Hi Devs,
Need your help with this one, I have tried to create a change password on our Tantra Website, but it doesn't seem to work, it does change on the database when I try to login, it doesn't accept the new password instead it still accepts the old password.
Here the code by the way (this is just my passwordchangetest.php):
SAMPLE CHANGE PASSWORD TEST PAGE
<?php
error_reporting(1);
require_once("../config/config.php");
require_once("../config/sanitizer.php");
$holder = clean(trim($_POST['txtusername']));
$password = clean(trim($_POST['txtpassword']));
// retrieve user details
$sql = mssql_query("Select * from Account where UserID='" . $holder . "'");
$row = mssql_fetch_array($sql);
$userkey = $row['UserKey'];
$password2 = strtoupper(md5(trim($password)));
$userlength= strlen(trim($holder));
$initial = substr($holder,0,1);
// opem the sample tad
$f = fopen("c712262ec301cbe5e0acde282add3c42/borla.tad","r");
$acc = fread($f,84);
$dUser= substr($acc,0,$userlength);
$dPass= substr($acc,52,32);
$acc = str_replace($dUser,$holder,$acc);
$acc = str_replace($dPass,$password2, $acc);
$f2 = fopen($AccDir."".$initial."".strtoupper($holder).".tad", "r+");
fseek($f2,0,84);
fwrite($f2,$acc);
fclose($f);
// all good, proceed on updating the password on the shared folder path 01
$fp = fopen($server_share_path_update ."$holder.txt","w");
fwrite($fp,$holder."\r\n");
fwrite($fp,$password."\r\n");
fwrite($fp,"000000\r\n");
fwrite($fp,$userkey."\r\n");
fclose($fp);
$results = $msg[4];
if(fwrite($f2,$acc)) {
echo "<p>Pasword successfully changed!</p>";
fclose($f);
}else{
echo "<p>Unable to change password!</p>";
}
// update database
mssql_query("Update UserLogin..Account set Password = '$password' where UserID='$holder'");
?>
- I want to know if are we going to use the sample.tad when using it to find the offset of the password, are we going to use the actual tad file of the user to change it's password on its content?
I really need your help with this one. Thank you in advance!
Need your help with this one, I have tried to create a change password on our Tantra Website, but it doesn't seem to work, it does change on the database when I try to login, it doesn't accept the new password instead it still accepts the old password.
Here the code by the way (this is just my passwordchangetest.php):
SAMPLE CHANGE PASSWORD TEST PAGE
<?php
error_reporting(1);
require_once("../config/config.php");
require_once("../config/sanitizer.php");
$holder = clean(trim($_POST['txtusername']));
$password = clean(trim($_POST['txtpassword']));
// retrieve user details
$sql = mssql_query("Select * from Account where UserID='" . $holder . "'");
$row = mssql_fetch_array($sql);
$userkey = $row['UserKey'];
$password2 = strtoupper(md5(trim($password)));
$userlength= strlen(trim($holder));
$initial = substr($holder,0,1);
// opem the sample tad
$f = fopen("c712262ec301cbe5e0acde282add3c42/borla.tad","r");
$acc = fread($f,84);
$dUser= substr($acc,0,$userlength);
$dPass= substr($acc,52,32);
$acc = str_replace($dUser,$holder,$acc);
$acc = str_replace($dPass,$password2, $acc);
$f2 = fopen($AccDir."".$initial."".strtoupper($holder).".tad", "r+");
fseek($f2,0,84);
fwrite($f2,$acc);
fclose($f);
// all good, proceed on updating the password on the shared folder path 01
$fp = fopen($server_share_path_update ."$holder.txt","w");
fwrite($fp,$holder."\r\n");
fwrite($fp,$password."\r\n");
fwrite($fp,"000000\r\n");
fwrite($fp,$userkey."\r\n");
fclose($fp);
$results = $msg[4];
if(fwrite($f2,$acc)) {
echo "<p>Pasword successfully changed!</p>";
fclose($f);
}else{
echo "<p>Unable to change password!</p>";
}
// update database
mssql_query("Update UserLogin..Account set Password = '$password' where UserID='$holder'");
?>
- I want to know if are we going to use the sample.tad when using it to find the offset of the password, are we going to use the actual tad file of the user to change it's password on its content?
I really need your help with this one. Thank you in advance!
