admin/change_current_user_password.php

   1 <?php
   2 /**********************************************************************
   3     Copyright (C) FrontAccounting, LLC.
   4         Released under the terms of the GNU General Public License, GPL,
   5         as published by the Free Software Foundation, either version 3
   6         of the License, or (at your option) any later version.
   7     This program is distributed in the hope that it will be useful,
   8     but WITHOUT ANY WARRANTY; without even the implied warranty of
   9     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
  10     See the License here <http://www.gnu.org/licenses/gpl-3.0.html>.
  11 ***********************************************************************/
  12 $page_security=1;
  13 $path_to_root="..";
  14 include_once($path_to_root . "/includes/session.inc");
  15
  16 page(_("Change password"));
  17
  18 include_once($path_to_root . "/includes/date_functions.inc");
  19 include_once($path_to_root . "/includes/ui.inc");
  20
  21 include_once($path_to_root . "/admin/db/users_db.inc");
  22
  23 $selected_id = $_SESSION["wa_current_user"]->username;
  24
  25
  26 function can_process()
  27 {
  28
  29         if (strlen($_POST['password']) < 4)
  30         {
  31                 display_error( _("The password entered must be at least 4 characters long."));
  32                 set_focus('password');
  33                 return false;
  34         }
  35
  36         if (strstr($_POST['password'], $_POST['user_id']) != false)
  37         {
  38                 display_error( _("The password cannot contain the user login."));
  39                 set_focus('password');
  40                 return false;
  41         }
  42
  43         if ($_POST['password'] != $_POST['passwordConfirm'])
  44         {
  45                 display_error( _("The passwords entered are not the same."));
  46                 set_focus('password');
  47                 return false;
  48         }
  49
  50         return true;
  51 }
  52
  53 if (isset($_POST['UPDATE_ITEM']))
  54 {
  55
  56         if (can_process())
  57         {
  58                 if ($allow_demo_mode) {
  59                     display_warning(_("Password cannot be changed in demo mode."));
  60                 } else {
  61                         update_user_password($_POST['user_id'], md5($_POST['password']));
  62                     display_notification(_("Your password has been updated."));
  63                 }
  64                 $Ajax->activate('_page_body');
  65         }
  66 }
  67
  68 start_form();
  69
  70 start_table($table_style);
  71
  72 $myrow = get_user($selected_id);
  73
  74 $_POST['user_id'] = $myrow["user_id"];
  75 hidden('selected_id', $selected_id);
  76 hidden('user_id', $_POST['user_id']);
  77
  78 label_row(_("User login:"), $_POST['user_id']);
  79
  80 $_POST['password'] = "";
  81 $_POST['passwordConfirm'] = "";
  82
  83 start_row();
  84 label_cell(_("Password:"));
  85 label_cell("<input type='password' name='password' size=22 maxlength=20 value='" . $_POST['password'] . "'>");
  86 end_row();
  87
  88 start_row();
  89 label_cell(_("Repeat password:"));
  90 label_cell("<input type='password' name='passwordConfirm' size=22 maxlength=20 value='" . $_POST['passwordConfirm'] . "'>");
  91 end_row();
  92
  93 table_section_title(_("Enter your new password in the fields."));
  94
  95 end_table(1);
  96
  97 submit_center( 'UPDATE_ITEM', _('Change password'), true, '',  'default');
  98 end_form();
  99 end_page();
 100 ?>