Beehive PHP Cross Reference Discussion Forums

Source: /admin_forum_set_passwd.php - 248 lines - 8808 bytes - Summary - Text - Print

   1  <?php
   2  
   3  /*======================================================================
   4  Copyright Project Beehive Forum 2002
   5  
   6  This file is part of Beehive Forum.
   7  
   8  Beehive Forum is free software; you can redistribute it and/or modify
   9  it under the terms of the GNU General Public License as published by
  10  the Free Software Foundation; either version 3 of the License, or
  11  (at your option) any later version.
  12  
  13  Beehive Forum is distributed in the hope that it will be useful,
  14  but WITHOUT ANY WARRANTY; without even the implied warranty of
  15  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  16  GNU General Public License for more details.
  17  
  18  You should have received a copy of the GNU General Public License
  19  along with Beehive; if not, write to the Free Software
  20  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307
  21  USA
  22  ======================================================================*/
  23  
  24  // Bootstrap
  25  require_once  'boot.php';
  26  
  27  // Required includes
  28  require_once  BH_INCLUDE_PATH . 'admin.inc.php';
  29  require_once  BH_INCLUDE_PATH . 'constants.inc.php';
  30  require_once  BH_INCLUDE_PATH . 'form.inc.php';
  31  require_once  BH_INCLUDE_PATH . 'format.inc.php';
  32  require_once  BH_INCLUDE_PATH . 'forum.inc.php';
  33  require_once  BH_INCLUDE_PATH . 'header.inc.php';
  34  require_once  BH_INCLUDE_PATH . 'html.inc.php';
  35  require_once  BH_INCLUDE_PATH . 'server.inc.php';
  36  require_once  BH_INCLUDE_PATH . 'session.inc.php';
  37  // End Required includes
  38  
  39  // Check we're logged in correctly
  40  if (!session::logged_in()) {
  41      html_guest_error();
  42  }
  43  
  44  // Check we have Admin / Moderator access
  45  if (!(session::check_perm(USER_PERM_ADMIN_TOOLS, 0)) || (forum_get_setting('access_level', FORUM_DISABLED))) {
  46      html_draw_error(gettext("You do not have permission to use this section."));
  47  }
  48  
  49  // Perform additional admin login.
  50  admin_check_credentials();
  51  
  52  // Get the forum settings
  53  $forum_settings = forum_get_settings();
  54  
  55  // Get forum fid
  56  $forum_fid = get_forum_fid();
  57  
  58  // Array to hold error messages
  59  $error_msg_array = array();
  60  
  61  $t_confirm_passwd = null;
  62  $t_new_passwd = null;
  63  $t_current_passhash = null;
  64  
  65  if (isset($_GET['ret']) && strlen(trim($_GET['ret'])) > 0) {
  66      $ret = rawurldecode(trim($_GET['ret']));
  67  } else if (isset($_POST['ret']) && strlen(trim($_POST['ret'])) > 0) {
  68      $ret = trim($_POST['ret']);
  69  } else {
  70      $ret = "admin_forums.php?webtag=$webtag";
  71  }
  72  
  73  // validate the return to page
  74  if (isset($ret) && strlen(trim($ret)) > 0) {
  75  
  76      $available_files_preg = implode("|^", array_map('preg_quote_callback', get_available_files()));
  77  
  78      if (preg_match("/^$available_files_preg/u", basename($ret)) < 1) {
  79          $ret = "admin_forums.php?webtag=$webtag";
  80      }
  81  }
  82  
  83  if (isset($_POST['back'])) {
  84      header_redirect($ret);
  85  }
  86  
  87  if (isset($_POST['enable'])) {
  88  
  89      if (forum_update_access($forum_fid, FORUM_PASSWD_PROTECTED)) {
  90  
  91          header_redirect("admin_forum_set_passwd.php?webtag=$webtag");
  92          exit;
  93      }
  94  }
  95  
  96  if (!forum_get_setting('access_level', FORUM_PASSWD_PROTECTED)) {
  97      html_draw_error(gettext("Forum is not set to Password Protected Mode. Do you want to enable it now?"), 'admin_forum_set_passwd.php', 'post', array(
  98          'enable' => gettext("Enable"),
  99          'back' => gettext("Back")
 100      ), array('ret' => $ret), '_self', 'center');
 101  }
 102  
 103  if (isset($_POST['save'])) {
 104  
 105      $valid = true;
 106  
 107      if (($forum_passhash = forum_get_password($forum_settings['fid'])) !== false) {
 108  
 109          if (isset($_POST['current_passwd']) && strlen(trim($_POST['current_passwd'])) > 0) {
 110              $t_current_passhash = md5(trim($_POST['current_passwd']));
 111          } else {
 112              $error_msg_array[] = gettext("Current Password is required");
 113              $valid = false;
 114          }
 115  
 116          if ($valid) {
 117  
 118              if (strcmp($t_current_passhash, $forum_passhash) <> 0) {
 119  
 120                  $error_msg_array[] = gettext("Current Password does not match saved password");
 121                  $valid = false;
 122              }
 123          }
 124      }
 125  
 126      if (isset($_POST['new_passwd']) && strlen(trim($_POST['new_passwd'])) > 0) {
 127          $t_new_passwd = trim($_POST['new_passwd']);
 128      } else {
 129          $error_msg_array[] = gettext("New Password is required");
 130          $valid = false;
 131      }
 132  
 133      if (isset($_POST['confirm_passwd']) && strlen(trim($_POST['confirm_passwd'])) > 0) {
 134          $t_confirm_passwd = trim($_POST['confirm_passwd']);
 135      } else {
