dialup_admin/lib/sql/change_passwd.php3

   1 <?php
   2 if (is_file("../lib/sql/drivers/$config[sql_type]/functions.php3"))
   3         include_once("../lib/sql/drivers/$config[sql_type]/functions.php3");
   4 else{
   5         echo "<b>Could not include SQL library</b><br>\n";
   6         exit();
   7 }
   8 if ($config[sql_use_operators] == 'true'){
   9         $text1 = ',op';
  10         $text2  = ",':='";
  11         $text3 = ", op = ':='";
  12 }
  13 else{
  14         $text1 = '';
  15         $text2 = '';
  16         $text3 = '';
  17 }
  18 $link = @da_sql_pconnect($config);
  19 if ($link){
  20         if (is_file("../lib/crypt/$config[general_encryption_method].php3")){
  21                 include("../lib/crypt/$config[general_encryption_method].php3");
  22                 $passwd = da_encrypt($passwd);
  23                 $passwd = da_sql_escape_string($passwd);
  24                 $res = @da_sql_query($link,$config,
  25                         "SELECT value FROM $config[sql_check_table] WHERE username = '$login'
  26                         AND attribute = '$config[sql_password_attribute]';");
  27                 if ($res){
  28                         $row = @da_sql_fetch_array($res,$config);
  29                         if ($row){
  30                                 $res = @da_sql_query($link,$config,
  31                                 "UPDATE $config[sql_check_table] SET value = '$passwd' $text3 WHERE
  32                                 attribute = '$config[sql_password_attribute]' AND username = '$login';");
  33                                 if (!$res || !@da_sql_affected_rows($link,$res,$config))
  34                                         echo "<b>Error while changing password: " . da_sql_error($link,$config) . "</b><br>\n";
  35                         }
  36                         else{
  37                                 $res = @da_sql_query($link,$config,
  38                                         "INSERT INTO $config[sql_check_table] (attribute,value,username $text1)
  39                                         VALUES ('$config[sql_password_attribute]','$passwd','$login' $text2);");
  40                                 if (!$res || !@da_sql_affected_rows($link,$res,$config))
  41                                         echo "<b>Error while changing password: " . da_sql_error($link,$config) . "</b><br>\n";
  42                         }
  43                 }
  44                 else
  45                         echo "<b>Error while executing query: " . da_sql_error($link,$config) . "</b><br>\n";
  46         }
  47         else
  48                 echo "<b>Could not open encryption library file</b><br>\n";
  49 }
  50 else
  51         echo "<b>Could not connect to SQL database</b><br>\n";
  52 ?>