projects
/
fa-stable.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
0001307: Insufficent quantities "marker" use wrong date in Sales Order
[fa-stable.git]
/
admin
/
change_current_user_password.php
diff --git
a/admin/change_current_user_password.php
b/admin/change_current_user_password.php
index d38f96cd2b3a679e2ca3ba0c61f1e5e562e70bb9..4ed37fb012d1f55c2a13e4e1225179a2263a014b 100644
(file)
--- a/
admin/change_current_user_password.php
+++ b/
admin/change_current_user_password.php
@@
-9,20
+9,17
@@
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
See the License here <http://www.gnu.org/licenses/gpl-3.0.html>.
***********************************************************************/
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
See the License here <http://www.gnu.org/licenses/gpl-3.0.html>.
***********************************************************************/
-$page_security
=1
;
+$page_security
= 'SA_CHGPASSWD'
;
$path_to_root="..";
include_once($path_to_root . "/includes/session.inc");
$path_to_root="..";
include_once($path_to_root . "/includes/session.inc");
-page(_("Change password"));
+page(_(
$help_context =
"Change password"));
include_once($path_to_root . "/includes/date_functions.inc");
include_once($path_to_root . "/includes/ui.inc");
include_once($path_to_root . "/admin/db/users_db.inc");
include_once($path_to_root . "/includes/date_functions.inc");
include_once($path_to_root . "/includes/ui.inc");
include_once($path_to_root . "/admin/db/users_db.inc");
-$selected_id = $_SESSION["wa_current_user"]->username;
-
-
function can_process()
{
function can_process()
{
@@
-33,7
+30,7
@@
function can_process()
return false;
}
return false;
}
- if (strstr($_POST['password'], $_
POST['user_id']
) != false)
+ if (strstr($_POST['password'], $_
SESSION["wa_current_user"]->username
) != false)
{
display_error( _("The password cannot contain the user login."));
set_focus('password');
{
display_error( _("The password cannot contain the user login."));
set_focus('password');
@@
-50,7
+47,7
@@
function can_process()
return true;
}
return true;
}
-if (isset($_POST['UPDATE_ITEM']))
+if (isset($_POST['UPDATE_ITEM'])
&& check_csrf_token()
)
{
if (can_process())
{
if (can_process())
@@
-58,7
+55,9
@@
if (isset($_POST['UPDATE_ITEM']))
if ($allow_demo_mode) {
display_warning(_("Password cannot be changed in demo mode."));
} else {
if ($allow_demo_mode) {
display_warning(_("Password cannot be changed in demo mode."));
} else {
- update_user_password($_POST['user_id'], md5($_POST['password']));
+ update_user_password($_SESSION["wa_current_user"]->user,
+ $_SESSION["wa_current_user"]->username,
+ md5($_POST['password']));
display_notification(_("Your password has been updated."));
}
$Ajax->activate('_page_body');
display_notification(_("Your password has been updated."));
}
$Ajax->activate('_page_body');
@@
-67,34
+66,23
@@
if (isset($_POST['UPDATE_ITEM']))
start_form();
start_form();
-start_table(
$table_style
);
+start_table(
TABLESTYLE
);
-$myrow = get_user($
selected_id
);
+$myrow = get_user($
_SESSION["wa_current_user"]->user
);
-$_POST['user_id'] = $myrow["user_id"];
-hidden('selected_id', $selected_id);
-hidden('user_id', $_POST['user_id']);
-
-label_row(_("User login:"), $_POST['user_id']);
+label_row(_("User login:"), $myrow['user_id']);
$_POST['password'] = "";
$_POST['passwordConfirm'] = "";
$_POST['password'] = "";
$_POST['passwordConfirm'] = "";
-start_row();
-label_cell(_("Password:"));
-label_cell("<input type='password' name='password' size=22 maxlength=20 value='" . $_POST['password'] . "'>");
-end_row();
-
-start_row();
-label_cell(_("Repeat password:"));
-label_cell("<input type='password' name='passwordConfirm' size=22 maxlength=20 value='" . $_POST['passwordConfirm'] . "'>");
-end_row();
+password_row(_("Password:"), 'password', $_POST['password']);
+password_row(_("Repeat password:"), 'passwordConfirm', $_POST['passwordConfirm']);
table_section_title(_("Enter your new password in the fields."));
end_table(1);
table_section_title(_("Enter your new password in the fields."));
end_table(1);
-submit_center( 'UPDATE_ITEM', _('Change password'), true, '',
true
);
+submit_center( 'UPDATE_ITEM', _('Change password'), true, '',
'default'
);
end_form();
end_page();
?>
end_form();
end_page();
?>