projects / fa-stable.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Partial changes for new access control system.
[fa-stable.git] / admin / change_current_user_password.php
diff --git a/admin/change_current_user_password.php b/admin/change_current_user_password.php
index 0118d8cb80ac27fef8e9aa9103ee98e457b52ae0..f2b270c8138a38dc0241f501be4d6b69e7587364 100644 (file)
--- a/admin/change_current_user_password.php
+++ b/admin/change_current_user_password.php
@@ -20,9 +20,6 @@ include_once($path_to_root . "/includes/ui.inc");
 
 include_once($path_to_root . "/admin/db/users_db.inc");
 
-$selected_id = $_SESSION["wa_current_user"]->username;
-
-
 function can_process()
 {
 
@@ -33,7 +30,7 @@ function can_process()
                return false;
        }
 
-       if (strstr($_POST['password'], $_POST['user_id']) != false)
+       if (strstr($_POST['password'], $_SESSION["wa_current_user"]->username) != false)
        {
                display_error( _("The password cannot contain the user login."));
                set_focus('password');
@@ -55,8 +52,14 @@ if (isset($_POST['UPDATE_ITEM']))
 
        if (can_process())
        {
-               update_user_password($_POST['user_id'], md5($_POST['password']));
-           display_notification(_("Your password has been updated."));
+               if ($allow_demo_mode) {
+                   display_warning(_("Password cannot be changed in demo mode."));
+               } else {
+                       update_user_password($_SESSION["wa_current_user"]->user, 
+                               $_SESSION["wa_current_user"]->username,
+                               md5($_POST['password']));
+                   display_notification(_("Your password has been updated."));
+               }
                $Ajax->activate('_page_body');
        }
 }
@@ -65,13 +68,9 @@ start_form();
 
 start_table($table_style);
 
-$myrow = get_user($selected_id);
-
-$_POST['user_id'] = $myrow["user_id"];
-hidden('selected_id', $selected_id);
-hidden('user_id', $_POST['user_id']);
+$myrow = get_user($_SESSION["wa_current_user"]->user);
 
-label_row(_("User login:"), $_POST['user_id']);
+label_row(_("User login:"), $myrow['user_id']);
 
 $_POST['password'] = "";
 $_POST['passwordConfirm'] = "";
@@ -90,7 +89,7 @@ table_section_title(_("Enter your new password in the fields."));
 
 end_table(1);
 
-submit_center( 'UPDATE_ITEM', _('Change password'), true, '', true);
+submit_center( 'UPDATE_ITEM', _('Change password'), true, '',  'default');
 end_form();
 end_page();
 ?>
FrontAccounting stable branch