Location: PHPKode > projects > UseBB > UseBB/sources/panel_editpwd.php
<?php

/*
	Copyright (C) 2003-2012 UseBB Team
	http://www.usebb.net
	
	$Id$
	
	This file is part of UseBB.
	
	UseBB is free software; you can redistribute it and/or modify
	it under the terms of the GNU General Public License as published by
	the Free Software Foundation; either version 2 of the License, or
	(at your option) any later version.
	
	UseBB is distributed in the hope that it will be useful,
	but WITHOUT ANY WARRANTY; without even the implied warranty of
	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
	GNU General Public License for more details.
	
	You should have received a copy of the GNU General Public License
	along with UseBB; if not, write to the Free Software
	Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
*/

/**
 * Panel edit password
 *
 * Gives an interface to edit account passwords.
 *
 * @author	UseBB Team
 * @link	http://www.usebb.net
 * @license	GPL-2
 * @version	$Revision$
 * @copyright	Copyright (C) 2003-2012 UseBB Team
 * @package	UseBB
 * @subpackage	Panel
 */

//
// Die when called directly in browser
//
if ( !defined('INCLUDED') )
	exit();

$valid_password = ( !empty($_POST['new_passwd1']) && $functions->validate_password(stripslashes($_POST['new_passwd1']), true) );
if ( !empty($_POST['current_passwd']) && !empty($_POST['new_passwd2']) && md5(stripslashes($_POST['current_passwd'])) == $session->sess_info['user_info']['passwd'] && $valid_password && strlen(stripslashes($_POST['new_passwd1'])) >= $functions->get_config('passwd_min_length') && $_POST['new_passwd1'] === $_POST['new_passwd2'] && $functions->verify_form() ) {
	
	$new_passwd = md5(stripslashes($_POST['new_passwd1']));

	//
	// Update the password
	//
	$result = $db->query("UPDATE ".TABLE_PREFIX."members SET passwd = '".$new_passwd."' WHERE id = ".$session->sess_info['user_id']);
	
	if ( $functions->isset_al() ) {
		
		//
		// Renew AL cookie
		//
		$functions->set_al($session->sess_info['user_id'], $new_passwd);
		
	}
	
	$template->parse('msgbox', 'global', array(
		'box_title' => $lang['Note'],
		'content' => $lang['PasswordEdited']
	));
	
} else {
	
	if ( $_SERVER['REQUEST_METHOD'] == 'POST' ) {
		
		//
		// Define missing fields
		//
		$errors = array();
		if ( empty($_POST['current_passwd']) || md5(stripslashes($_POST['current_passwd'])) != $session->sess_info['user_info']['passwd'] )
			$errors[] = $lang['CurrentPassword'];
		if ( empty($_POST['new_passwd1']) || empty($_POST['new_passwd2']) || $_POST['new_passwd1'] !== $_POST['new_passwd2'] )
			$errors[] = $lang['NewPassword'];
		
		//
		// Show an error message
		//
		if ( count($errors) ) {
			
			$template->parse('msgbox', 'global', array(
				'box_title' => $lang['Error'],
				'content' => sprintf($lang['MissingFields'], join(', ', $errors))
			));
			
		}

		if ( !empty($_POST['new_passwd1']) && !$valid_password ) {
			
			$template->parse('msgbox', 'global', array(
				'box_title' => $lang['Error'],
				'content' => sprintf($lang['PasswdInfoNew'], $functions->get_config('passwd_min_length'))
			));

		} elseif ( !empty($_POST['new_passwd1']) && strlen(stripslashes($_POST['new_passwd1'])) < $functions->get_config('passwd_min_length') ) {
			
			$template->parse('msgbox', 'global', array(
				'box_title' => $lang['Error'],
				'content' => sprintf($lang['StringTooShort'], $lang['NewPassword'], $functions->get_config('passwd_min_length'))
			));
			
		}
		
	}
	
	$template->parse('editpwd_form', 'panel', array(
		'form_begin'           => '<form action="'.$functions->make_url('panel.php', array('act' => 'editpwd')).'" method="post">',
		'current_passwd_input' => '<input type="password" name="current_passwd" id="current_passwd" size="25" maxlength="255" />',
		'passwd_info'         => sprintf($lang['PasswdInfoNew'], $functions->get_config('passwd_min_length')),
		'new_passwd1_input'    => '<input type="password" name="new_passwd1" size="25" maxlength="255" />',
		'new_passwd2_input'    => '<input type="password" name="new_passwd2" size="25" maxlength="255" />',
		'submit_button'        => '<input type="submit" name="submit" value="'.$lang['OK'].'" />',
		'form_end'             => '</form>'
	), false, true);
	$template->set_js_onload("set_focus('current_passwd')");
	
}

?>
Return current item: UseBB