X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;f=admin%2Fchange_current_user_password.php;h=bb7c9cb0736be78c9dbc2f3de0c19d289657de54;hb=0bf933423b9645bcb57390c478d4fdaf0c895049;hp=817c94f64a94910364c66d3625f2aef3de01a5a2;hpb=f04f9423d630b18806748d0bc7bd931f70878cbc;p=fa-stable.git

diff --git a/admin/change_current_user_password.php b/admin/change_current_user_password.php
index 817c94f6..bb7c9cb0 100644
--- a/admin/change_current_user_password.php
+++ b/admin/change_current_user_password.php
@@ -1,24 +1,25 @@
 <?php
-
-$page_security=1;
+/**********************************************************************
+    Copyright (C) FrontAccounting, LLC.
+	Released under the terms of the GNU General Public License, GPL, 
+	as published by the Free Software Foundation, either version 3 
+	of the License, or (at your option) any later version.
+    This program is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  
+    See the License here <http://www.gnu.org/licenses/gpl-3.0.html>.
+***********************************************************************/
+$page_security = 'SA_CHGPASSWD';
 $path_to_root="..";
 include_once($path_to_root . "/includes/session.inc");
 
-page(_("Change password"));
+page(_($help_context = "Change password"));
 
 include_once($path_to_root . "/includes/date_functions.inc");
 include_once($path_to_root . "/includes/ui.inc");
 
 include_once($path_to_root . "/admin/db/users_db.inc");
 
-$selected_id = $_SESSION["wa_current_user"]->username;
-
-
-if (isset($_GET['UpdatedID']))
-{
-    display_notification_centered(_("Your password has been updated."));
-}
-
 function can_process()
 {
 
@@ -29,7 +30,7 @@ function can_process()
    		return false;
    	}
 
-   	if (strstr($_POST['password'], $_POST['user_id']) != false)
+   	if (strstr($_POST['password'], $_SESSION["wa_current_user"]->username) != false)
    	{
    		display_error( _("The password cannot contain the user login."));
 		set_focus('password');
@@ -51,14 +52,15 @@ if (isset($_POST['UPDATE_ITEM']))
 
 	if (can_process())
 	{
-    	if (isset($selected_id))
-    	{
-    		if ($_POST['password'] != "")
-    			update_user_password($_POST['user_id'], md5($_POST['password']));
-
-			unset($selected_id);
-    		meta_forward($_SERVER['PHP_SELF'], "UpdatedID=1");
-    	}
+		if ($allow_demo_mode) {
+		    display_warning(_("Password cannot be changed in demo mode."));
+		} else {
+			update_user_password($_SESSION["wa_current_user"]->user, 
+				$_SESSION["wa_current_user"]->username,
+				md5($_POST['password']));
+		    display_notification(_("Your password has been updated."));
+		}
+		$Ajax->activate('_page_body');
 	}
 }
 
@@ -66,19 +68,10 @@ start_form();
 
 start_table($table_style);
 
-if (isset($selected_id))
-{
-	//editing an existing User
+$myrow = get_user($_SESSION["wa_current_user"]->user);
 
-	$myrow = get_user($selected_id);
+label_row(_("User login:"), $myrow['user_id']);
 
-	$_POST['user_id'] = $myrow["user_id"];
-	hidden('selected_id', $selected_id);
-	hidden('user_id', $_POST['user_id']);
-
-	label_row(_("User login:"), $_POST['user_id']);
-
-}
 $_POST['password'] = "";
 $_POST['passwordConfirm'] = "";
 
@@ -92,15 +85,11 @@ label_cell(_("Repeat password:"));
 label_cell("<input type='password' name='passwordConfirm' size=22 maxlength=20 value='" . $_POST['passwordConfirm'] . "'>");
 end_row();
 
-if (isset($selected_id))
-{
-	table_section_title(_("Enter your new password in the fields."));
-}
+table_section_title(_("Enter your new password in the fields."));
 
 end_table(1);
 
-submit_add_or_update_center(!isset($selected_id));
-
+submit_center( 'UPDATE_ITEM', _('Change password'), true, '',  'default');
 end_form();
 end_page();
 ?>