MOON
Server: Apache
System: Linux e2e-78-16.ssdcloudindia.net 3.10.0-1160.45.1.el7.x86_64 #1 SMP Wed Oct 13 17:20:51 UTC 2021 x86_64
User: imensosw (1005)
PHP: 7.4.33
Disabled: exec,passthru,shell_exec,system
$ pwd: /home/imensosw/public_html/imenso.co/timesheet/api/
Upload Files
File: /home/imensosw/public_html/imenso.co/timesheet/api/setting.php
<?php

ob_start();

require_once '../lib/lib.inc.php';

logit(INFO, 'starting admin');

$resp = new stdClass();
$resp->error = false;
$resp->msg = [];

if(!dbConnect()){
  $resp->error = "Database error";
}


$setting = new Setting();

logit(INFO,"REQUEST: " . print_r($_REQUEST,1));

switch ($_REQUEST["action"]) {

    case "changepassword":
    if($setting->checkAuth()){
        $setting->makeSetting();
        if($setting->checkChangePassword())
        {
           $setting->changePassword();
        }
    }
    break;

    default:
    $setting->resp->error = "No command found";
    logit(INFO, "GOT TO DEFAULT");
} //-es



if ($resp->error) {
  error();
} else {
  respond();
}


class Setting
{
    public function __construct()
    {
        global $resp;
        $this->resp = &$resp;
        $this->init();
    
    } //- ef
    private function init() {
    } //- init

        public function checkAuth()
    {
        if(tokenTimeout($_REQUEST["token"]) || !isAdmin($_REQUEST["token"]))
        {
            $this->resp->error = true;
            $this->resp->msg = "timeout out";
            return false;
        }
        return true;
    }

    public function makeSetting()
    {
        $this->setting=$_REQUEST["setting"];
    }
    
    public function checkChangePassword(){
       if(!trim(strlen($this->setting["new_password"])))
        {
               $this->resp->msg[] = 'Please enter current password';
        }
        else if(strlen(trim($this->setting["new_password"]))<6)
        {
               $this->resp->msg[] = 'Password must be at least 6 digits!';
        }
        if(count($this->resp->msg)>0)
        {
           return false;
        }
        return true;
    }

        public function changePassword(){
            $in = array (
                ":token" =>$_REQUEST["token"]
            );

            $sql = "SELECT * FROM users WHERE token = :token";
            if ($rc=dbPdoQuery($sql,$in) AND $row = dbPdoFetch($rc)) {

                if (!password_verify($this->setting["current_password"], $row['password'])) {
                    $this->resp->msg[] = 'Current password is wrong';
                    return false;
                }

                $d = sha1(date("Y-M-D s") . $row["email"]);
                $in = array (
                ":password" =>hashPassword($this->setting["new_password"]),
                ":token" =>$d,
                 ":id" =>$row["id"]
                );

                $sql="UPDATE users SET password =:password,token=:token  WHERE id=:id";

                if($rc = dbPdoQuery($sql,$in)) {
                    $this->resp->status =true;
                    logit(INFO,"Updated password with ID " . $row['id']);
                  } else {
                    logit(WARN," DB Error:  $sql in ".__FILE__." on line: ".__LINE__);
                    error("Database error [db02]");
                  }

            } else {
                logit(INFO,"Did not get proper forgot");
                $this->resp->msg = "not found.";
            }

        } //- checkForgot




} //-ec
@ Telegram