new file mode 100644

@@ -0,0 +1,154 @@

+<?php

+/**

+ * @copyright 2024 Double Bastion LLC <www.doublebastion.com>

+ *

+ * @author Double Bastion LLC

+ *

+ * @license GNU AGPL version 3 or any later version

+ *

+ * This program is free software; you can redistribute it and/or

+ * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE

+ * License as published by the Free Software Foundation; either

+ * version 3 of the License, or any later version.

+ *

+ * This program is distributed in the hope that it will be useful,

+ * but WITHOUT ANY WARRANTY; without even the implied warranty of

+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

+ * GNU AFFERO GENERAL PUBLIC LICENSE for more details.

+ *

+ * You should have received a copy of the GNU Affero General Public

+ * License along with this program.  If not, see <http://www.gnu.org/licenses/>.

+ *

+ */

+

+define('ACCESSCONST', TRUE);

+

+require('db-connect.php');

+

+session_start();

+

+if ($_SESSION['loggedtorspanel'] == true) {

+

+?>

+

+<!doctype html>

+<head>

+    <meta charset="utf-8">

+    <meta http-equiv="X-UA-Compatible" content="IE=edge">

+    <title>RED SCARF Suite Panel</title>

+    <meta name="description" content="RED SCARF Suite Panel">

+    <meta name="viewport" content="width=device-width, initial-scale=1">

+

+    <link rel="shortcut icon" type="image/png" href="images/favicon.png" />

+    <link rel="stylesheet" href="assets/css/normalize.min.css">

+    <link rel="stylesheet" href="assets/css/bootstrap.min.css">

+    <link rel="stylesheet" href="assets/css/font-awesome-4.7.0/css/font-awesome.min.css">

+    <link rel="stylesheet" href="assets/css/themify-icons/themify-icons.css">

+    <link rel="stylesheet" href="assets/css/cs-skin-elastic.css">

+    <link rel="stylesheet" href="assets/css/style.css">

+

+    <script type="text/javascript" src="assets/js/jquery-3.3.1.min.js"></script>

+    <script type="text/javascript" src="assets/js/jquery.min.js"></script>

+    <script type="text/javascript" src="assets/js/popper.min.js"></script>

+    <script type="text/javascript" src="assets/js/bootstrap.min.js"></script>

+    <script type="text/javascript" src="assets/js/jquery.matchHeight.min.js"></script>

+    <script type="text/javascript" src="assets/js/main.js"></script>

+    <script type="text/javascript" src="assets/js/moment.min.js"></script>

+

+    <script type="text/javascript" src="assets/js/settingsmenu.js"></script>

+    <script type="text/javascript" src="assets/js/change-password.js"></script>

+

+</head>

+

+<body>

+

+<?php include 'panels.php'; ?>

+

+        <!-- Content -->

+

+        <div class="content">

+

+                <div class="pagetitle">Change Password</div>

+

+                <div class="col-lg-8">

+                    <div class="card newpasscard">

+                        <div class="card-header">Change Password</div>

+                        <div class="card-body card-block">

+                                <div class="form-group">

+                                    <div class="input-group">

+                                        <div class="input-group-addon"><i class="fa fa-asterisk"></i></div>

+                                        <input type="password" id="currentpassword" name="currentpassword" placeholder="Current Password" class="form-control">

+                                    </div>

+                                </div>

+                                <div class="form-group">

+                                    <div class="input-group">

+                                        <div class="input-group-addon"><i class="fa fa-asterisk"></i></div>

+                                        <input type="password" id="newpassword" name="newpassword" placeholder="New Password  (at least 10 characters, at least one letter, one digit, one special character)" class="form-control">

+                                    </div>

+                                </div>

+                                <div class="form-group">

+                                    <div class="input-group">

+                                        <div class="input-group-addon"><i class="fa fa-asterisk"></i></div>

+                                        <input type="password" id="confirmpassword" name="confirmpassword" placeholder="Confirm New Password" class="form-control">

+                                    </div>

+                                </div>

+                                <span id="savenewpasstext"></span>

+                                <input type="button" id="savenewpassword" value="Save New Password" />

+                        </div>

+                    </div>

+                </div>

+

+

+<?php include 'about.php'; ?>

+

+        </div>

+

+        <!-- /.content -->

+

+        <div class="clearfix"></div>

+

+<?php include 'footer.php'; ?>

+

+    </div>

+    <!-- /#right-panel -->

+

+    <script type="text/javascript">

+      $("#settingsdroparea").show();

+      $("#changepassword").css("color", "#03A9F3");

+    </script>

+

+</body>

+</html>

+

+<?php

+

+    // Generate a random string to prevent direct access to 'save-password.php'

+    function random_str($length, $keyspace = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ') {

+        $pieces = [];

+        $max = mb_strlen($keyspace, '8bit') - 1;

+

+        for ($i = 0; $i < $length; ++$i) {

+            $pieces []= $keyspace[random_int(0, $max)];

+        }

+        return implode('', $pieces);

+    }

+

+    $token = random_str(45);

+

+    session_start();

+

+    $_SESSION['valid_access'] = $token;

+

+    ?>

+    <script type="text/javascript">

+         var getVerifyKey = "<?php print_r($_SESSION['valid_access']); ?>";

+    </script>

+    <?php

+

+} else {

+

+      header("Location: panel-login.php");

+}

+

+?>

+