boinc/html/user/edit_passwd_action.php

<?php

require_once("../inc/db.inc");
require_once("../inc/util.inc");
require_once("../inc/user.inc");

db_init();

$user = get_logged_in_user();

$passwd = strtolower(process_user_text(post_str("passwd")));
$passwd2 = strtolower(process_user_text(post_str("passwd2")));

page_head("Change password");

if ($passwd != $passwd2) {
    error_page("passwords are different");
}

$passwd_hash = md5($passwd.$user->email_addr);
$result = mysql_query("update user set passwd_hash='$passwd_hash' where id=$user->id");
if ($result) {
    echo "password changed";
} else {
    echo "
        We can't update your password due to a database problem.
        Please try again later.
    ";
}

page_tail();

?>
* empty log message * svn path=/trunk/boinc/; revision=7216 2005-08-09 18:46:53 +00:00			`<?php`

			`require_once("../inc/db.inc");`
			`require_once("../inc/util.inc");`
			`require_once("../inc/user.inc");`

			`db_init();`

			`$user = get_logged_in_user();`

			`$passwd = strtolower(process_user_text(post_str("passwd")));`
			`$passwd2 = strtolower(process_user_text(post_str("passwd2")));`

			`page_head("Change password");`

			`if ($passwd != $passwd2) {`
			`error_page("passwords are different");`
			`}`

			`$passwd_hash = md5($passwd.$user->email_addr);`
			`$result = mysql_query("update user set passwd_hash='$passwd_hash' where id=$user->id");`
			`if ($result) {`
			`echo "password changed";`
			`} else {`
			`echo "`
			`We can't update your password due to a database problem.`
			`Please try again later.`
			`";`
			`}`

			`page_tail();`

			`?>`