i have two scripts that are not running to reset a password that has been forgotten and the other to change old password.
here are the scripts.
change_passwd.php
<?
require_once("system_fns.php");
session_start();
do_html_header("Changing password");
//check_valid_user();
$new_passwd=($_POST['new_passwd']);
$new_passwd2=($_POST['new_passwd2']);
if (!filled_out($HTTP_POST_VARS))
{
echo "You have not filled out the form completely.
Please try again.";
display_user_menu();
//do_html_footer();
exit;
}
else
{
if ($new_passwd!=$new_passwd2)
echo "Passwords entered were not the same. Not changed.";
else if (strlen($new_passwd)>16 || strlen($new_passwd)<6)
echo "New password must be between 6 and 16 characters. Try again.";
else
{
// attempt update
if (change_password($valid_user, $old_passwd, $new_passwd))
echo "Password changed.";
else
echo "Password could not be changed.";
}
}
display_user_menu();
//do_html_footer();
?>
error warnings from this code are.
Notice: Undefined index: new_passwd in C:\project\test\change_passwd.php on line 6
Notice: Undefined index: new_passwd2 in C:\project\test\change_passwd.php on line 7
New password must be between 6 and 16 characters. Try again.
Fatal error: Call to undefined function: display_user_menu() in C:\project\test\change_passwd.php on line 33
function change_password($username, $old_passwd, $new_passwd)
// change password for username/old_password to new_password
// return true or false
{
// if the old password is right
// change their password to new_password and return true
// else return false
if (login($username, $old_passwd))
{
if (!($conn = db_connect()))
return false;
$result = mysql_query( "update users
set passwd = password('$new_passwd')
where username = '$username'");
if (!$result)
return false; // not changed
else
return true; // changed successfully
}
else
return false; // old password was wrong
}
function get_random_word($min_length, $max_length)
// grab a random word from dictionary between the two lengths
// and return it
{
// generate a random word
$word = "";
$dictionary = "/usr/share/dict/words"; // the ispell dictionary
$fp = fopen($dictionary, "r");
$size = filesize($dictionary);
// go to a random location in dictionary
srand ((double) microtime() * 1000000);
$rand_location = rand(0, $size);
fseek($fp, $rand_location);
// get the next whole word of the right length in the file
while (strlen($word)< $min_length || strlen($word)>$max_length)
{
if (feof($fp))
fseek($fp, 0); // if at end, go to start
$word = fgets($fp, 80); // skip first word as it could be partial
$word = fgets($fp, 80); // the potential password
};
$word=trim($word); // trim the trailing \n from fgets
return $word;
}
function reset_password($username)
// set password for username to a random value
// return the new password or false on failure
{
// get a random dictionary word b/w 6 and 13 chars in length
$new_passwd = get_random_word(6, 13);
// add a number between 0 and 999 to it
// to make it a slightly better password
srand ((double) microtime() * 1000000);
$rand_number = rand(0, 999);
$new_passwd .= $rand_number;
// set user's password to this in database or return false
if (!($conn = db_connect()))
return false;
$result = mysql_query( "update users
set passwd = password('$new_password')
where username = '$username'");
if (!$result)
return false; // not changed
else
return $new_passwd; // changed successfully
}
function notify_password($username, $passwd)
// notify the user that their password has been changed
{
if (!($conn = db_connect()))
return false;
$result = mysql_query("select email from users
where username='$username'");
if (!$result)
return false; // not changed
else if (mysql_num_rows($result)==0)
return false; // username not in db
else
{
$email = mysql_result($result, 0, "email");
$from = "From: support@learning_system \r\n";
$mesg = "Your password has been changed to $password \r\n"
."Please change it next time you log in. \r\n";
if (mail($email, "Learning System login information", $mesg, $from))
return true;
else
return false;
}
}
?>
these are the errror warnings i got.
Warning: fopen(/usr/share/dict/words) [function.fopen]: failed to open stream: No such file or directory in C:\project\test\user_auth_fns.php on line 99
Warning: filesize() [function.filesize]: Stat failed for /usr/share/dict/words (errno=2 - No such file or directory) in C:\project\test\user_auth_fns.php on line 100
Warning: fseek(): supplied argument is not a valid stream resource in C:\project\test\user_auth_fns.php on line 105
Warning: feof(): supplied argument is not a valid stream resource in C:\project\test\user_auth_fns.php on line 110
Warning: fgets(): supplied argument is not a valid stream resource in C:\project\test\user_auth_fns.php on line 112
Warning: fgets(): supplied argument is not a valid stream resource in C:\project\test\user_auth_fns.php on line 113
------------------------------------------------------------------------------------------------------------------
yo help is greatly appreciated.