forked from science-ation/science-ation
139 lines
3.9 KiB
PHP
139 lines
3.9 KiB
PHP
|
<?
|
||
|
/*
|
||
|
This file is part of the 'Science Fair In A Box' project
|
||
|
SFIAB Website: http://www.sfiab.ca
|
||
|
|
||
|
Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
|
||
|
Copyright (C) 2005 James Grant <james@lightbox.org>
|
||
|
Copyright (C) 2007 David Grant <dave@lightbox.org>
|
||
|
|
||
|
This program is free software; you can redistribute it and/or
|
||
|
modify it under the terms of the GNU General Public
|
||
|
License as published by the Free Software Foundation, version 2.
|
||
|
|
||
|
This program is distributed in the hope that it will be useful,
|
||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||
|
General Public License for more details.
|
||
|
|
||
|
You should have received a copy of the GNU General Public License
|
||
|
along with this program; see the file COPYING. If not, write to
|
||
|
the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
|
||
|
Boston, MA 02111-1307, USA.
|
||
|
*/
|
||
|
?>
|
||
|
<?
|
||
|
require_once("common.inc.php");
|
||
|
require_once("user.inc.php");
|
||
|
|
||
|
|
||
|
$type = false;
|
||
|
if(isset($_SESSION['users_type'])) {
|
||
|
$type = $_SESSION['users_type'];
|
||
|
} else {
|
||
|
header("location: index.php");
|
||
|
exit;
|
||
|
}
|
||
|
|
||
|
/* Make sure the user is logged in, but don't check passwd expiry */
|
||
|
user_auth_required($type, false);
|
||
|
|
||
|
$notice=$_GET['notice'];
|
||
|
|
||
|
switch($type) {
|
||
|
case 'volunteer':
|
||
|
$what = "Volunteer";
|
||
|
break;
|
||
|
case 'committee':
|
||
|
$what = "Committee Member";
|
||
|
break;
|
||
|
case 'judge':
|
||
|
$what = "Judge";
|
||
|
break;
|
||
|
case 'student':
|
||
|
$what = "Participant";
|
||
|
break;
|
||
|
default:
|
||
|
exit;
|
||
|
}
|
||
|
|
||
|
$back_link = "{$type}_main.php";
|
||
|
$password_expiry_days = $config["{$type}_password_expiry_days"];
|
||
|
|
||
|
|
||
|
if($_POST['action']=="save")
|
||
|
{
|
||
|
//first, lets see if they choosed the same password again (bad bad bad)
|
||
|
$q=mysql_query("SELECT password FROM users WHERE id='".$_SESSION['users_id']."' AND password='".$_POST['pass1']."'");
|
||
|
|
||
|
if(mysql_num_rows($q)) $notice = 'same';
|
||
|
else if(!$_POST['pass1']) $notice = 'passwordrequired';
|
||
|
else if($_POST['pass1'] != $_POST['pass2']) $notice = 'nomatch';
|
||
|
else if(user_valid_password($_POST['pass1']) == false) $notice = 'invalidchars';
|
||
|
else
|
||
|
{
|
||
|
if($password_expiry_days > 0)
|
||
|
$ex="passwordexpiry=DATE_ADD(CURDATE(),INTERVAL $password_expiry_days DAY)";
|
||
|
else
|
||
|
$ex="passwordexpiry=NULL";
|
||
|
|
||
|
mysql_query("UPDATE users SET password='".$_POST['pass1']."', $ex WHERE id='".$_SESSION['users_id']."' AND email='".$_SESSION['email']."'");
|
||
|
if($_SESSION['password_expired'])
|
||
|
{
|
||
|
unset($_SESSION['password_expired']);
|
||
|
header("location: $back_link?notice=password_changed");
|
||
|
exit;
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
|
||
|
send_header("$what - Change Password");
|
||
|
|
||
|
if($_SESSION['password_expired'] == true)
|
||
|
{
|
||
|
echo i18n('Your password has expired. You must choose a new password now.');
|
||
|
}
|
||
|
|
||
|
switch($notice) {
|
||
|
case 'same':
|
||
|
echo error(i18n("You cannot choose the same password again. Please choose a different password"));
|
||
|
break;
|
||
|
case 'passwordrequired':
|
||
|
echo error(i18n("New Password is required"));
|
||
|
break;
|
||
|
case 'nomatch':
|
||
|
echo error(i18n("Passwords do not match"));
|
||
|
break;
|
||
|
case 'invalidchars':
|
||
|
echo error(i18n("The password contains invalid characters or is not long enough"));
|
||
|
|
||
|
default:
|
||
|
}
|
||
|
|
||
|
echo "<form name=\"changepassform\" method=\"post\" action=\"user_password.php\">\n";
|
||
|
echo "<input type=\"hidden\" name=\"action\" value=\"save\" />\n";
|
||
|
echo "<table>\n";
|
||
|
|
||
|
echo "<br />";
|
||
|
echo "<table>";
|
||
|
echo "<tr><td>";
|
||
|
echo i18n("Enter New Password:");
|
||
|
echo "</td><td>";
|
||
|
echo "<input type=\"password\" size=\"10\" name=\"pass1\">";
|
||
|
echo "</td></tr>";
|
||
|
echo "<tr><td>";
|
||
|
echo i18n("Confirm New Password:");
|
||
|
echo "</td><td>";
|
||
|
echo "<input type=\"password\" size=\"10\" name=\"pass2\">";
|
||
|
echo "</td></tr>";
|
||
|
|
||
|
echo "</table>";
|
||
|
echo "<input type=\"submit\" value=\"".i18n("Change Password")."\" />\n";
|
||
|
echo "</form>";
|
||
|
echo "<br />";
|
||
|
echo "<div style=\"font-size: 0.75em;\">".i18n('Passwords must be be between 6 and 32 characters, and may NOT contain any quote or a backslash.')."</div>";
|
||
|
|
||
|
|
||
|
send_footer();
|
||
|
?>
|