admin/change_current_user_password.php

   1 <?php
   2 /**********************************************************************
   3     Copyright (C) FrontAccounting, LLC.
   4         Released under the terms of the GNU General Public License, GPL,
   5         as published by the Free Software Foundation, either version 3
   6         of the License, or (at your option) any later version.
   7     This program is distributed in the hope that it will be useful,
   8     but WITHOUT ANY WARRANTY; without even the implied warranty of
   9     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
  10     See the License here <http://www.gnu.org/licenses/gpl-3.0.html>.
  11 ***********************************************************************/
  12 $page_security=1;
  13 $path_to_root="..";
  14 include_once($path_to_root . "/includes/session.inc");
  15
  16 page(_("Change password"));
  17
  18 include_once($path_to_root . "/includes/date_functions.inc");
  19 include_once($path_to_root . "/includes/ui.inc");
  20
  21 include_once($path_to_root . "/admin/db/users_db.inc");
  22
  23 $selected_id = $_SESSION["wa_current_user"]->username;
  24
  25
  26 function can_process()
  27 {
  28
  29         if (strlen($_POST['password']) < 4)
  30         {
  31                 display_error( _("The password entered must be at least 4 characters long."));
  32                 set_focus('password');
  33                 return false;
  34         }
  35
  36         if (strstr($_POST['password'], $_POST['user_id']) != false)
  37         {
  38                 display_error( _("The password cannot contain the user login."));
  39                 set_focus('password');
  40                 return false;
  41         }
  42
  43         if ($_POST['password'] != $_POST['passwordConfirm'])
  44         {
  45                 display_error( _("The passwords entered are not the same."));
  46                 set_focus('password');
  47                 return false;
  48         }
  49
  50         return true;
  51 }
  52
  53 if (isset($_POST['UPDATE_ITEM']))
  54 {
  55
  56         if (can_process())
  57         {
  58                 update_user_password($_POST['user_id'], md5($_POST['password']));
  59             display_notification(_("Your password has been updated."));
  60                 $Ajax->activate('_page_body');
  61         }
  62 }
  63
  64 start_form();
  65
  66 start_table($table_style);
  67
  68 $myrow = get_user($selected_id);
  69
  70 $_POST['user_id'] = $myrow["user_id"];
  71 hidden('selected_id', $selected_id);
  72 hidden('user_id', $_POST['user_id']);
  73
  74 label_row(_("User login:"), $_POST['user_id']);
  75
  76 $_POST['password'] = "";
  77 $_POST['passwordConfirm'] = "";
  78
  79 start_row();
  80 label_cell(_("Password:"));
  81 label_cell("<input type='password' name='password' size=22 maxlength=20 value='" . $_POST['password'] . "'>");
  82 end_row();
  83
  84 start_row();
  85 label_cell(_("Repeat password:"));
  86 label_cell("<input type='password' name='passwordConfirm' size=22 maxlength=20 value='" . $_POST['passwordConfirm'] . "'>");
  87 end_row();
  88
  89 table_section_title(_("Enter your new password in the fields."));
  90
  91 end_table(1);
  92
  93 submit_center( 'UPDATE_ITEM', _('Change password'), true, '', true);
  94 end_form();
  95 end_page();
  96 ?>