL = "SELECT password FROM users WHERE iduser=". CCGetSession("UserID",ccsInteger);
$db->query($SQL);
if($db->next_record()){
$oldpd = $db->f("password");
}
$newpd = (md5($changepwd->newpass->GetValue()));
if ($changepwd->currentpass->GetValue() == NULL){
$changepwd->Errors->addError("Current Password is required.");
}
$currentpass = (md5($changepwd->currentpass->GetValue()));
if ($changepwd->currentpass->GetValue() != NULL){
if ($currentpass != $oldpd){
$changepwd->Errors->addError("Current Password cannot be verified.");
}
}
if ($changepwd->newpass->GetValue() == NULL){
$changepwd->Errors->addError("New Password is required.");
}
if ($changepwd->newpass->GetValue() != NULL){
if (CCStrLen($changepwd->newpass->GetText()) && !preg_match("/(?=^.{10,}\$)((?=.*\d)|(?=.*\W+))(?![.\n])(?=.*[A-Z])(?=.*[a-z]).*\$/", $changepwd->newpass->GetText()))
{
$changepwd->Errors->addError("Must be 10 chars with at least 1 UPPERCASE, 1 lowercase, 1 digit and 1 special character.");
}
}
if ($changepwd->confirmpass->GetValue() == NULL){
$changepwd->Errors->addError("Confirm New Password is required.");
}
if ($changepwd->confirmpass->GetValue() != $changepwd->newpass->GetValue()){
$changepwd->Errors->addError("Confirm New Password.");
}
$SQL = "SELECT pd FROM prevpd WHERE pd = '$newpd' AND userid=" . CCGetSession("UserID",ccsInteger);
$db->query($SQL);
if($db->next_record()){
$pd = $db->f("pd");
}
$db->close();
if ($newpd == $oldpd or $newpd == $pd){
$changepwd->Errors->addError("Cannot Use Previous Password.");
}
Button Submit (not using update function) - all updating manual...
-----------------
$newpass = CCGetParam("newpass");
$db = new clsDBFM();
$now = time();
$SQL = "SELECT password FROM users WHERE iduser=". CCGetSession("UserID",ccsInteger);
$db->query($SQL);
if($db->next_record()){
$pd = $db->f("password");
}
$userid = CCGetSession("UserID",ccsInteger);
$SQL = "INSERT into prevpd(pd, userid, chgtimestamp) VALUES ('$pd', '$userid', '$now')";
$db->query($SQL);
$SQL = "UPDATE users SET password = (md5('$newpass')) WHERE iduser=". CCGetSession("UserID",ccsInteger);
$db->query($SQL);
$db->close();
_________________
Central Coast, NSW, Australia.
|