forked from science-ation/science-ation
Update the password change page
This commit is contained in:
dave
parent
2a4b64588d
commit
c3f2e0c589
@ -24,47 +24,27 @@
|
||||
?>
|
||||
<?
|
||||
require_once("common.inc.php");
|
||||
require_once("user.inc.php");
|
||||
|
||||
require_once("account.inc.php");
|
||||
|
||||
$type = false;
|
||||
if(isset($_SESSION['users_type'])) {
|
||||
$type = $_SESSION['users_type'];
|
||||
} else {
|
||||
/* Make sure the user is logged in (accounts_id is set) */
|
||||
if(!isset($_SESSION['accounts_id'])) {
|
||||
message_push(error(i18n("You must login to view that page")));
|
||||
header("location: {$config['SFIABDIRECTORY']}/index.php");
|
||||
exit;
|
||||
}
|
||||
|
||||
/* Make sure the user is logged in, but don't check passwd expiry */
|
||||
if(!isset($_SESSION['users_type'])) {
|
||||
message_push(error(i18n("You must login to view that page")));
|
||||
header("location: {$config['SFIABDIRECTORY']}/user_login.php?type=$type");
|
||||
exit;
|
||||
}
|
||||
|
||||
if($_SESSION['users_type'] != $type) {
|
||||
message_push(error(i18n("You must login to view that page")));
|
||||
header("location: {$config['SFIABDIRECTORY']}/user_login.php?type=$type");
|
||||
exit;
|
||||
}
|
||||
|
||||
|
||||
if(array_key_exists('request_uri', $_SESSION))
|
||||
$back_link = $_SESSION['request_uri'];
|
||||
else
|
||||
$back_link = "{$type}_main.php";
|
||||
$back_link = "user_main.php";
|
||||
unset($_SESSION['request_uri']);
|
||||
|
||||
$password_expiry_days = $config["{$type}_password_expiry_days"];
|
||||
|
||||
|
||||
if($_POST['action']=="save")
|
||||
{
|
||||
if($_POST['action']=="save") {
|
||||
$pass = mysql_escape_string($_POST['pass1']);
|
||||
//first, lets see if they choosed the same password again (bad bad bad)
|
||||
$q=mysql_query("SELECT password FROM users WHERE
|
||||
id='{$_SESSION['users_id']}'
|
||||
//first, lets see if they choose the same password again (bad bad bad)
|
||||
$q=mysql_query("SELECT password FROM accounts WHERE
|
||||
id='{$_SESSION['accounts_id']}'
|
||||
AND password='$pass'");
|
||||
|
||||
if(mysql_num_rows($q))
|
||||
@ -73,10 +53,10 @@
|
||||
message_push(error(i18n("New Password is required")));
|
||||
else if($_POST['pass1'] != $_POST['pass2'])
|
||||
message_push(error(i18n("Passwords do not match")));
|
||||
else if(user_valid_password($_POST['pass1']) == false)
|
||||
else if(account_valid_password($_POST['pass1']) == false)
|
||||
message_push(error(i18n("The password contains invalid characters or is not long enough")));
|
||||
else {
|
||||
user_set_password($_SESSION['users_id'], $pass);
|
||||
account_set_password($_SESSION['accounts_id'], $pass);
|
||||
unset($_SESSION['password_expired']);
|
||||
|
||||
message_push(happy(i18n('Your password has been successfully updated')));
|
||||
@ -85,8 +65,8 @@
|
||||
}
|
||||
}
|
||||
|
||||
send_header("{$user_what[$type]} - Change Password",
|
||||
array("{$user_what[$type]} Registration" => "{$type}_main.php")
|
||||
send_header("Change Password",
|
||||
array("Main" => "user_main.php")
|
||||
,"change_password"
|
||||
);
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user