Gazelle/sections/userhistory/password_history.php

<?
/************************************************************************
||------------|| Password reset history page ||------------------------||

This page lists password reset IP and Times a user has made on the site. 
It gets called if $_GET['action'] == 'password'.

It also requires $_GET['userid'] in order to get the data for the correct
user.

************************************************************************/

$UserID = $_GET['userid'];
if (!is_number($UserID)) { error(404); }

$DB->query("SELECT um.Username, p.Level AS Class FROM users_main AS um LEFT JOIN permissions AS p ON p.ID=um.PermissionID WHERE um.ID = ".$UserID);
list($Username, $Class) = $DB->next_record();

if(!check_perms('users_view_keys', $Class)) { 
	error(403);
}

show_header("Password reset history for $Username");

$DB->query("SELECT 
	ChangeTime,
	ChangerIP
	FROM users_history_passwords
	WHERE UserID=$UserID
	ORDER BY ChangeTime DESC");

?>
<div class="header">
	<h2>Password reset history for <a href="/user.php?id=<?=$UserID?>"><?=$Username?></a></h2>
</div>
<table width="100%">
	<tr class="colhead">
		<td>Changed</td>
		<td>IP [<a href="/userhistory.php?action=ips&amp;userid=<?=$UserID?>">H</a>]</td>
	</tr>
<? while(list($ChangeTime, $ChangerIP) = $DB->next_record()){ ?>
	<tr class="rowa">
		<td><?=time_diff($ChangeTime)?></td>
		<td><?=display_str($ChangerIP)?> [<a href="/user.php?action=search&amp;ip_history=on&amp;ip=<?=display_str($ChangerIP)?>" title="Search">S</a>]<br /><?=get_host($ChangerIP)?></td>
	</tr>
<? } ?>
</table>
<? show_footer(); ?>
Initial import from revision 11440 2011-03-28 14:21:28 +00:00			`<?`
			`/************************************************************************`
			`\|\|------------\|\| Password reset history page \|\|------------------------\|\|`

			`This page lists password reset IP and Times a user has made on the site.`
			`It gets called if $_GET['action'] == 'password'.`

			`It also requires $_GET['userid'] in order to get the data for the correct`
			`user.`

			`************************************************************************/`

			`$UserID = $_GET['userid'];`
			`if (!is_number($UserID)) { error(404); }`

Loophole in ip histories cleared up Loophole in all histories cleared up Fixing forum mod issues 2011-06-23 08:00:06 +00:00			`$DB->query("SELECT um.Username, p.Level AS Class FROM users_main AS um LEFT JOIN permissions AS p ON p.ID=um.PermissionID WHERE um.ID = ".$UserID);`
			`list($Username, $Class) = $DB->next_record();`

			`if(!check_perms('users_view_keys', $Class)) {`
			`error(403);`
			`}`
Initial import from revision 11440 2011-03-28 14:21:28 +00:00
			`show_header("Password reset history for $Username");`

			`$DB->query("SELECT`
			`ChangeTime,`
			`ChangerIP`
			`FROM users_history_passwords`
			`WHERE UserID=$UserID`
			`ORDER BY ChangeTime DESC");`

			`?>`
Empty commit 2012-08-19 08:00:19 +00:00			`<div class="header">`
			`<h2>Password reset history for <a href="/user.php?id=<?=$UserID?>"><?=$Username?></a></h2>`
			`</div>`
Initial import from revision 11440 2011-03-28 14:21:28 +00:00			`<table width="100%">`
			`<tr class="colhead">`
			`<td>Changed</td>`
Empty commit 2012-09-09 08:00:26 +00:00			`<td>IP [<a href="/userhistory.php?action=ips&userid=<?=$UserID?>">H</a>]</td>`
Initial import from revision 11440 2011-03-28 14:21:28 +00:00			`</tr>`
			`<? while(list($ChangeTime, $ChangerIP) = $DB->next_record()){ ?>`
			`<tr class="rowa">`
			`<td><?=time_diff($ChangeTime)?></td>`
Empty commit 2012-09-09 08:00:26 +00:00			`<td><?=display_str($ChangerIP)?> [<a href="/user.php?action=search&ip_history=on&ip=<?=display_str($ChangerIP)?>" title="Search">S</a>]<br /><?=get_host($ChangerIP)?></td>`
Initial import from revision 11440 2011-03-28 14:21:28 +00:00			`</tr>`
			`<? } ?>`
			`</table>`
			`<? show_footer(); ?>`