<?php
/*
* ***********************************************************************************************
* Filename: admin_module_cpwduser.inc.php
* Module: Admin-Module
* Subcategory: Change Userpassword
* Description: Sets / deletes or changes the userpassword
* ***********************************************************************************************
*
*
* Project: yappa-ng : yet another php photo album - next generation
* Author: Fritz Berger <hide@address.com>
* Copyright: 2003 Fritz Berger
* $Header: /cvsroot/yappa-ng/yappa-ng/admin_modules/admin_module_cpwduser.inc.php,v 1.12 2005/04/25 18:02:06 zirkon13 Exp $
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*
* You may contact the author of yappa-ng by e-mail at:
* hide@address.com
*
* The latest version of yappa-ng can be obtained from:
* http://www.zirkon.at/zirkon/scripts/yappa-ng/yappa-ng_main_ger.html (german)
* http://www.zirkon.at/zirkon/scripts/yappa-ng/yappa-ng_main_eng.html (english)
*
* ***********************************************************************************************
* ***********************************************************************************************
* *** ***
* *** yappa-ng is based on "YAPPA v1.7 devel - 22.April 2002" ***
* *** released on http://sourceforge.net/projects/yappa/ ***
* *** YAPPA is Copyright Federico 'pix' Feroldi (hide@address.com) ***
* *** YAPPA is released under the GNU GPL ***
* *** ***
* ***********************************************************************************************
* ***********************************************************************************************
*/
?>
<?php
/*
* Standard Security Check
*/
if (!defined('SecCheck')) {
die("You Cannot Access This Script Directly - Have a Nice Day.");
}
function HandleForm () {
global $config_album;
global $config;
global $selected_album;
// set or delete userpassword
if ($_POST['admin_form']['setdel'] == "change") {
// check, if password is empty (not permitted!!)
if ($_POST['admin_form']['userpwd'] == "") {
// empty passwords not permitted!
return 4;
} else {
// check if no typo is in the password
if ($_POST['admin_form']['userpwd'] == $_POST['admin_form']['userpwd2']) {
// everything ok - set password!
$config_album["userpwd"] = $_POST['admin_form']['userpwd'];
$config_album["userpwd_set"] = "yes";
$config_album["passwd_csensitive"] = $_POST['admin_form']['passwd_csensitive'];
/*
* This has to get changed sometime! (See TODO)
* I programmed the userpassword as a "inc.php" file with the password-variable in it!
* now the password is in the $config_album too.
* ToDo: change the userpaswsord that only the $config_album is queried!!
*/
$pwdfilename = singleslash($config["photo_root"] . "/" . rawurldecode($_GET["album"]) . "/" . $config['data_dirname'] . "/passwd_txt.inc.php");
$pwdhelp = "<?php \n \$passwd_txt = \"" . $config_album["userpwd"] . "\" \n ?>";
$fd = fopen($pwdfilename, "w");
flock($fd, 2); // get an exclusive lock
fwrite($fd, $pwdhelp);
flock($fd, 3); // release the lock
fclose($fd);
/* write album config */
$configfilename = singleslash($config["photo_root"] . "/" . rawurldecode($_GET["album"]));
$returncode = write_albumconf($configfilename, $config_album);
return $returncode;
} else {
// passwords dont match - no change!
return 2;
}
}
} else {
$config_album["userpwd"] = "";
$config_album["userpwd_set"] = "no";
$config_album["passwd_csensitive"] = "no";
/* write album config */
$configfilename = singleslash($config["photo_root"] . "/" . rawurldecode($_GET["album"]));
$returncode = write_albumconf($configfilename, $config_album);
$pwdfilename = singleslash($config["photo_root"] . "/" . rawurldecode($_GET["album"]) . "/" . $config['data_dirname'] . "/passwd_txt.inc.php");
unlink ($pwdfilename);
// password deleted
return 3;
}
}
$uri_base = str_replace("&admintask=UserPasswd","",$global_var['self_url']);
if(isset($_POST['BeenSubmitted'])) {
if ($config["demo_gallery"] != "yes") {
$answer = HandleForm();
} else {
$answer = 5;
}
}
?>
<form action="<?php print $global_var['self_url']; ?>" method="post">
<table cellspacing="0" cellpadding="5" border="0" width="100%">
<tr valign="top">
<td class="thumbnailCell">
