<?php
require_once "../config/config.php";
require_once INCLUDE_DIR."/functions.php";
require_once INCLUDE_DIR."/users_class.php";
//**********************************************Begin Page code**********************************************
$users=new users_class();
if(isset( $_REQUEST['action']))
$_action = $_REQUEST['action'];
else
$_action="";
$_action = strtoupper($_action);
switch($_action)
{
case 'UPDATE':
if(isset($_POST))
{
$lsUserid=$_SESSION[SESSION_PREFIX.'Admin_UserID'];
$key=$users->getSecretsaltById($lsUserid);
$oldpass=encrypt($_POST['oldPassword'],$key);
if($_POST['oldPassword']!=$_POST['newpass'])
{
$newpassword=encrypt($_POST['newpass'],$key);
$query="update ".TABLE_PREFIX ."users set password=? where id=? and password=?";
$arr=array();
$arr[0]=$newpassword;
$arr[1]=$lsUserid;
$arr[2]=$oldpass;
$lsUpdatedrows = $users->Update($query,$arr,null);
if($lsUpdatedrows>0)
{
$smarty->assign('msg','Password updated successfully');
}
else
{
$smarty->assign('msg','Invalid old password.');
$smarty->assign('err','true');
}
}
else
{
$smarty->assign('msg','Old password and new password can not be same.');
}
$smarty->display('admin_change_password.tpl');
}
break;
DEFAULT:
$lsUserid=$_SESSION[SESSION_PREFIX.'Admin_UserID'];
$key=$users->getSecretsaltById($lsUserid);
$laedituserinfo = $users->view("SELECT password FROM ".TABLE_PREFIX ."users where id=$lsUserid",null);
if($laedituserinfo!=FALSE)
$password=decrypt($laedituserinfo[0]['password'],$key);
$smarty->assign('smpassword',$password);
$smarty->display('admin_change_password.tpl');
}
?>