<?php
// ----------------------------------------------------------------------
// Copyright (C) 2007 by GREGORY LE BRAS
// ----------------------------------------------------------------------
// LICENSE
//
// This file is part of ODCNMS - Open DataCenter Network Management System
//
// ODCNMS is free software; you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation; either version 2 of the License, or
// (at your option) any later version.
//
// Foobar is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Foobar; if not, write to the Free Software
// Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
// ----------------------------------------------------------------------
// Original Author of file: GREGORY LE BRAS - http://www.odcnms.org/
// ----------------------------------------------------------------------
if(!isset($option))
{
?>
<div class="title"><img src="images/account_information.gif" alt="Account Information" align="bottom"> <?php echo TXT_ACCOUNT_INFORMATION; ?></div>
<div style="margin: 20px 0px 10px 0px; font-size: 110%;">
<div style="margin-bottom: 5px;"><b><?php echo TXT_USERNAME; ?>:</b> <?php echo "$login"; ?></div>
<div><b><?php echo TXT_STATUS; ?>:</b> <?php
$request=mysql_query("SELECT administrator FROM $name_table_users WHERE username=\"$login\"") or die ("ERROR!");
while($tmp_request=mysql_fetch_array($request))
{
if ($tmp_request['administrator']=="1")
{
echo TXT_ADMINISTRATOR;
}
else if ($tmp_request['administrator']=="0")
{
echo TXT_SIMPLE_USER;
}
else
{
echo TXT_SUPER." ".TXT_ADMINISTRATOR;
}
}
?></div>
<?php
if ($radius_authentication=="0")
{
?>
<br><a href="index.php?include=myaccount&page=account_information&option=change_password"><?php echo TXT_CHANGE_PASSWORD; ?></a>
<?php
}
?>
</div>
<br><center><a href="javascript:history.go(-1);"><?php echo TXT_BACK; ?></a></center>
<?php
}
else if ($option=="change_password")
{
if ($radius_authentication=="0")
{
?>
<div class="title"><img src="images/account_information.gif" alt="Account Information" align="bottom"> <?php echo TXT_ACCOUNT_INFORMATION; ?></div>
<div style="margin: 20px 0px 10px 0px; font-size: 110%;">
<h3><?php echo TXT_CHANGE_PASSWORD; ?></h3>
<div style="margin-bottom: 5px;width:350px;text-align:right;">
<form class="form" method="post" action="index.php?include=myaccount&page=account_information&option=change_password_ok" style="border:0px;">
<b style="position:relative;top:-10px;"><?php echo TXT_OLD_PASSWORD; ?>:</b> <input type="text" name="old_password"><br><br>
<b style="position:relative;top:-10px;"><?php echo TXT_NEW_PASSWORD; ?>:</b> <input type="text" name="new_password"><br><br>
<b style="position:relative;top:-10px;"><?php echo TXT_NEW_PASSWORD_CONFIRM; ?>:</b> <input type="text" name="new_password_confirm"><br><br>
<input type="submit" name="submit" value="<?php echo TXT_OK; ?>">
<input type="button" value="<?php echo TXT_BACK; ?>" onClick="javascript:history.go(-1);">
</form>
</div>
</div>
<?php
}
else
{
?>
<div class="title"><img src="images/account_information.gif" alt="Account Information" align="bottom"> <?php echo TXT_ACCOUNT_INFORMATION; ?></div>
<?php
echo "<center><div id=\"status\" style=\"color:red\"><img src=\"images/forbidden.png\" alt=\"FORBIDDEN\"><br><br>";
echo TXT_FORBIDDEN;
echo "</div></center>";
}
}
else if ($option=="change_password_ok")
{
if ($radius_authentication=="0")
{
$login = $_SESSION['login'];
$md5oldpassword = md5($old_password);
$request=mysql_query("SELECT count(*) FROM $name_table_users WHERE username=\"$login\" and password=\"$md5oldpassword\"") or die ("ERROR!");
$data = mysql_fetch_array($request);
if ($data[0] == 1) {
if ($new_password==$new_password_confirm)
{
$md5password = md5($new_password);
$query=mysql_query("UPDATE $name_table_users SET password=\"$md5password\" WHERE username=\"$login\"");
if(!$query)
{
echo "<center><div id=\"status\" style=\"color:red\"><img src=\"images/warning.png\" alt=\"WARNING\"><br><br>";
echo TXT_DATABASE_ERROR;
echo "</div><br><a href=\"javascript:history.go(-2);\">";
echo TXT_BACK;
echo "</a></center>";
}
else
{
?>
<div class="title"><img src="images/account_information.gif" alt="Account Information" align="bottom"> <?php echo TXT_ACCOUNT_INFORMATION; ?></div>
<?php
echo "<center><div id=\"status\" style=\"color:green\"><img src=\"images/info.png\" alt=\"INFO\"><br><br>";
echo TXT_SUCCESSFULLY_CHANGE_PASSWORD;
echo "</div><br><a href=\"javascript:history.go(-2);\">";
echo TXT_BACK;
echo "</a></center>";
}
}
else
{
echo "<center><div id=\"status\" style=\"color:red\"><img src=\"images/forbidden.png\" alt=\"FORBIDDEN\"><br><br>";
echo TXT_ERROR_PASSWORD_CONFIRM;
echo "</div><br><a href=\"javascript:history.go(-2);\">";
echo TXT_BACK;
echo "</a></center>";
}
}
elseif ($data[0] == 0) {
echo "<center><div id=\"status\" style=\"color:red\"><img src=\"images/warning.png\" alt=\"WARNING\"><br><br>";
echo TXT_AUTH_FAILED;
echo "</div><br><a href=\"javascript:history.go(-2);\">";
echo TXT_BACK;
echo "</a></center>";
}
}
else
{
?>
<div class="title"><img src="images/account_information.gif" alt="Account Information" align="bottom"> <?php echo TXT_ACCOUNT_INFORMATION; ?></div>
<?php
echo "<center><div id=\"status\" style=\"color:red\"><img src=\"images/forbidden.png\" alt=\"FORBIDDEN\"><br><br>";
echo TXT_FORBIDDEN;
echo "</div></center>";
}
}
?>