<table width="100%" border="0" cellspacing="0" cellpadding="3">
<tr><td colspan=4 align="center" class="adminHeading"><?php print $lang_akt["admin_cpwduser_hmain"]; ?></td></tr>
<tr><td colspan="4" class="passwdAdminCancel" align="center" >
[ <b><a href="<?php echo $uri_base ?>"><?php echo $lang_akt["passwd_admin_cancel"]; ?></b></a> ]</td></tr>
<tr><td width="10%"> </td><td width="25%"> </td><td width="5%"> </td><td> </td></tr>
<?php if ($config["demo_gallery"] == "yes") { ?>
<tr><td colspan=4 align="center" class="adminDemo"><?php print $lang_akt["admin_info_demo1"]; ?></td></tr>
<tr><td colspan=4 align="center" class="adminDemo"><?php print $lang_akt["admin_cpwduser_demo2"]; ?></td></tr>
<tr><td colspan="4"> </td></tr>
<?php } ?>
<tr><td colspan="4" align="center" class="adminStatus">
<?php if(isset($_POST['BeenSubmitted'])) {
switch($answer) {
case 1:
print $lang_akt["admin_cpwduser_status1"];
break;
case 2:
print $lang_akt["admin_cpwduser_status2"];
break;
case 3:
print $lang_akt["admin_cpwduser_status3"];
break;
case 4:
print $lang_akt["admin_cpwduser_status4"];
break;
case 5:
print $lang_akt["admin_cpwduser_status5"];
break;
default:
print "";
break;
}
} ?>
</td></tr>
<tr><td colspan="4"> </td></tr>
<?php
/* change from passwd-check to config_album[userpasswd_set] !! */
if ( Passwd_check($selected_album) == 1) { ?>
<tr><td colspan=4 class="adminDescription"><?php print $lang_akt["admin_cpwduser_isset"]; ?> <?php print $config_album["userpwd"]; ?></td></tr>
<?php } else { ?>
<tr><td colspan=4 class="adminDescription"><?php print $lang_akt["admin_cpwduser_notset"]; ?></td></tr>
<?php } ?>
<tr><td colspan="4"> </td></tr>
<tr><td colspan="4"> </td></tr>
<tr><td colspan=4 class="adminDescription"><?php print $lang_akt["admin_cpwduser_changepwd"]; ?></td></tr>
<tr><td colspan=4 class="adminComments"><?php print $lang_akt["admin_cpwduser_changepwdfull"]; ?></td></tr>
<tr>
<td> </td>
<td class="adminSelection"><input type="radio" name="admin_form[setdel]" value="change" checked="checked"> <?php print $lang_akt["admin_cpwduser_changeradio"]; ?></td>
<td> </td>
<td class="adminSelection"><input type="radio" name="admin_form[setdel]" value="delete"> <?php print $lang_akt["admin_cpwduser_deleteradio"]; ?></td>
</tr>
<tr><td colspan="4"> </td></tr>
<tr><td colspan=4 class="adminDescription"><?php print $lang_akt["admin_cpwduser_csensh"]; ?></td></tr>
<tr><td colspan=4 class="adminComments"><?php print $lang_akt["admin_cpwduser_csensfull"]; ?></td></tr>
<tr>
<?php if ($config_album["passwd_csensitive"] == "yes") { ?>
<td> </td>
<td class="adminSelection"><input type="radio" name="admin_form[passwd_csensitive]" value="yes" checked="checked"> <?php print $lang_akt["admin_cpwduser_yesradio"]; ?></td>
<td> </td>
<td class="adminSelection"><input type="radio" name="admin_form[passwd_csensitive]" value="no"> <?php print $lang_akt["admin_cpwduser_noradio"]; ?></td>
<?php } else { ?>
<td> </td>
<td class="adminSelection"><input type="radio" name="admin_form[passwd_csensitive]" value="yes"> <?php print $lang_akt["admin_cpwduser_yesradio"]; ?></td>
<td> </td>
<td class="adminSelection"><input type="radio" name="admin_form[passwd_csensitive]" value="no" checked="checked"> <?php print $lang_akt["admin_cpwduser_noradio"]; ?></td>
<?php } ?>
</tr>
<tr><td colspan="4"> </td></tr>
<tr><td colspan=4 class="adminDescription"><?php print $lang_akt["admin_cpwduser_pwdh"]; ?></td></tr>
<tr><td colspan=4 class="adminComments"><?php print $lang_akt["admin_cpwduser_pwdfull"]; ?></td></tr>
<tr>
<td width="10%"> </td>
<td colspan="3" class="adminSelection"><input type="password" name="admin_form[userpwd]" value=""> <?php print $lang_akt["admin_cpwduser_pwdtxt1"]; ?></td>
</tr>
<tr>
<td width="10%"> </td>
<td colspan="3" class="adminSelection"><input type="password" name="admin_form[userpwd2]" value=""> <?php print $lang_akt["admin_cpwduser_pwdtxt2"]; ?></td>
</tr>
<tr><td colspan="4"> </td></tr>
<tr><td colspan="4" align="center">
<input type="hidden" name="BeenSubmitted" value="true">
<input type="submit" name="submit" value="<?php print $lang_akt['submit']; ?>">
</td>
</tr>
</table>
</td>
</tr>
</table>
</form>
<?php
?>