AS1024
/
itflow
mirror of https://github.com/itflow-org/itflow
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Added Password Reveal to all password fields, also updated the password update logic

This commit is contained in:
johnnyq 2021-08-09 23:34:34 -04:00
parent f605b5ac4a
commit b8d8a51a3b
8 changed files with 50 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
add_user_modal.php
View File

@ -36,7 +36,10 @@
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-lock"></i></span>
</div>
<input type="password" class="form-control" name="password" placeholder="Enter a Password" autocomplete="new-password" required>
<input type="password" class="form-control" data-toggle="password" name="password" placeholder="Enter a Password" autocomplete="new-password" required>
<div class="input-group-append">
<span class="input-group-text"><i class="fa fa-fw fa-eye"></i></span>
</div>
</div>
</div>

8
edit_user_modal.php
View File

@ -9,7 +9,6 @@
</div>
<form action="post.php" method="post" enctype="multipart/form-data" autocomplete="off">
<input type="hidden" name="user_id" value="<?php echo $user_id; ?>">
<input type="hidden" name="current_password_hash" value="<?php echo $password; ?>">
<input type="hidden" name="current_avatar_path" value="<?php echo $avatar; ?>">
<div class="modal-body bg-white">
@ -45,12 +44,15 @@
</div>
<div class="form-group">
<label>Password <strong class="text-danger">*</strong></label>
<label>New Password</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-lock"></i></span>
</div>
<input type="password" class="form-control" name="password" placeholder="Enter a password" value="<?php echo $password; ?>" autocomplete="new-password" required>
<input type="password" class="form-control" data-toggle="password" name="new_password" placeholder="Leave Blank For No Passwod Change" autocomplete="new-password">
<div class="input-group-append">
<span class="input-group-text"><i class="fa fa-fw fa-eye"></i></span>
</div>
</div>
</div>

27
post.php
View File

@ -73,12 +73,7 @@ if(isset($_POST['edit_user'])){
$name = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['name'])));
$email = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['email'])));
$current_password_hash = $_POST['current_password_hash'];
$password = $_POST['password'];
if($current_password_hash == $password){
$password = $current_password_hash;
}else{
$password = md5($password);
}
$new_password = $_POST['new_password'];
$company = intval($_POST['company']);
$level = intval($_POST['level']);
$path = strip_tags(mysqli_real_escape_string($mysqli,$_POST['current_avatar_path']));
@ -95,6 +90,11 @@ if(isset($_POST['edit_user'])){
mysqli_query($mysqli,"UPDATE users SET name = '$name', email = '$email', password = '$password', avatar = '$path', updated_at = NOW() WHERE user_id = $user_id");
if(!empty($new_password)){
$new_password = md5($new_password);
mysqli_query($mysqli,"UPDATE users SET password = '$new_password' WHERE user_id = $user_id");
}
//Create Permissions
mysqli_query($mysqli,"UPDATE permissions SET permission_level = $level, permission_default_company = $company WHERE user_id = $user_id");
@ -112,13 +112,7 @@ if(isset($_POST['edit_profile'])){
$user_id = intval($_POST['user_id']);
$name = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['name'])));
$email = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['email'])));
$current_password_hash = $_POST['current_password_hash'];
$password = $_POST['password'];
if($current_password_hash == $password){
$password = $current_password_hash;
}else{
$password = md5($password);
}
$new_password = $_POST['new_password'];
$path = strip_tags(mysqli_real_escape_string($mysqli,$_POST['current_avatar_path']));
if($_FILES['file']['tmp_name']!='') {
@ -131,7 +125,12 @@ if(isset($_POST['edit_profile'])){
move_uploaded_file($_FILES['file']['tmp_name'], $path);
}
mysqli_query($mysqli,"UPDATE users SET name = '$name', email = '$email', password = '$password', avatar = '$path', updated_at = NOW() WHERE user_id = $user_id");
mysqli_query($mysqli,"UPDATE users SET name = '$name', email = '$email', avatar = '$path', updated_at = NOW() WHERE user_id = $user_id");
if(!empty($new_password)){
$new_password = md5($new_password);
mysqli_query($mysqli,"UPDATE users SET password = '$new_password' WHERE user_id = $user_id");
}
//logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'User', log_action = 'Modified', log_description = '$name', log_created_at = NOW()");

