-
Notifications
You must be signed in to change notification settings - Fork 35
/
Copy pathchange_password.php
85 lines (73 loc) · 2.37 KB
/
change_password.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
<?php
/************************************************************************/
/* AContent */
/************************************************************************/
/* Copyright (c) 2010 */
/* Inclusive Design Institute */
/* */
/* This program is free software. You can redistribute it and/or */
/* modify it under the terms of the GNU General Public License */
/* as published by the Free Software Foundation. */
/************************************************************************/
define('TR_INCLUDE_PATH', '../include/');
require(TR_INCLUDE_PATH.'vitals.inc.php');
global $_current_user;
if (!isset($_current_user)) {
require(TR_INCLUDE_PATH.'header.inc.php');
$msg->printInfos('INVALID_USER');
require(TR_INCLUDE_PATH.'footer.inc.php');
exit;
}
if (isset($_POST['cancel'])) {
$msg->addFeedback('CANCELLED');
Header('Location: ../index.php');
exit;
}
if (isset($_POST['submit'])) {
if (!empty($_POST['form_old_password_hidden']))
{
//check if old password entered is correct
if ($row = $_current_user->getInfo())
{
if ($row['password'] != $_POST['form_old_password_hidden'])
{
$msg->addError('WRONG_PASSWORD');
Header('Location: change_password.php');
exit;
}
}
}
else
{
$msg->addError(array('EMPTY_FIELDS', _AT('password')));
header('Location: change_password.php');
exit;
}
/* password check: password is verified front end by javascript. here is to handle the errors from javascript */
if ($_POST['password_error'] <> "")
{
$pwd_errors = explode(",", $_POST['password_error']);
foreach ($pwd_errors as $pwd_error)
{
if ($pwd_error == "missing_password")
$missing_fields[] = _AT('password');
else
$msg->addError($pwd_error);
}
}
if (!$msg->containsErrors()) {
// insert into the db.
$password = $_POST['form_password_hidden'];
if (!$_current_user->setPassword($password))
{
require(TR_INCLUDE_PATH.'header.inc.php');
$msg->printErrors('DB_NOT_UPDATED');
require(TR_INCLUDE_PATH.'footer.inc.php');
exit;
}
$msg->addFeedback('PASSWORD_CHANGED');
}
}
/* template starts here */
$savant->display('profile/change_password.tmpl.php');
?>