link, "SELECT salt FROM ttrss_users WHERE id = " . $_SESSION['uid']); $salt = db_fetch_result($result, 0, "salt"); if (!$salt) { $old_pw_hash1 = encrypt_password($old_pw); $old_pw_hash2 = encrypt_password($old_pw, $_SESSION["name"]); $query = "SELECT id FROM ttrss_users WHERE id = ".$_SESSION['uid']." AND (pwd_hash = '$old_pw_hash1' OR pwd_hash = '$old_pw_hash2')"; } else { $old_pw_hash = encrypt_password($old_pw, $salt, true); $query = "SELECT id FROM ttrss_users WHERE id = ".$_SESSION['uid']." AND pwd_hash = '$old_pw_hash'"; } $result = db_query($this->link, $query); if (db_num_rows($result) == 1) { $new_salt = substr(bin2hex(get_random_bytes(125)), 0, 250); $new_pw_hash = encrypt_password($new_pw, $new_salt, true); db_query($this->link, "UPDATE ttrss_users SET pwd_hash = '$new_pw_hash', salt = '$new_salt' WHERE id = ".$_SESSION['uid']); $_SESSION["pwd_hash"] = $new_pw_hash; print __("Password has been changed."); } else { print "ERROR: ".__('Old password is incorrect.'); } } function saveconfig() { $_SESSION["prefs_cache"] = false; $orig_theme = get_pref($this->link, "_THEME_ID"); foreach (array_keys($_POST) as $pref_name) { $pref_name = db_escape_string($pref_name); $value = db_escape_string($_POST[$pref_name]); if ($pref_name == 'DIGEST_PREFERRED_TIME') { if (get_pref($this->link, 'DIGEST_PREFERRED_TIME') != $value) { db_query($this->link, "UPDATE ttrss_users SET last_digest_sent = NULL WHERE id = " . $_SESSION['uid']); } } set_pref($this->link, $pref_name, $value); } if ($orig_theme != get_pref($this->link, "_THEME_ID")) { print "PREFS_THEME_CHANGED"; } else { print __("The configuration was saved."); } } function getHelp() { $pref_name = db_escape_string($_REQUEST["pn"]); $result = db_query($this->link, "SELECT help_text FROM ttrss_prefs WHERE pref_name = '$pref_name'"); if (db_num_rows($result) > 0) { $help_text = db_fetch_result($result, 0, "help_text"); print $help_text; } else { printf(__("Unknown option: %s"), $pref_name); } } function changeemail() { $email = db_escape_string($_POST["email"]); $full_name = db_escape_string($_POST["full_name"]); $active_uid = $_SESSION["uid"]; db_query($this->link, "UPDATE ttrss_users SET email = '$email', full_name = '$full_name' WHERE id = '$active_uid'"); print __("Your personal data has been saved."); return; } function resetconfig() { $_SESSION["prefs_op_result"] = "reset-to-defaults"; if ($_SESSION["profile"]) { $profile_qpart = "profile = '" . $_SESSION["profile"] . "'"; } else { $profile_qpart = "profile IS NULL"; } db_query($this->link, "DELETE FROM ttrss_user_prefs WHERE $profile_qpart AND owner_uid = ".$_SESSION["uid"]); initialize_user_prefs($this->link, $_SESSION["uid"], $_SESSION["profile"]); print "PREFS_THEME_CHANGED"; } function index() { global $access_level_names; $prefs_blacklist = array("HIDE_READ_FEEDS", "FEEDS_SORT_BY_UNREAD", "STRIP_UNSAFE_TAGS"); $profile_blacklist = array("ALLOW_DUPLICATE_POSTS", "PURGE_OLD_DAYS", "PURGE_UNREAD_ARTICLES", "DIGEST_ENABLE", "DIGEST_CATCHUP", "BLACKLISTED_TAGS", "ENABLE_API_ACCESS", "UPDATE_POST_ON_CHECKSUM_CHANGE", "DEFAULT_UPDATE_INTERVAL", "USER_TIMEZONE", "SORT_HEADLINES_BY_FEED_DATE", "SSL_CERT_SERIAL", "DIGEST_PREFERRED_TIME"); if (!SINGLE_USER_MODE) { $_SESSION["prefs_op_result"] = ""; print "