<?
// Setting the page title
$GLOBALS[page_title] = "Change password";
// Include files
include "common.php";
include "$GLOBALS[lib_path]/user_db.inc";
include "$GLOBALS[lib_path]/design.inc";
$user_db = new USER_DB();
$user_db->connect("$GLOBALS[dbhost]","$GLOBALS[dbusername]","$GLOBALS[dbuserpassword]","$GLOBALS[dbname]");
// Set the user navbars.
if(!$HTTP_COOKIE_VARS[login_active]) $nav_array = array(main);
elseif($os->num_rows("SELECT user_name FROM users WHERE user_name='$session_array[user_name]' AND user_type='1'")) $nav_array = array_merge($GLOBALS[admin_navbox_array], $os->get_navbox_array($session_array[user_name]));
else $nav_array = array_merge($GLOBALS[basic_navbox_array], $os->get_navbox_array($session_array[user_name]));
// This is the main page with all it's contents.
$GLOBALS[contents00] = <<<ENDcontents00
<font size="$GLOBALS[body_font_size]">
<table width="100%" border="0" cellpadding="1" cellspacing="0" bgcolor="#eeeeee"><tr>
<td width="50%" align="left" valign="top">
<table width="100%" cellpadding="0" cellspacing="0" border="0"><tr>
<td align="left" valign="top">
<table width="100%" cellpadding="0" cellspacing="0" border="0"><tr>
<td bgcolor="#aaaaaa"> <b><font COLOR="$GLOBALS[body_head_font_clr]">Password Maintainence</font></b></td>
</tr></table>
<table cellpadding="1" cellspacing="1" border="0"><tr>
<td>
If you would like to change your password please enter it below in both fields and click change. The
password you choose cannot be less than 7 characters or greater than 15.
<form action="$PHP_SELF" method="post">
<table cellpadding="1" cellspacing="1" border="0"><tr>
<td align="left" valign="top">
Password:<br>
<input type="password" name="user_pass00" value="" size="15" maxsize="15">
</td><td align="left" valign="top">
Password Again:<br>
<input type="password" name="user_pass01" value="" size="15" maxsize="15">
</td><td align="left" valign="bottom">
<input type="submit" name="change_pass" value="Change">
</td>
</tr></table>
</form>
</td>
</tr></table>
</td>
</tr></table>
</td><td width="50%" align="right" valign="top">
</td>
</tr></table>
</font>
ENDcontents00;
// Password fields empty error page
$GLOBALS[contents01] = <<<ENDcontents01
<font color="red"><b>Blank Field Detected</b></font><br>
A required field for changing passwords was left blank.. Please fill in all required fields and try again.
<hr>
ENDcontents01;
// Password do not match error page
$GLOBALS[contents02] = <<<ENDcontents02
<font color="red"><b>Passwords do not match</b></font><br>
The passwords you tried do not match. Please retype the password you wish and try again.
<hr>
ENDcontents02;
// Password are not at least 7 chars
$GLOBALS[contents03] = <<<ENDcontents03
<font color="red"><b>Invalid Password</b></font><br>
The passwords your entered are not at least 7 characters. Please enter another password that is at least 7 characters and try again.
<hr>
ENDcontents03;
// Problem Updating the password
$GLOBALS[contents04] = <<<ENDcontents04
<font color="red"><b>Error updating</b></font><br>
There was a problem updating your password.. Please try again later.
<hr>
ENDcontents04;
// All went well in changing the user password
$GLOBALS[contents05] = <<<ENDcontents05
<font color="red"><b>Password Change Successful</b></font><br>
Your password has been reset. Please use this new password next time you log in.
<hr>
ENDcontents05;
// Password supplied is the same as in the database.. database won't update
$GLOBALS[contents06] = <<<ENDcontents06
<font color="red"><b>Passwords the same</b></font><br>
The password you supplied is the same that is in the database. Please choose another password and try again.
<hr>
ENDcontents06;
// Start the processing
if($HTTP_POST_VARS[change_pass]){
$GLOBALS[tmp_md5] = md5($HTTP_POST_VARS[user_pass00]);
// Check to see if the password fields are empty
if(empty($HTTP_POST_VARS[user_pass00]) || empty($HTTP_POST_VARS[user_pass01])) $contents = array("$GLOBALS[page_title]"=>$GLOBALS[contents01] . $GLOBALS[contents00]);
// Check to see if the passwords match
elseif($HTTP_POST_VARS[user_pass00] != $HTTP_POST_VARS[user_pass01]) $contents = array("$GLOBALS[page_title]"=>$GLOBALS[contents02] . $GLOBALS[contents00]);
// Check to see if the passwords are at least 7 chars
elseif(strlen($HTTP_POST_VARS[user_pass00]) < 7) $contents = array("$GLOBALS[page_title]"=>$GLOBALS[contents03] . $GLOBALS[contents00]);
// Check to see if the password is the same as the database.. if so then give error
elseif($GLOBALS[tmp_md5] == $user_db->get_user_pass($session_array[user_name])) $contents = array("$GLOBALS[page_title]"=>$GLOBALS[contents06] . $GLOBALS[contents00]);
// Else it all worked.. change the password
elseif(!$user_db->update_user_pass($session_array[user_name], $GLOBALS[tmp_md5])) $contents = array("$GLOBALS[page_title]"=>$GLOBALS[contents04] . $GLOBALS[contents00]);
else $contents = array("$GLOBALS[page_title]"=>$GLOBALS[contents05] . $GLOBALS[contents00]);
}else{
// This is the first page that the user will see
$contents = array("$GLOBALS[page_title]"=>"$GLOBALS[contents00]");
}
// an array for the draw_page function.
//$contents = array("$GLOBALS[page_title]"=>"$GLOBALS[contents00]");
draw_header("$GLOBALS[page_title]");
draw_nav($nav_array);
draw_sect($contents);
draw_footer();
ob_end_flush();
?>