<?php
/****************************************************************************************/
/* ACollab */
/****************************************************************************************/
/* Copyright (c) 2002-2004 Adaptive Technology Resource Centre / University of Toronto */
/* */
/* http://atutor.ca/acollab */
/* */
/* This program is free software. You may redistribute it and/or */
/* modify it under the terms of the GNU General Public License */
/* as published by the Free Software Foundation; either version 2 of the License, */
/* or (at your option) any later version. */
/* */
/* This program is distributed in the hope that it will be useful, but */
/* WITHOUT ANY WARRANTY; without even the implied warranty of */
/* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. */
/* See the GNU General Public License for more details. */
/* */
/* You may access the GNU General Public License at: */
/* http://www.opensource.org/licenses/gpl-license.php */
/* */
/* You may contact the Adaptive Technology Resource Centre at */
/* Robarts Library, University of Toronto */
/* 130 St. George Street, Toronto, Ontario, Canada M5S 1A5 */
/* Further contact information is available at http://www.utoronto.ca/atrc/ */
/****************************************************************************************/
/* Programmer: */
/* Joel Kronenberg - ATRC */
/****************************************************************************************/
// $Id: password.php 333 2005-02-01 19:21:20Z shozubq $
define('AC_INCLUDE_PATH', '../include/');
require(AC_INCLUDE_PATH.'vitals.inc.php');
authenticate(USER_CLIENT, USER_GROUP_ADMIN, USER_ADMIN);
$_SECTION[0][0] = $_SESSION['course_title'].' '._AC('groups');
$_SECTION[0][1] = 'index.php';
$_SECTION[1][0] = _AC('options');
$_SECTION[1][1] = 'prefs/';
$_SECTION[2][0] = _AC('change_password');
$_SECTION[2][1] = 'prefs/password.php';
if ($_POST['cancel']) {
Header('Location: index.php');
exit;
}
if ($_POST['submit']) {
$_POST['old_password'] = trim($_POST['old_password']);
$_POST['new_password1'] = trim($_POST['new_password1']);
$_POST['new_password2'] = trim($_POST['new_password2']);
$sql = "SELECT * FROM ".TABLE_PREFIX."members WHERE member_id=$_SESSION[member_id] AND password='$_POST[old_password]'";
$result = mysql_query($sql, $db);
if (!($row = mysql_fetch_array($result))) {
$error[] = E_USER_BAD_PSWD;
}
if ($_POST['new_password1'] == '') {
$error[] = E_REG_EMPTY_PASS;
} else if ($_POST['new_password2'] != $_POST['new_password1']) {
$error[] = E_REG_PASS_NO_MATCH;
}
if (!$error) {
$_POST['new_password1'] = $addslashes($_POST['new_password1']);
$sql = "UPDATE ".TABLE_PREFIX."members SET password='$_POST[new_password1]' WHERE member_id=$_SESSION[member_id]";
if (mysql_query($sql, $db)) {
Header('Location: index.php?f='.F_USER_EDITED);
exit;
} else {
$error[] = E_USER_EDIT;
}
}
}
require(AC_INCLUDE_PATH.'pub/header.inc.php');
?>
<br /><br /><br />
<table border="0" cellspacing="0" cellpadding="0" align="center" class="box" width="70%">
<tr>
<th colspan="4" class="box"><h3><?php echo _AC('change_password'); ?></h3></th>
</tr>
<tr>
<td style="border-bottom: 1px solid #006699; background: #EFEFEF;">
<table border="0" width="100%" cellspacing="2" cellpadding="2" class="w">
<tr>
<td class="bread" valign="middle"><h4><?php
$delim = ' ยป ';
$num_sections = count($_SECTION);
for($i = 0; $i < $num_sections-1; $i++) {
echo '<a href="'.$_SECTION[$i][1] . '" onfocus="this.className=\'highlight\'" onblur="this.className=\'\'">';
echo $_SECTION[$i][0];
echo '</a>';
echo $delim;
}
echo $_SECTION[$num_sections-1][0];
echo '<small><small> ( <a href="accessibility.php" onfocus="this.className=\'highlight\'" onblur="this.className=\'\'">'. _AC('accessibility').'</a> ';
if (!$_SESSION['course_id']) {
echo ' | <a href="sign_out.php" onfocus="this.className=\'highlight\'" onblur="this.className=\'\'">'._AC('sign_out').'</a>';
}
echo ' )</small></small>';
?></h4></td>
</tr>
</table>
</td>
</tr>
<tr>
<td><table border="0" cellspacing="0" cellpadding="4" class="border" width="100%">
<tr>
<td><?php
if (isset($error)) {
print_errors($error);
}
?>
<form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
<table border="0" cellspacing="0" cellpadding="2" align="center" class="box2">
<tr>
<td class="row1 tline"> </td>
<td colspan="3" class="row1 tline"><img src="images/clr.gif" height="1" width="1" alt="" /><br /><?php
echo _AC('denotes_required', '<img src="images/required.gif" height="14" width="14" alt="'._AC('required_field').'" />');
?><br /></td>
<td class="row1 tline"> </td>
</tr>
<tr bgcolor="white">
<td class="row1"> </td>
<td class="row1" align="right"><label for="password1"><b><?php echo _AC('current_password'); ?>:</b></label></td>
<td class="row1"><img src="images/required.gif" height="14" width="14" alt="<?php echo _AC('required_field'); ?>" /></td>
<td class="row1"><input type="password" name="old_password" class="input" size="20" id="password1" onfocus="this.className='input highlight'" onblur="this.className='input'" /></td>
<td class="row1"> </td>
</tr>
<tr bgcolor="white">
<td class="row1"> </td>
<td class="row1" align="right"><label for="password2"><b><?php echo _AC('new_password'); ?>:</b></label></td>
<td class="row1"><img src="images/required.gif" height="14" width="14" alt="<?php echo _AC('required_field'); ?>" /></td>
<td class="row1"><input type="password" name="new_password1" class="input" size="20" id="password2" onfocus="this.className='input highlight'" onblur="this.className='input'" /></td>
<td class="row1"> </td>
</tr>
<tr bgcolor="white">
<td class="row1"> </td>
<td class="row1" align="right"><label for="password3"><b><?php echo _AC('confirm_new_password'); ?>:</b></label></td>
<td class="row1"><img src="images/required.gif" height="14" width="14" alt="<?php echo _AC('required_field'); ?>" /></td>
<td class="row1"><input type="password" name="new_password2" class="input" size="20" id="password3" onfocus="this.className='input highlight'" onblur="this.className='input'" /></td>
<td class="row1"> </td>
</tr>
<tr bgcolor="white">
<td class="row1"> </td>
<td class="row1" colspan="3" align="right"><br /><input type="submit" name="submit" value=" <?php echo _AC('edit'); ?> " class="submitY" onfocus="this.className='submitY highlight'" onblur="this.className='submitY'" /> <input type="submit" name="cancel" value="<?php echo _AC('cancel'); ?>" class="submitN" onfocus="this.className='submitN highlight'" onblur="this.className='submitN'" /><br /><br /></td>
<td class="row1"> </td>
</tr>
</table>
</form></td>
</tr>
</table>
<?php
require(AC_INCLUDE_PATH.'footer.inc.php');
?>