admin/change_current_user_password.php

   1 <?php
   2 /**********************************************************************
   3     Copyright (C) FrontAccounting, LLC.
   4         Released under the terms of the GNU General Public License, GPL,
   5         as published by the Free Software Foundation, either version 3
   6         of the License, or (at your option) any later version.
   7     This program is distributed in the hope that it will be useful,
   8     but WITHOUT ANY WARRANTY; without even the implied warranty of
   9     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
  10     See the License here <http://www.gnu.org/licenses/gpl-3.0.html>.
  11 ***********************************************************************/
  12 $page_security = 'SA_CHGPASSWD';
  13 $path_to_root="..";
  14 include_once($path_to_root . "/includes/session.inc");
  15
  16 page(_($help_context = "Change password"));
  17
  18 include_once($path_to_root . "/includes/date_functions.inc");
  19 include_once($path_to_root . "/includes/ui.inc");
  20
  21 include_once($path_to_root . "/admin/db/users_db.inc");
  22
  23 function can_process()
  24 {
  25
  26         if (strlen($_POST['password']) < 4)
  27         {
  28                 display_error( _("The password entered must be at least 4 characters long."));
  29                 set_focus('password');
  30                 return false;
  31         }
  32
  33         if (strstr($_POST['password'], $_SESSION["wa_current_user"]->username) != false)
  34         {
  35                 display_error( _("The password cannot contain the user login."));
  36                 set_focus('password');
  37                 return false;
  38         }
  39
  40         if ($_POST['password'] != $_POST['passwordConfirm'])
  41         {
  42                 display_error( _("The passwords entered are not the same."));
  43                 set_focus('password');
  44                 return false;
  45         }
  46
  47         return true;
  48 }
  49
  50 if (isset($_POST['UPDATE_ITEM']))
  51 {
  52
  53         if (can_process())
  54         {
  55                 if ($allow_demo_mode) {
  56                     display_warning(_("Password cannot be changed in demo mode."));
  57                 } else {
  58                         update_user_password($_SESSION["wa_current_user"]->user,
  59                                 $_SESSION["wa_current_user"]->username,
  60                                 md5($_POST['password']));
  61                     display_notification(_("Your password has been updated."));
  62                 }
  63                 $Ajax->activate('_page_body');
  64         }
  65 }
  66
  67 start_form();
  68
  69 start_table($table_style);
  70
  71 $myrow = get_user($_SESSION["wa_current_user"]->user);
  72
  73 label_row(_("User login:"), $myrow['user_id']);
  74
  75 $_POST['password'] = "";
  76 $_POST['passwordConfirm'] = "";
  77
  78 start_row();
  79 label_cell(_("Password:"));
  80 label_cell("<input type='password' name='password' size=22 maxlength=20 value='" . $_POST['password'] . "'>");
  81 end_row();
  82
  83 start_row();
  84 label_cell(_("Repeat password:"));
  85 label_cell("<input type='password' name='passwordConfirm' size=22 maxlength=20 value='" . $_POST['passwordConfirm'] . "'>");
  86 end_row();
  87
  88 table_section_title(_("Enter your new password in the fields."));
  89
  90 end_table(1);
  91
  92 submit_center( 'UPDATE_ITEM', _('Change password'), true, '',  'default');
  93 end_form();
  94 end_page();
  95 ?>