summaryrefslogtreecommitdiff
path: root/change_password.php
diff options
context:
space:
mode:
Diffstat (limited to 'change_password.php')
-rw-r--r--change_password.php40
1 files changed, 23 insertions, 17 deletions
diff --git a/change_password.php b/change_password.php
index af69133..0130e26 100644
--- a/change_password.php
+++ b/change_password.php
@@ -1,6 +1,6 @@
<?php
/**
- * $Header: /cvsroot/bitweaver/_bit_users/change_password.php,v 1.6 2006/08/23 08:29:29 jht001 Exp $
+ * $Header: /cvsroot/bitweaver/_bit_users/change_password.php,v 1.7 2006/09/12 19:26:48 spiderr Exp $
*
* Copyright (c) 2004 bitweaver.org
* Copyright (c) 2003 tikwiki.org
@@ -8,7 +8,7 @@
* All Rights Reserved. See copyright.txt for details and a complete list of authors.
* Licensed under the GNU LESSER GENERAL PUBLIC LICENSE. See license.txt for details
*
- * $Id: change_password.php,v 1.6 2006/08/23 08:29:29 jht001 Exp $
+ * $Id: change_password.php,v 1.7 2006/09/12 19:26:48 spiderr Exp $
* @package users
* @subpackage functions
*/
@@ -23,36 +23,42 @@ if (!isset($_REQUEST["oldpass"]))
$_REQUEST["oldpass"] = '';
if (!isset($_REQUEST["provpass"]))
$_REQUEST["provpass"] = '';
+
$gBitSmarty->assign('login', $_REQUEST['login']);
$gBitSmarty->assign('oldpass', $_REQUEST["oldpass"]);
$gBitSmarty->assign('provpass', $_REQUEST["provpass"]);
if (isset($_REQUEST["change"])) {
- if ($_REQUEST["pass"] != $_REQUEST["pass2"]) {
- $gBitSystem->fatalError( tra("The passwords didn't match") );
- }
+ $userInfo = $gBitUser->getUserInfo( array( 'user_id' => $_REQUEST['user_id'] ) );
+
if ($_REQUEST["pass"] == $_REQUEST["oldpass"]) {
$gBitSystem->fatalError( tra("You can not use the same password again") );
}
- $passsword_error_msg = $gBitUser->verifyPasswordFormat( $_REQUEST["pass"] );
- if (strlen($passsword_error_msg)) {
- $gBitSystem->fatalError( $passsword_error_msg );
- }
+
+ if( $passswordError = $gBitUser->verifyPasswordFormat( $_REQUEST["pass"], $_REQUEST["pass2"] ) ) {
+ $gBitSystem->fatalError( $passswordError );
+ }
- if (strlen($_REQUEST["provpass"]) ) {
- if (!$gBitUser->confirmRegistration($_REQUEST['login'], $_REQUEST["provpass"]) ) {
+ $validated = FALSE;
+ if( !empty( $_REQUEST["provpass"] ) ) {
+ if( !($validated = $gBitUser->confirmRegistration( $userInfo['user_id'], $_REQUEST["provpass"] )) ) {
$gBitSystem->fatalError( tra("Password reset request is invalid or has expired") );
}
- }
- elseif( !$gBitUser->isAdmin() && !$gBitUser->validate($_REQUEST['login'], $_REQUEST["oldpass"], '', '') ) {
- $gBitSystem->fatalError( tra("Invalid old password") );
+ } elseif( $gBitUser->isRegistered() ) {
+ if( !( $validated = $gBitUser->validate( $userInfo['login'], $_REQUEST["oldpass"], '', '' )) ) {
+ $gBitSystem->fatalError( tra("Invalid old password") );
+ }
+ }
+
+ if( $validated ) {
+ $gBitUser->storePassword( $_REQUEST["pass"], $userInfo['login'] );
+ $url = $gBitUser->login( $userInfo['login'], $_REQUEST["pass"] );
}
- $gBitUser->storePassword( $_REQUEST["pass"], $_REQUEST['login'] );
- $url = $gBitUser->login( $_REQUEST['login'], $_REQUEST["pass"] );
header ( "location: ".$url );
}
// Display the template
-$gBitSystem->display( 'bitpackage:users/change_password.tpl');
+$gBitSystem->display( 'bitpackage:users/change_password.tpl', 'Change Password' );
+
?>