12
settings-general.php
View File

@ -13,9 +13,12 @@
<label>API Key</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-lock"></i></span>
<span class="input-group-text"><i class="fa fa-fw fa-key"></i></span>
</div>
<input type="password" class="form-control" data-toggle="password" name="config_api_key" placeholder="No spaces only numbers and letters" value="<?php echo $config_api_key; ?>">
<div class="input-group-append">
<span class="input-group-text"><i class="fa fa-fw fa-eye"></i></span>
</div>
<input type="text" class="form-control" name="config_api_key" placeholder="No spaces only numbers and letters" value="<?php echo $config_api_key; ?>">
</div>
</div>
@ -25,7 +28,10 @@
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-key"></i></span>
</div>
<input type="text" class="form-control" name="config_aes_key" placeholder="Key used to decrypt passwords" value="<?php echo $config_aes_key; ?>">
<input type="password" class="form-control" data-toggle="password" name="config_aes_key" placeholder="Key used to decrypt passwords" value="<?php echo $config_aes_key; ?>">
<div class="input-group-append">
<span class="input-group-text"><i class="fa fa-fw fa-eye"></i></span>
</div>
</div>
<small class="form-text text-muted">This will also update the key on all client logins</small>
</div>

5
settings-mail.php
View File

@ -45,7 +45,10 @@
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-lock"></i></span>
</div>
<input type="password" class="form-control" name="config_smtp_password" placeholder="Password" value="<?php echo $config_smtp_password; ?>" required>
<input type="password" class="form-control" data-toggle="password" name="config_smtp_password" placeholder="Password" value="<?php echo $config_smtp_password; ?>" required>
<div class="input-group-append">
<span class="input-group-text"><i class="fa fa-fw fa-eye"></i></span>
</div>
</div>
</div>

9
settings-user.php
View File

@ -28,7 +28,6 @@ $password = $row['password'];
<form action="post.php" method="post" enctype="multipart/form-data" autocomplete="off">
<input type="hidden" name="user_id" value="<?php echo $session_user_id; ?>">
<input type="hidden" name="current_avatar_path" value="<?php echo $session_avatar; ?>">
<input type="hidden" name="current_password_hash" value="<?php echo $password; ?>">
<center class="mb-3 p-4">
<?php if(empty($session_avatar)){ ?>
@ -62,14 +61,18 @@ $password = $row['password'];
</div>
<div class="form-group">
<label>Password <strong class="text-danger">*</strong></label>
<label>New Password</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-lock"></i></span>
</div>
<input type="password" class="form-control" name="password" placeholder="Enter a password" value="<?php echo $password; ?>" autocomplete="new-password">
<input type="password" class="form-control" data-toggle="password" name="new_password" placeholder="Leave Blank For No Passwod Change" autocomplete="new-password">
<div class="input-group-append">
<span class="input-group-text"><i class="fa fa-fw fa-eye"></i></span>
</div>
</div>
</div>
<div class="form-group">
<label>Avatar</label>
<input type="file" class="form-control-file" accept="image/*;capture=camera" name="file">

11
setup.php
View File

@ -392,7 +392,10 @@ if(isset($_POST['add_company_settings'])){
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-lock"></i></span>
</div>
<input type="password" class="form-control" name="password" placeholder="Database Password" required>
<input type="password" class="form-control" data-toggle="password" name="password" placeholder="Enter a Database Password" autocomplete="new-password" required>
<div class="input-group-append">
<span class="input-group-text"><i class="fa fa-fw fa-eye"></i></span>
</div>
</div>
</div>
@ -457,7 +460,10 @@ if(isset($_POST['add_company_settings'])){
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-lock"></i></span>
</div>
<input type="password" class="form-control" name="password" placeholder="Enter a Password" required>
<input type="password" class="form-control" data-toggle="password" name="password" placeholder="Enter a Password" autocomplete="new-password" required>
<div class="input-group-append">
<span class="input-group-text"><i class="fa fa-fw fa-eye"></i></span>
</div>
</div>
</div>
@ -652,6 +658,7 @@ if(isset($_POST['add_company_settings'])){
<script src='plugins/inputmask/min/jquery.inputmask.bundle.min.js'></script>
<script src='plugins/inputmask/min/inputmask/bindings/inputmask.binding.min.js'></script>
<script src='plugins/select2/js/select2.min.js'></script>
<script src="plugins/Show-Hide-Passwords-Bootstrap-4/bootstrap-show-password.min.js"></script>
<!-- AdminLTE App -->
<script src="dist/js/adminlte.min.js"></script>

1
users.php
View File

@ -84,7 +84,6 @@
$user_id = $row['user_id'];
$name = $row['name'];
$email = $row['email'];
$password = $row['password'];
$avatar = $row['avatar'];
$permission_default_company = $row['permission_default_company'];
$permission_level = $row['permission_level'];