admin/change_current_user_password.php

   1 <?php
   2
   3 $page_security=1;
   4 $path_to_root="..";
   5 include_once($path_to_root . "/includes/session.inc");
   6
   7 page(_("Change password"));
   8
   9 include_once($path_to_root . "/includes/date_functions.inc");
  10 include_once($path_to_root . "/includes/ui.inc");
  11
  12 include_once($path_to_root . "/admin/db/users_db.inc");
  13
  14 $selected_id = $_SESSION["wa_current_user"]->username;
  15
  16
  17 if (isset($_GET['UpdatedID']))
  18 {
  19     display_notification_centered(_("Your password has been updated."));
  20 }
  21
  22 function can_process()
  23 {
  24
  25         if (strlen($_POST['password']) < 4)
  26         {
  27                 display_error( _("The password entered must be at least 4 characters long."));
  28                 set_focus('password');
  29                 return false;
  30         }
  31
  32         if (strstr($_POST['password'], $_POST['user_id']) != false)
  33         {
  34                 display_error( _("The password cannot contain the user login."));
  35                 set_focus('password');
  36                 return false;
  37         }
  38
  39         if ($_POST['password'] != $_POST['passwordConfirm'])
  40         {
  41                 display_error( _("The passwords entered are not the same."));
  42                 set_focus('password');
  43                 return false;
  44         }
  45
  46         return true;
  47 }
  48
  49 if (isset($_POST['UPDATE_ITEM']))
  50 {
  51
  52         if (can_process())
  53         {
  54         if (isset($selected_id))
  55         {
  56                 if ($_POST['password'] != "")
  57                         update_user_password($_POST['user_id'], md5($_POST['password']));
  58
  59                         unset($selected_id);
  60                 meta_forward($_SERVER['PHP_SELF'], "UpdatedID=1");
  61         }
  62         }
  63 }
  64
  65 start_form();
  66
  67 start_table($table_style);
  68
  69 if (isset($selected_id))
  70 {
  71         //editing an existing User
  72
  73         $myrow = get_user($selected_id);
  74
  75         $_POST['user_id'] = $myrow["user_id"];
  76         hidden('selected_id', $selected_id);
  77         hidden('user_id', $_POST['user_id']);
  78
  79         label_row(_("User login:"), $_POST['user_id']);
  80
  81 }
  82 $_POST['password'] = "";
  83 $_POST['passwordConfirm'] = "";
  84
  85 start_row();
  86 label_cell(_("Password:"));
  87 label_cell("<input type='password' name='password' size=22 maxlength=20 value='" . $_POST['password'] . "'>");
  88 end_row();
  89
  90 start_row();
  91 label_cell(_("Repeat password:"));
  92 label_cell("<input type='password' name='passwordConfirm' size=22 maxlength=20 value='" . $_POST['passwordConfirm'] . "'>");
  93 end_row();
  94
  95 if (isset($selected_id))
  96 {
  97         table_section_title(_("Enter your new password in the fields."));
  98 }
  99
 100 end_table(1);
 101
 102 submit_add_or_update_center(!isset($selected_id));
 103
 104 end_form();
 105 end_page();
 106 ?>