Beehive PHP Cross Reference Discussion Forums

Source: /edit_password.php - 199 lines - 6589 bytes - Summary - Text - Print

   1  <?php
   2  
   3  /*======================================================================
   4  Copyright Project Beehive Forum 2002
   5  
   6  This file is part of Beehive Forum.
   7  
   8  Beehive Forum is free software; you can redistribute it and/or modify
   9  it under the terms of the GNU General Public License as published by
  10  the Free Software Foundation; either version 3 of the License, or
  11  (at your option) any later version.
  12  
  13  Beehive Forum is distributed in the hope that it will be useful,
  14  but WITHOUT ANY WARRANTY; without even the implied warranty of
  15  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  16  GNU General Public License for more details.
  17  
  18  You should have received a copy of the GNU General Public License
  19  along with Beehive; if not, write to the Free Software
  20  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307
  21  USA
  22  ======================================================================*/
  23  
  24  // Bootstrap
  25  require_once  'boot.php';
  26  
  27  // Required includes
  28  require_once  BH_INCLUDE_PATH . 'constants.inc.php';
  29  require_once  BH_INCLUDE_PATH . 'form.inc.php';
  30  require_once  BH_INCLUDE_PATH . 'format.inc.php';
  31  require_once  BH_INCLUDE_PATH . 'header.inc.php';
  32  require_once  BH_INCLUDE_PATH . 'html.inc.php';
  33  require_once  BH_INCLUDE_PATH . 'session.inc.php';
  34  require_once  BH_INCLUDE_PATH . 'user.inc.php';
  35  // End Required includes
  36  
  37  // Check we're logged in correctly
  38  if (!session::logged_in()) {
  39      html_guest_error();
  40  }
  41  
  42  // Array to hold error messages
  43  $error_msg_array = array();
  44  
  45  // Arrays to hold our cookie data
  46  $username_array = array();
  47  $password_array = array();
  48  $passhash_array = array();
  49  
  50  $t_new_pass = null;
  51  $t_confirm_pass = null;
  52  $t_old_pass = null;
  53  
  54  // Submit code
  55  if (isset($_POST['save'])) {
  56  
  57      $valid = true;
  58  
  59      if (isset($_POST['opw']) && strlen(trim($_POST['opw'])) > 0) {
  60  
  61          $t_old_pass = trim($_POST['opw']);
  62  
  63      } else {
  64  
  65          $error_msg_array[] = gettext("You must enter your current password");
  66          $valid = false;
  67      }
  68  
  69      if (isset($_POST['npw']) && strlen(trim($_POST['npw'])) > 0) {
  70  
  71          $t_new_pass = trim($_POST['npw']);
  72  
  73      } else {
  74  
  75          $error_msg_array[] = gettext("You must enter a new password");
  76          $valid = false;
  77      }
  78  
  79      if (isset($_POST['cpw']) && strlen(trim($_POST['cpw'])) > 0) {
  80  
  81          $t_confirm_pass = trim($_POST['cpw']);
  82  
  83      } else {
  84  
  85          $error_msg_array[] = gettext("You must confirm your new password");
  86          $valid = false;
  87      }
  88  
  89      if ($valid) {
  90  
  91          if ($t_new_pass != $t_confirm_pass) {
  92  
  93              $error_msg_array[] = gettext("Passwords do not match");
  94              $valid = false;
  95          }
  96  
  97          if (htmlentities_array($t_new_pass) != $t_new_pass) {
  98  
  99              $error_msg_array[] = gettext("Password must not contain HTML tags");
 100              $valid = false;
 101          }
 102  
 103          if (mb_strlen($t_new_pass) < 6) {
 104  
 105              $error_msg_array[] = gettext("Password must be a minimum of 6 characters long");
 106              $valid = false;
 107          }
 108  
 109          if ($t_old_pass == $t_new_pass) {
 110  
 111              $error_msg_array[] = gettext("New and old passwords are the same.");
 112              $valid = false;
 113          }
 114  
 115          if ($valid) {
 116  
 117              // Update the password and cookie
