<?php
if (@file_exists('inc/auth.inc.php') && @include_once 'inc/auth.inc.php');
else exit;
require_once 'db-core/db-core.inc.php';
/*
* ezin_admin_password_main()
*/
function ezin_admin_password_main() /* {{{ */
{
global $ezin_sys;
global $ezin_cfg;
global $ezin_db_handle;
global $ezin_user;
$password_save = Platon::get_cgi_var('password_save');
$password_old = Platon::get_cgi_var('password_old');
$password_new = Platon::get_cgi_var('password_new');
$password_new2 = Platon::get_cgi_var('password_new_repeat');
$message = '';
if ($password_save) {
$errors = ezin_admin_password_save($password_old, $password_new, $password_new2);
if (count($errors) == 0) {
$message = 'Password was successfully changed';
}
}
echo '<form class="pme-form" method="post" action="',htmlspecialchars($_SERVER['PHP_SELF']),'">',"\n";
if (stristr($ezin_cfg['admin_buttons_pos'], 'U')) {
ezin_admin_password_buttons($message);
echo '<hr class="pme-hr">',"\n";
}
if ($errors > 0) {
echo '<ul style="color:red;">',"\n";
foreach ($errors as $error) {
echo '<li>',$error,'</li>',"\n";
}
echo '</ul>',"\n";
}
echo '<table class="pme-main" summary="ezin_password">',"\n";
echo '<tr class="pme-row-0">',"\n";
echo '<td class="pme-key-0">Username</td>',"\n";
echo '<td class="pme-value-0"><b>',$ezin_user['username'],'</b></td>',"\n";
echo '</tr>',"\n";
echo '<tr class="pme-row-1">',"\n";
echo '<td class="pme-key-1">Role</td>',"\n";
echo '<td class="pme-value-1">',$ezin_user['role_name'],'</td>',"\n";
echo '</tr>',"\n";
echo '<tr class="pme-row-0">',"\n";
echo '<td class="pme-key-0">Old Password</td>',"\n";
echo '<td class="pme-value-0"><input type="password" name="password_old"></td>',"\n";
echo '</tr>',"\n";
echo '<tr class="pme-row-1">',"\n";
echo '<td class="pme-key-1">New Password</td>',"\n";
echo '<td class="pme-value-1"><input type="password" name="password_new"></td>',"\n";
echo '</tr>',"\n";
echo '<tr class="pme-row-0">',"\n";
echo '<td class="pme-key-0">New Password (repeat)</td>',"\n";
echo '<td class="pme-value-0"><input type="password" name="password_new_repeat"></td>',"\n";
echo '</tr>',"\n";
echo '</table>',"\n";
if (stristr($ezin_cfg['admin_buttons_pos'], 'D')
|| ! stristr($ezin_cfg['admin_buttons_pos'], 'U')) {
echo '<hr class="pme-hr">',"\n";
ezin_admin_password_buttons($message);
}
echo '</form>';
} /* }}} */
function ezin_admin_password_buttons($message) /* {{{ */
{
echo '<table class="pme-navigation">',"\n";
echo '<tr class="pme-navigation"><td class="pme-buttons">',"\n";
echo '<input class="pme-save-password" type="submit" name="password_save" value="Change Password">';
echo '</td>',"\n";
if (strlen($message)) {
echo '<td><b>',$message,'</b></td>';
}
echo '</tr></table>',"\n";
} /* }}} */
function ezin_admin_password_save($password_old, $password_new, $password_new2) /* {{{ */
{
global $ezin_sys;
global $ezin_user;
global $ezin_db_handle;
$ret = array();
if (strcmp(md5($password_old), $ezin_user['password'])) {
$ret[] = 'Old password is incorrect.';
}
if (strcmp($password_new, $password_new2)) {
$ret[] = 'New passwords do not match.';
}
if (strlen($password_new) < 3) {
$ret[] = 'New password too short.';
}
if (count($ret) == 0) {
$query = sprintf('UPDATE %s SET password = "%s" WHERE username = "%s"',
$ezin_sys['db']['tables']['users'], md5($password_new), $ezin_user['username']);
if (mysqli_query($ezin_db_handle, $query) == false) {
$ret[] = 'Database error, password unchanged.';
}
}
return $ret;
} /* }}} */
/*
* main stuff
*/
ezin_check_db_handle();
ezin_admin_password_main();
ezin_close_db_connection();
/* Modeline for ViM {{{
* vim: set ts=4:
* vim600: fdm=marker fdl=0 fdc=0:
* }}} */
?>
Platon Group <platon@platon.sk> http://platon.sk/
|