<% Option Explicit %>
<!--#include file="common.asp" -->
<!--#include file="functions/functions_hash1way.asp" -->
<%

'Set the response buffer to true
Response.Buffer = True 


'If the session variable is False or does not exsist then redirect the user to the unauthorised user page
If Session("blnIsUserGood") = False or IsNull(Session("blnIsUserGood")) = True then
	
	'Reset Server Variables
	Set rsCommon = Nothing	
	adoCon.Close
	Set adoCon = Nothing
	
	'Redirect to unathorised user page
	Response.Redirect"unauthorised_user_page.htm"
End If


'Dimension variables					
Dim strMode			'holds the mode of the page, set to true if changes are to be made to the database
Dim strNewUsername		'Holds the new username
Dim strNewPassword		'Holds the new password
Dim strUsername
Dim strPassword
Dim strEncyptedPassword


'Read in the users details from the form
strNewUsername = Request.Form("name2")
strNewPassword = Request.Form("password2")
strMode = Request.Form("mode")


	

'Initalise the strSQL variable with an SQL statement to query the database
strSQL = "SELECT " & strDbTable & "Configuration3.username," & strDbTable & "Configuration3.Password From " & strDbTable & "Configuration3;"

'Set the cursor type property of the record set to Dynamic so we can navigate through the record set
rsCommon.CursorType = 2

'Set the Lock Type for the records so that the record set is only locked when it is updated
rsCommon.LockType = 3
	
'Query the database
rsCommon.Open strSQL, adoCon


'If there is a record returned read in the details or update it
If NOT rsCommon.EOF Then
	
	'Read in the Username and password from the recordset
	strUsername = rsCommon("username")
	strPassword = rsCommon("Password")

	'If the user is changing there username and password then update the database
	If strMode = "change" Then	
		
               	
	
		'Update the recordset	
		rsCommon.Fields("username") = strNewUsername
		rsCommon.Fields("Password") = strNewPassword
			
				
		'Update the database with the new user's details
		rsCommon.Update
		
		'Re-run the NewUser query to read in the updated recordset from the database
		rsCommon.Requery	
		
		strUsername = rsCommon("username")
		
	End If
End If


'Reset Server Variables
rsCommon.Close
Set rsCommon = Nothing	
adoCon.Close
Set adoCon = Nothing


%>  
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title>Change Admin Username &amp; Password</title>

<!-- The Web Wiz Guestbook v. <% = strVersion %> is written by Bruce Corkhill 2001-2003
    	 If you want your Guestbook then goto http://www.webwizguide.info --> 
		
<!-- Check the from is filled in correctly before submitting -->
<script  language="JavaScript">
<!-- Hide from older browsers...

//Function to check form is filled in correctly before submitting
function CheckForm () {

	//Check for a Username
	if (document.frmChangePassword.name2.value==""){
		alert("Please enter your a Username");
		document.frmChangePassword.name2.focus();
		return false;
	}
	
	//Check for a Password
	if (document.frmChangePassword.password2.value==""){
		alert("Please enter your a Password");
		document.frmChangePassword.password2.focus();
		return false;
	}
	
	//Check both passwords are the same
        if ((document.frmChangePassword.password.value) != (document.frmChangePassword.password2.value)){
                alert("The passwords entered do not match");
		document.frmChangePassword.password2.focus();
		return false;
        }
	
	return true
}
// -->
</script>
     	
</head>
<body bgcolor="#FFFFFF" text="#000000">
<h1 align="center">Change Admin Username &amp; Password</h1>
<div align="center">
 <p><a href="user_menu.asp" target="_self">Return to the the Administration Menu</a><br>
  <br>
  Make sure you <b>remember</b> the new<b> username</b> and <b>password</b> <br>
  as you <b>will not</b> be able to Login or <b>Administer the Guestbook without them</b>!!!</p>
 <p>Passwords are 160bit one way encrypted and so can not be recovered if you do forget your password!!<br>
  <br>
 </p>
</div>
<form method="post" name="frmChangePassword" action="change_manager_username.asp" onSubmit="return CheckForm();">
  <table width="483" border="0" cellspacing="0" cellpadding="0" align="center" bgcolor="#000000" height="30">
    <tr> 
      <td height="2" width="483" align="center"> 
        <table width="100%" border="0" cellspacing="1" cellpadding="2">
          <tr> 
            <td bgcolor="#FFFFFF"> 
              <table width="100%" border="0" cellspacing="0" cellpadding="2">
                <tr> 
                  <td align="right" width="29%">Username:&nbsp;&nbsp;</td>
                  <td width="71%"> 
                    <input type="text" name="name2" size="15" maxlength="15" value="<% = strUsername %>" >
                  </td>
                </tr>
                <tr>
         <td width="40%" align="right" class="text">Password:&nbsp; </td>
         <td width="60%"> <input type="password" Name="password" size="15" maxlength="15"> </td>
        </tr>
        <tr>
         <td width="40%" align="right" class="text">Confirm Password:&nbsp; </td>
         <td width="60%"> <input type="password" Name="password2" size="15" maxlength="15"> </td>
        </tr>
        <tr>
                <tr> 
                  <td align="right" width="29%">
                    <input type="hidden" name="mode" value="change">
                  </td>
                  <td width="71%"> 
                    <input type="submit" name="Submit" value="Update Details">
                    <input type="reset" name="Reset" value="Clear">
                  </td>
                </tr>
              </table>
            </td>
          </tr>
        </table>
      </td>
    </tr>
  </table>
</form>
<br>
</body>
</html>
