<?php require('style/layout/header.php'); ?>
<div class="content_left">
<ul id="breadcrumbs">
<li><a href="index.php"><?php echo $lang['main_page']; ?></a></li>
<li><a href="myprofile.php"><?php echo $lang['user_area']; ?></a></li>
<li><a href="password.php" class="actual"><?php echo $lang['change_password']; ?></a></li>
</ul>
</div>
<div class="content_right"><form method="post" id="search" action="search.php?search">
<input type="text" name="search" placeholder="<?php echo $lang['enter_search_term']; ?>..." class="searchfield">
<input type="hidden" name="submit" value="<?php echo $lang['search']; ?>" alt="<?php echo $lang['search']; ?>">
</form>
</div>
<div class="clear"></div>
<div id="headline"> </div>
<?php
if(!isset($_SESSION['signed_in'])) {
echo '<p class="false">' . $lang['only_for_registered'] . '</p>
<p>' . $lang['you_have_to'] . ' <a href="signin.php">' . $lang['small_signin'] . '</a>. ' . $lang['not_yet'] . ' <a href="signup.php">' . $lang['registered'] . '</a>?</p>';
}else{
echo '<h1>' . $lang['my_login_informations'] . '</h1>';
if($_SERVER['REQUEST_METHOD'] != 'POST') {
echo '<form id="password" name="password" method="post" action="">
<p><input type="password" name="old_password" class="textfields" size="40"> <span class="green">' . $lang['actual_password'] . '</span>
<br><small>' . $lang['confirm_password'] . '</small></p>
<p><input type="password" name="password" class="textfields" size="40"> ' . $lang['new_password'] . '</p>
<p><input type="password" name="password_check" class="textfields" size="40"> ' . $lang['password_repeat'] . '</p>
<p><input type="submit" name="submit" value="' . $lang['change_password'] . '" alt="' . $lang['change_password'] . '" class="buttons"></p>
</form>';
}else{
$check_pw = "SELECT
user_id,
user_pass
FROM
users
WHERE
user_id = " . (int)$_SESSION['user_id'];
$verified_pw = mysql_query($check_pw) OR die(mysql_error());
while($check_row = mysql_fetch_assoc($verified_pw)) {
$dp = mysql_real_escape_string($check_row['user_pass']);
$tp = htmlentities($_POST['old_password']);
}
$errors = array();
if(isset($_POST['password'])) {
if(trim($_POST['password']) == "") {
$errors[] = $lang['not_enter_pass'];
}
if($_POST['password'] != $_POST['password_check']) {
$errors[] = $lang['no_pass_match'];
}
}else{
$errors[] = $lang['not_enter_pass'];
}
if(isset($_POST['old_password'])) {
if(trim($_POST['old_password']) == "") {
$errors[] = $lang['enter_actual_pass'];
}
if($_POST['old_password'] != $tp) {
$errors[] = $lang['actual_pass_false'];
}
}else{
$errors[] = $lang['enter_actual_pass'];
}
if(!empty($errors)) {
echo '<p class="false">' . $lang['not_filled_all'] . '</p>
<p><a href="javascript:history.back();">' . $lang['back'] . '</a></p>';
echo '<ul>';
foreach($errors as $key => $value) {
echo '<li>• ' . $value . '</li>';
}
echo '</ul>';
}else{
$pass = "UPDATE
users
SET
user_pass = '" . sha1(mysql_real_escape_string($_POST['password'])) . "'
WHERE
user_id = " . (int)$_SESSION['user_id'];
mysql_query($pass) OR die(mysql_error());
if(mysql_affected_rows() == 1) {
echo '<p class="success">' . $lang['password_changed'] . '!</p>';
}else{
echo '<p class="false">' . $lang['password_not_changed'] . '</p>';
}
}}}
?>
<?php require('style/layout/footer.php'); ?>