diff options
Diffstat (limited to 'change_password.php')
| -rw-r--r-- | change_password.php | 40 |
1 files changed, 23 insertions, 17 deletions
diff --git a/change_password.php b/change_password.php index af69133..0130e26 100644 --- a/change_password.php +++ b/change_password.php @@ -1,6 +1,6 @@ <?php /** - * $Header: /cvsroot/bitweaver/_bit_users/change_password.php,v 1.6 2006/08/23 08:29:29 jht001 Exp $ + * $Header: /cvsroot/bitweaver/_bit_users/change_password.php,v 1.7 2006/09/12 19:26:48 spiderr Exp $ * * Copyright (c) 2004 bitweaver.org * Copyright (c) 2003 tikwiki.org @@ -8,7 +8,7 @@ * All Rights Reserved. See copyright.txt for details and a complete list of authors. * Licensed under the GNU LESSER GENERAL PUBLIC LICENSE. See license.txt for details * - * $Id: change_password.php,v 1.6 2006/08/23 08:29:29 jht001 Exp $ + * $Id: change_password.php,v 1.7 2006/09/12 19:26:48 spiderr Exp $ * @package users * @subpackage functions */ @@ -23,36 +23,42 @@ if (!isset($_REQUEST["oldpass"])) $_REQUEST["oldpass"] = ''; if (!isset($_REQUEST["provpass"])) $_REQUEST["provpass"] = ''; + $gBitSmarty->assign('login', $_REQUEST['login']); $gBitSmarty->assign('oldpass', $_REQUEST["oldpass"]); $gBitSmarty->assign('provpass', $_REQUEST["provpass"]); if (isset($_REQUEST["change"])) { - if ($_REQUEST["pass"] != $_REQUEST["pass2"]) { - $gBitSystem->fatalError( tra("The passwords didn't match") ); - } + $userInfo = $gBitUser->getUserInfo( array( 'user_id' => $_REQUEST['user_id'] ) ); + if ($_REQUEST["pass"] == $_REQUEST["oldpass"]) { $gBitSystem->fatalError( tra("You can not use the same password again") ); } - $passsword_error_msg = $gBitUser->verifyPasswordFormat( $_REQUEST["pass"] ); - if (strlen($passsword_error_msg)) { - $gBitSystem->fatalError( $passsword_error_msg ); - } + + if( $passswordError = $gBitUser->verifyPasswordFormat( $_REQUEST["pass"], $_REQUEST["pass2"] ) ) { + $gBitSystem->fatalError( $passswordError ); + } - if (strlen($_REQUEST["provpass"]) ) { - if (!$gBitUser->confirmRegistration($_REQUEST['login'], $_REQUEST["provpass"]) ) { + $validated = FALSE; + if( !empty( $_REQUEST["provpass"] ) ) { + if( !($validated = $gBitUser->confirmRegistration( $userInfo['user_id'], $_REQUEST["provpass"] )) ) { $gBitSystem->fatalError( tra("Password reset request is invalid or has expired") ); } - } - elseif( !$gBitUser->isAdmin() && !$gBitUser->validate($_REQUEST['login'], $_REQUEST["oldpass"], '', '') ) { - $gBitSystem->fatalError( tra("Invalid old password") ); + } elseif( $gBitUser->isRegistered() ) { + if( !( $validated = $gBitUser->validate( $userInfo['login'], $_REQUEST["oldpass"], '', '' )) ) { + $gBitSystem->fatalError( tra("Invalid old password") ); + } + } + + if( $validated ) { + $gBitUser->storePassword( $_REQUEST["pass"], $userInfo['login'] ); + $url = $gBitUser->login( $userInfo['login'], $_REQUEST["pass"] ); } - $gBitUser->storePassword( $_REQUEST["pass"], $_REQUEST['login'] ); - $url = $gBitUser->login( $_REQUEST['login'], $_REQUEST["pass"] ); header ( "location: ".$url ); } // Display the template -$gBitSystem->display( 'bitpackage:users/change_password.tpl'); +$gBitSystem->display( 'bitpackage:users/change_password.tpl', 'Change Password' ); + ?> |
