update_password_class.inc at Homeless Mangement Information System

<?php
//*Client Data System, Copyright (C) 2000, 2001, 2002, 2003 Tedd Kelleher.  This is free software, subject to the 
//*GNU GENERAL PUBLIC LICENSE, Version 2, June 1991 (in file named gpl.txt), which should accompany 
//*any distribution of this file.  Tedd Kelleher can be contacted at hide@address.com

class  Update_password
{
	var $questions;
	var $form_answer;
	var $user_id;
	
	function Update_password ($questions, $form_answer, $user_id)
    {
		GLOBAL $question_validation_error, $message, $message_type, $unique_seq;
		
		$this->questions = $questions;
		$this->form_answer = $form_answer;
		$this->user_id = $user_id;
        
		foreach ($this->questions as $question_value)
        {
			switch ($question_value["question_id"])
            {
				case "existing_password":
					$existing_password = $form_answer[$question_value["question_id"]];
					$existing_password_question_id = $question_value["question_id"];
					break;
                
				case "new_password":
					$new_password = $form_answer[$question_value["question_id"]];
					$new_password_question_id = $question_value["question_id"];
					break;
                
				case "verify_password":
					$verify_password = $form_answer[$question_value["question_id"]];
					$verify_password_question_id = $question_value["question_id"];
					break;
				
				default:
					echo "Question title could not be matched to question in password_update_class: ".$question_value["question_title"]."<br>";
                    exit;
		    }
	    }

        //get existing login and password

            $sql = "SELECT gate_login, gate_password FROM gate WHERE user_id = '".$user_id."'";
            $result = run_query($sql, "Associated users id 20");
            $current_row = fetch_array($result, "Edit user function 20A", "0");
            $gate_login = $current_row["gate_login"];
            $gate_password = $current_row["gate_password"];

        if ( md5 ( $existing_password ) != $gate_password )
        {
            question_error_marking ( $existing_password_question_id, 'Existing password is incorrect . ' );
        }

        if ( $existing_password == $new_password )
        {
            question_error_marking ( $existing_password_question_id, 'Existing password and New password can NOT match . ' );
            question_error_marking ( $new_password_question_id, 'Existing password and New password can NOT match . ' );
        }

        if ( $new_password != $verify_password )
        {
            question_error_marking ( $new_password_question_id, 'New password and Verify password MUST match. ' );
            question_error_marking ( $verify_password_question_id, 'New password and Verify password MUST match. ' );
        }

        $pass = new Passwords ();
        $pass->check_login_and_password ( $gate_login, $new_password );
        if ( $pass->password_error )
        {
            question_error_marking ( $new_password_question_id, $pass->password_error );
        }

        $pass = new Passwords ();
        $pass->check_login_and_password ( $gate_login, $verify_password );
        if ( $pass->password_error )
        {
            question_error_marking ( $verify_password_question_id, $pass->password_error );
        }

	    if ( !$question_validation_error )
        {
		    transaction_begin ( 'Update password' );
            $user_id_update = $this->user_id;

            $sql = "UPDATE gate SET gate_password='".md5 ( $new_password )."', gate_status='active' WHERE user_id = '".$user_id."'";
            run_query ($sql, "Update password");

            transaction_commit();

            $_SESSION['gate_status'] = 'active';

		    $message .= "Password has been successfully updated. ";
		    $message_type = "ok";
	    }
	}
}


?>