 118              if (user_change_password($_SESSION['UID'], $t_new_pass, $t_old_pass)) {
 119  
 120                  // Force redirect to prevent refreshing the page
 121                  // prompting to user to resubmit form data.
 122                  header_redirect("edit_password.php?webtag=$webtag&updated=true", gettext("Password changed"));
 123                  exit;
 124  
 125              } else {
 126  
 127                  $error_msg_array[] = gettext("Update failed");
 128                  $valid = false;
 129              }
 130          }
 131      }
 132  }
 133  
 134  // Start Output Here
 135  html_draw_top(sprintf('title=%s', gettext("My Controls - Change Password")), 'class=window_title');
 136  
 137  echo "<h1>", gettext("Change Password"), "</h1>\n";
 138  
 139  if (isset($error_msg_array) && sizeof($error_msg_array) > 0) {
 140  
 141      html_display_error_array($error_msg_array, '700', 'left');
 142  
 143  } else if (isset($_GET['updated'])) {
 144  
 145      html_display_success_msg(gettext("Preferences were successfully updated."), '700', 'left');
 146  }
 147  
 148  echo "<br />\n";
 149  echo "<form accept-charset=\"utf-8\" name=\"prefs\" action=\"edit_password.php\" method=\"post\" target=\"_self\">\n";
 150  echo "  ", form_input_hidden('webtag', htmlentities_array($webtag)), "\n";
 151  echo "  <table cellpadding=\"0\" cellspacing=\"0\" width=\"700\">\n";
 152  echo "    <tr>\n";
 153  echo "      <td align=\"left\">\n";
 154  echo "        <table class=\"box\" width=\"100%\">\n";
 155  echo "          <tr>\n";
 156  echo "            <td align=\"left\" class=\"posthead\">\n";
 157  echo "              <table class=\"posthead\" width=\"100%\">\n";
 158  echo "                <tr>\n";
 159  echo "                  <td align=\"left\" class=\"subhead\" colspan=\"2\">", gettext("Change Password"), "</td>\n";
 160  echo "                </tr>\n";
 161  echo "              </table>\n";
 162  echo "              <table class=\"posthead\" width=\"100%\">\n";
 163  echo "                <tr>\n";
 164  echo "                  <td align=\"center\">\n";
 165  echo "                    <table class=\"posthead\" width=\"95%\">\n";
 166  echo "                      <tr>\n";
 167  echo "                        <td align=\"left\">", gettext("Current Password"), ":</td>\n";
 168  echo "                        <td align=\"left\">", form_input_password("opw", null, 37), "&nbsp;</td>\n";
 169  echo "                      </tr>\n";
 170  echo "                      <tr>\n";
 171  echo "                        <td align=\"left\">", gettext("New Password"), ":</td>\n";
 172  echo "                        <td align=\"left\">", form_input_password("npw", null, 37), "&nbsp;</td>\n";
 173  echo "                      </tr>\n";
 174  echo "                      <tr>\n";
 175  echo "                        <td align=\"left\">", gettext("Confirm Password"), ":</td>\n";
 176  echo "                        <td align=\"left\">", form_input_password("cpw", null, 37), "&nbsp;</td>\n";
 177  echo "                      </tr>\n";
 178  echo "                      <tr>\n";
 179  echo "                        <td align=\"left\">&nbsp;</td>\n";
 180  echo "                      </tr>\n";
 181  echo "                    </table>\n";
 182  echo "                  </td>\n";
 183  echo "                </tr>\n";
 184  echo "              </table>\n";
 185  echo "            </td>\n";
 186  echo "          </tr>\n";
 187  echo "        </table>\n";
 188  echo "      </td>\n";
 189  echo "    </tr>\n";
 190  echo "    <tr>\n";
 191  echo "      <td align=\"left\">&nbsp;</td>\n";
 192  echo "    </tr>\n";
 193  echo "    <tr>\n";
 194  echo "      <td align=\"center\">", form_submit("save", gettext("Save")), "</td>\n";
 195  echo "    </tr>\n";
 196  echo "  </table>\n";
 197  echo "</form>\n";
 198  
 199  html_draw_bottom();

title

Description

title

Description

title

Description

title

title

Body