source: trunk/services/password.php @ 1

<?php
/**
 * passwd.php 
 * Code by Strangecode :: www.strangecode.com :: This document contains copyrighted information
 */

// require_once dirname(__FILE__) . '/_config.inc.php';

$auth->requireLogin();

require_once 'codebase/lib/FormValidator.inc.php';

/******************************************************************************
 * CODE CONFIG
 *****************************************************************************/
    
// Titles and navigation header.
$nav->addPage(_("Change password"));

// The object to validate form input from the user.
$fv = new FormValidator();

/******************************************************************************
 * MAIN
 *****************************************************************************/

if (getFormData('boomerang', false)) {
    // We remember which page we came from so we can go back there.
    App::setBoomerangURL($_SERVER['HTTP_REFERER'], 'admin_passwd');
}
App::sslOn();

switch (getFormData('op')) {
case 'update_password' :

    // Get the form variables.
    $frm = getFormData();

    // Validate the posted data.
//  $fv->isEmpty('oldpassword', _("You did not specify the <strong>old password</strong>."));
    $fv->checkRegex('oldpassword', '/^[[:alnum:][:punct:]]{0,128}$/i', true, _("The <strong>Old password</strong> specified is not valid."));
    if (!$fv->isEmpty('newpassword', _("You did not specify the <strong>New password</strong>."))) {
        $fv->checkRegex('newpassword', '/^[[:alnum:][:punct:]]{6,128}$/i', true, _("The <strong>New password</strong> specified is not valid. A password must be 6 or more characters."));
        if ($frm['newpassword'] != $frm['newpassword2'] && !$fv->isEmpty('newpassword2', _("You need to type the <strong>New password</strong> twice."))) {
            $fv->addError('newpassword', _("The <strong>New passwords</strong> do not match."));
            $fv->addError('newpassword2');
        }
    }
    
    if (!$fv->anyErrors() && false === $auth->authenticate($auth->getVal('username'), $frm['oldpassword'])) {
        $fv->addError('oldpassword', _("Your <strong>Old password</strong> failed authentication."));
        App::logMsg(sprintf(_("Password change failed for %s, using (md5ed) password: %s"), $auth->getVal('username'), md5($frm['oldpassword'])), LOG_NOTICE, __FILE__, __LINE__);
    }

    if (!$fv->anyErrors()) {
        $auth->setPassword(null, $frm['newpassword']);
        App::logMsg(sprintf(_("Password change successful for %s"), $auth->getVal('username')), LOG_INFO, __FILE__, __LINE__);
        App::raiseMsg(sprintf(_("Password change successful for %s"), $auth->getVal('username')), MSG_SUCCESS, __FILE__, __LINE__);
        App::dieBoomerangURL('admin_passwd');
    }
    break;
}

// Templates.
include 'header.ihtml';
include 'codebase/services/templates/passwd.ihtml';
include 'footer.ihtml';

?>