<?php

/*
	Copyright (C) 2009 DantoBB Team
	http://www.dantobb.com
*/

/**
 * Panel edit password
 *
 * Gives an interface to edit account passwords.
 *
 * @author	DantoBB Team
 * @link	http://www.dantobb.com
 * @license	GPL-2
 * @version	$Revision: 1.0 $
 * @copyright	Copyright (C) 2009 DantoBB Team
 * @package	DantoBB
 * @subpackage	Panel
 */

//
// Die when called directly in browser
//
if ( !defined('INCLUDED') )
	exit();

if ( !empty($_POST['current_passwd']) && !empty($_POST['new_passwd1']) && !empty($_POST['new_passwd2']) && md5($_POST['current_passwd']) == $session->sess_info['user_info']['passwd'] && strlen($_POST['new_passwd1']) >= $functions->get_config('passwd_min_length') && preg_match(PWD_PREG, $_POST['new_passwd1']) && $_POST['new_passwd1'] === $_POST['new_passwd2'] ) {
	
	//
	// Update the password
	//
	$result = $db->query("UPDATE ".TABLE_PREFIX."members SET passwd = '".md5($_POST['new_passwd1'])."' WHERE id = ".$session->sess_info['user_id']);
	
	if ( $functions->isset_al() ) {
		
		//
		// Renew AL cookie
		//
		$functions->set_al($session->sess_info['user_id'], md5($_POST['new_passwd1']));
		
	}
	
	$template->parse('msgbox', 'global', array(
		'box_title' => $lang['Note'],
		'content' => $lang['PasswordEdited']
	));
	
} else {
	
	if ( $_SERVER['REQUEST_METHOD'] == 'POST' ) {
		
		//
		// Define missing fields
		//
		$errors = array();
		if ( empty($_POST['current_passwd']) || md5($_POST['current_passwd']) != $session->sess_info['user_info']['passwd'] )
			$errors[] = $lang['CurrentPassword'];
		if ( empty($_POST['new_passwd1']) || empty($_POST['new_passwd2']) || !preg_match(PWD_PREG, $_POST['new_passwd1']) || $_POST['new_passwd1'] !== $_POST['new_passwd2'] )
			$errors[] = $lang['NewPassword'];
		
		//
		// Show an error message
		//
		if ( count($errors) ) {
			
			$template->parse('msgbox', 'global', array(
				'box_title' => $lang['Error'],
				'content' => sprintf($lang['MissingFields'], join(', ', $errors))
			));
			
		}
		
		if ( !empty($_POST['new_passwd1']) && strlen($_POST['new_passwd1']) < $functions->get_config('passwd_min_length') ) {
			
			$template->parse('msgbox', 'global', array(
				'box_title' => $lang['Error'],
				'content' => sprintf($lang['StringTooShort'], $lang['NewPassword'], $functions->get_config('passwd_min_length'))
			));
			
		}
		
	}
	
	$template->parse('editpwd_form', 'panel', array(
		'form_begin'           => '<form action="'.$functions->make_url('panel.php', array('act' => 'editpwd')).'" method="post">',
		'current_passwd_input' => '<input type="password" name="current_passwd" id="current_passwd" size="25" maxlength="255" />',
		'passwd_info'         => sprintf($lang['PasswdInfo'], $functions->get_config('passwd_min_length')),
		'new_passwd1_input'    => '<input type="password" name="new_passwd1" size="25" maxlength="255" />',
		'new_passwd2_input'    => '<input type="password" name="new_passwd2" size="25" maxlength="255" />',
		'submit_button'        => '<input type="submit" name="submit" value="'.$lang['OK'].'" />',
		'reset_button'         => '<input type="reset" value="'.$lang['Reset'].'" />',
		'form_end'             => '</form>'
	));
	$template->set_js_onload("set_focus('current_passwd')");
	
}

?>