<% @ Language=VBScript %> <% Response.Buffer = True %> <% '~~~~~~~~~~~~~~~~~~~~~~~~~ If ValidFields Then SavePass Response.Clear Response.Redirect "mainmenu.asp?confirm=yes" Response.End End if '~~~~~~~~~~~~~~~~~~~~~~~~~ Function SavePass()%> <% 'On Error Resume Next Dim strSQL Dim message strSQL = "Update [USERS] Set" strSQL = strSQL + " [PASSWORD]= '" + Trim(Request.Form("txtNEWPASS")) + "'," strSQL = strSQL + " [CHANGE_PWD]= " + Cstr(CInt(False)) strSQL = strSQL + " WHERE [USERNAME]= '" + Trim(Request.Form("txtUSER")) + "'" strSQL = strSQL + " AND [PASSWORD]= '" + Trim(Request.Form("txtOLDPASS")) + "'" Set cmdUSER = Server.CreateObject("ADODB.Command") dbConn.Open cmdUSER.ActiveConnection = dbConn dbConn.BeginTrans cmdUSER.CommandText = strSQL cmdUSER.Execute 'if an error occurs do not let any database updating occur... If Err.Number <> 0 then dbConn.RollBack message = "An internal system error has occurred.
Error Number: " + Err.Number + "
Error Desc: " + Err.Description + "
Please contact the Facluty Voting and Nominating Committee to resolve this problem.
Please click the BACK button to get to the site navigation bar." Response.Clear Response.Redirect "error.asp?mess=" + Server.URLEncode(message) Response.End End If 'everything went ok, change the database... dbConn.CommitTrans 'update the session variables... Session.Contents("PWD") = Request.Form("txtNEWPASS") Session.Contents("PASSWORDACCESS") = True Set cmdUSER = Nothing dbConn.Close Set dbConn = Nothing End Function Function ValidFields ()%> <% ValidFields = False Dim strSQL Dim message strSQL = "Select * from [USERS] where [USERNAME]= '" & Trim(Request.Form("txtUSER")) & "' and [PASSWORD]= '" & Trim(Request.Form("txtOLDPASS")) & "'" Set rsChk = Server.CreateObject("ADODB.RecordSet") dbConn.Open rsChk.Open strSQL, dbConn ', adOpenKeyset, adLockOptimistic If rsChk.EOF then message = "The old Username/Password combination does not exist.
Please click the BACK button to re-enter your username and password." Response.Clear Response.Redirect "error.asp?mess=" + Server.URLEncode(message) Response.End End if rsChk.Close Set rsChk = Nothing dbConn.Close Set dbConn = Nothing If Trim(Request.Form("txtNEWPASS")) <> Trim(Request.Form("txtCONPASS")) then message = "You did not confirm your new password correctly.
Please ensure that you enter the new password in both
the 'New Password' and 'Confirm Password' boxes correctly.
Please click the BACK button to re-enter your new password." Response.Clear Response.Redirect "error.asp?mess=" + Server.URLEncode(message) Response.End End if If Trim(Request.Form("txtNEWPASS")) = "" then message = "You must enter a new password.
Please ensure that you enter the new password in both
the 'New Password' and 'Confirm Password' boxes correctly.
Please click the BACK button to re-enter your new password." Response.Clear Response.Redirect "error.asp?mess=" + Server.URLEncode(message) Response.End End if If Trim(Request.Form("txtCONPASS")) = "" then message = "You must enter a new password in the 'Confirm Password' box.
Please ensure that you enter the new password in both
the 'New Password' and 'Confirm Password' boxes correctly.
Please click the BACK button to re-enter your new password." Response.Clear Response.Redirect "error.asp?mess=" + Server.URLEncode(message) Response.End End if If Len(Trim(Request.Form("txtNEWPASS"))) < 5 then message ="Your password must be at least 5 characters long.
Please ensure that you enter the new password in both
the 'New Password' and 'Confirm Password' boxes correctly.
Please click the BACK button to re-enter your new password." Response.Clear Response.Redirect "error.asp?mess=" + Server.URLEncode(message) Response.End End if If Len(Trim(Request.Form("txtNEWPASS"))) > 15 then message = "Your password may only be a maximum of 15 characters long.
Please ensure that you enter the new password in both
the 'New Password' and 'Confirm Password' boxes correctly.
Please click the BACK button to re-enter your new password." Response.Clear Response.Redirect "error.asp?mess=" + Server.URLEncode(message) Response.End End if ValidFields = True End Function %> <% Response.End %>