 136          $error_msg_array[] = gettext("Confirm Password is required");
 137          $valid = false;
 138      }
 139  
 140      if ($valid) {
 141  
 142          if (strcmp($t_new_passwd, $t_confirm_passwd) <> 0) {
 143  
 144              $error_msg_array[] = gettext("Passwords do not match");
 145              $valid = false;
 146          }
 147  
 148          if (mb_strlen($t_new_passwd) < 6) {
 149  
 150              $error_msg_array[] = gettext("Password must be a minimum of 6 characters long");
 151              $valid = false;
 152          }
 153  
 154          if (htmlentities_array($t_new_passwd) != $t_new_passwd) {
 155  
 156              $error_msg_array[] = gettext("Password must not contain HTML tags");
 157              $valid = false;
 158          }
 159  
 160          if ($valid) {
 161  
 162              if (forum_update_password($forum_fid, $t_new_passwd)) {
 163  
 164                  header_redirect("admin_forum_set_passwd.php?webtag=$webtag&ret=$ret&updated=true");
 165                  exit;
 166              }
 167          }
 168      }
 169  }
 170  
 171  html_draw_top(sprintf('title=%s', gettext("Admin - Change Password")), 'class=window_title', 'main_css=admin.css');
 172  
 173  echo "<h1>", gettext("Admin"), "<img src=\"", html_style_image('separator.png'), "\" alt=\"\" border=\"0\" />", gettext("Change Password"), "</h1>\n";
 174  
 175  if (isset($error_msg_array) && sizeof($error_msg_array) > 0) {
 176  
 177      html_display_error_array($error_msg_array, '450', 'center');
 178  
 179  } else if (isset($_GET['updated'])) {
 180  
 181      html_display_success_msg(gettext("Password changed"), '450', 'center');
 182  }
 183  
 184  echo "<br />\n";
 185  echo "<div align=\"center\">\n";
 186  echo "<form accept-charset=\"utf-8\" name=\"passwd\" action=\"admin_forum_set_passwd.php\" method=\"post\" target=\"_self\">\n";
 187  echo "  ", form_input_hidden('webtag', htmlentities_array($webtag)), "\n";
 188  echo "  ", form_input_hidden('ret', htmlentities_array($ret)), "\n";
 189  echo "  <table cellpadding=\"0\" cellspacing=\"0\" width=\"450\">\n";
 190  echo "    <tr>\n";
 191  echo "      <td align=\"left\">\n";
 192  echo "        <table class=\"box\" width=\"100%\">\n";
 193  echo "          <tr>\n";
 194  echo "            <td align=\"left\" class=\"posthead\">\n";
 195  echo "              <table class=\"posthead\" width=\"100%\">\n";
 196  echo "                <tr>\n";
 197  echo "                  <td align=\"left\" class=\"subhead\">", gettext("Change Password"), "</td>\n";
 198  echo "                </tr>\n";
 199  echo "                <tr>\n";
 200  echo "                  <td align=\"center\">\n";
 201  echo "                    <table class=\"posthead\" width=\"95%\">\n";
 202  
 203  if (forum_get_password($forum_settings['fid'])) {
 204  
 205      echo "                      <tr>\n";
 206      echo "                        <td align=\"left\">", gettext("Current Password"), ":</td>\n";
 207      echo "                        <td align=\"left\">", form_input_password("current_passwd", null, 27, null, "autocomplete=\"off\""), "&nbsp;</td>\n";
 208      echo "                      </tr>\n";
 209      echo "                      <tr>\n";
 210      echo "                        <td align=\"left\">", gettext("New Password"), ":</td>\n";
 211      echo "                        <td align=\"left\">", form_input_password("new_passwd", null, 27, null, "autocomplete=\"off\""), "&nbsp;</td>\n";
 212      echo "                      </tr>\n";
 213  
 214  } else {
 215  
 216      echo "                      <tr>\n";
 217      echo "                        <td align=\"left\">", gettext("Password"), ":</td>\n";
 218      echo "                        <td align=\"left\">", form_input_password("new_passwd", null, 27, null, "autocomplete=\"off\""), "&nbsp;</td>\n";
 219      echo "                      </tr>\n";
 220  }
 221  
 222  echo "                      <tr>\n";
 223  echo "                        <td align=\"left\">", gettext("Confirm Password"), ":</td>\n";
 224  echo "                        <td align=\"left\">", form_input_password("confirm_passwd", null, 27, null, "autocomplete=\"off\""), "&nbsp;</td>\n";
 225  echo "                      </tr>\n";
 226  echo "                      <tr>\n";
 227  echo "                        <td align=\"left\">&nbsp;</td>\n";
 228  echo "                      </tr>\n";
 229  echo "                    </table>\n";
 230  echo "                  </td>\n";
 231  echo "                </tr>\n";
 232  echo "              </table>\n";
 233  echo "            </td>\n";
 234  echo "          </tr>\n";
 235  echo "        </table>\n";
 236  echo "      </td>\n";
 237  echo "    </tr>\n";
 238  echo "    <tr>\n";
 239  echo "      <td align=\"left\">&nbsp;</td>\n";
 240  echo "    </tr>\n";
 241  echo "    <tr>\n";
 242  echo "      <td align=\"center\">", form_submit("save", gettext("Save")), "&nbsp;", form_submit("back", gettext("Back")), "</td>\n";
 243  echo "    </tr>\n";
 244  echo "  </table>\n";
 245  echo "</form>\n";
 246  echo "</div>\n";
 247  
 248  html_draw_bottom();

title

Description

title

Description

title

Description

title

title

Body