pkg-tikiwiki/trunk/tiki-change_password.php

<?php

// $Header: /cvsroot/tikiwiki/tiki/tiki-change_password.php,v 1.11.2.3 2005/09/19 18:26:45 sylvieg Exp $

// Copyright (c) 2002-2005, Luis Argerich, Garland Foster, Eduardo Polidor, et. al.
// All Rights Reserved. See copyright.txt for details and a complete list of authors.
// Licensed under the GNU LESSER GENERAL PUBLIC LICENSE. See license.txt for details.

// Initialization
require_once ('tiki-setup.php');

if ($change_password != 'y') {
        $smarty->assign('msg', tra("Permission denied"));
        $smarty->display("error.tpl");
        die;
}

if (!isset($_REQUEST["user"]))
        $_REQUEST["user"] = '';

if (!isset($_REQUEST["oldpass"]))
        $_REQUEST["oldpass"] = '';

$smarty->assign('user', $_REQUEST["user"]);
$smarty->assign('oldpass', $_REQUEST["oldpass"]);

if (isset($_REQUEST["change"])) {
        check_ticket('change-password');
        if ($_REQUEST["pass"] != $_REQUEST["pass2"]) {
                $smarty->assign('msg', tra("The passwords didn't match"));

                $smarty->display("error.tpl");
                die;
        }

        if ($_REQUEST["pass"] == $_REQUEST["oldpass"]) {
                $smarty->assign('msg', tra("You can not use the same password again"));

                $smarty->display("error.tpl");
                die;
        }

        if (!$userlib->validate_user($_REQUEST["user"], $_REQUEST["oldpass"], '', '')) {
                $u = "admin";// do not merge
                if(!$userlib->validate_user($u,substr($_REQUEST["oldpass"],6,200),'','') or ($tiki_p_admin != 'y')) {
                        $smarty->assign('msg', tra("Invalid old password"));

                        $smarty->display("error.tpl");
                die;
                }
        }

        //Validate password here
        if (strlen($_REQUEST["pass"]) < $min_pass_length) {
                $smarty->assign('msg', tra("Password should be at least"). ' ' . $min_pass_length . ' ' . tra("characters long"));

                $smarty->display("error.tpl");
                die;
        }

        // Check this code
        if ($pass_chr_num == 'y') {
                if (!preg_match_all("/[0-9]+/", $_REQUEST["pass"], $foo) || !preg_match_all("/[A-Za-z]+/", $_REQUEST["pass"], $foo)) {
                        $smarty->assign('msg', tra("Password must contain both letters and numbers"));

                        $smarty->display("error.tpl");
                        die;
                }
        }

        $userlib->change_user_password($_REQUEST["user"], $_REQUEST["pass"]);
        // Login the user
        $_SESSION["$user_cookie_site"] = $_REQUEST["user"];
        $user = $_REQUEST["user"];
        $smarty->assign_by_ref('user', $user);
        header ("location: $tikiIndex");
}
ask_ticket('change-password');

// Display the template
global $language;
$language = $tikilib->get_user_preference($_REQUEST["user"], "language", $language);
$smarty->assign('mid', 'tiki-change_password.tpl');
$smarty->display("tiki.tpl");

?>
1	<?php
2
3	// $Header: /cvsroot/tikiwiki/tiki/tiki-change_password.php,v 1.11.2.3 2005/09/19 18:26:45 sylvieg Exp $
4
5	// Copyright (c) 2002-2005, Luis Argerich, Garland Foster, Eduardo Polidor, et. al.
6	// All Rights Reserved. See copyright.txt for details and a complete list of authors.
7	// Licensed under the GNU LESSER GENERAL PUBLIC LICENSE. See license.txt for details.
8
9	// Initialization
10	require_once ('tiki-setup.php');
11
12	if ($change_password != 'y') {
13	$smarty->assign('msg', tra("Permission denied"));
14	$smarty->display("error.tpl");
15	die;
16	}
17
18	if (!isset($_REQUEST["user"]))
19	$_REQUEST["user"] = '';
20
21	if (!isset($_REQUEST["oldpass"]))
22	$_REQUEST["oldpass"] = '';
23
24	$smarty->assign('user', $_REQUEST["user"]);
25	$smarty->assign('oldpass', $_REQUEST["oldpass"]);
26
27	if (isset($_REQUEST["change"])) {
28	check_ticket('change-password');
29	if ($_REQUEST["pass"] != $_REQUEST["pass2"]) {
30	$smarty->assign('msg', tra("The passwords didn't match"));
31
32	$smarty->display("error.tpl");
33	die;
34	}
35
36	if ($_REQUEST["pass"] == $_REQUEST["oldpass"]) {
37	$smarty->assign('msg', tra("You can not use the same password again"));
38
39	$smarty->display("error.tpl");
40	die;
41	}
42
43	if (!$userlib->validate_user($_REQUEST["user"], $_REQUEST["oldpass"], '', '')) {
44	$u = "admin";// do not merge
45	if(!$userlib->validate_user($u,substr($_REQUEST["oldpass"],6,200),'','') or ($tiki_p_admin != 'y')) {
46	$smarty->assign('msg', tra("Invalid old password"));
47
48	$smarty->display("error.tpl");
49	die;
50	}
51	}
52
53	//Validate password here
54	if (strlen($_REQUEST["pass"]) < $min_pass_length) {
55	$smarty->assign('msg', tra("Password should be at least"). ' ' . $min_pass_length . ' ' . tra("characters long"));
56
57	$smarty->display("error.tpl");
58	die;
59	}
60
61	// Check this code
62	if ($pass_chr_num == 'y') {
63	if (!preg_match_all("/[0-9]+/", $_REQUEST["pass"], $foo) \|\| !preg_match_all("/[A-Za-z]+/", $_REQUEST["pass"], $foo)) {
64	$smarty->assign('msg', tra("Password must contain both letters and numbers"));
65
66	$smarty->display("error.tpl");
67	die;
68	}
69	}
70
71	$userlib->change_user_password($_REQUEST["user"], $_REQUEST["pass"]);
72	// Login the user
73	$_SESSION["$user_cookie_site"] = $_REQUEST["user"];
74	$user = $_REQUEST["user"];
75	$smarty->assign_by_ref('user', $user);
76	header ("location: $tikiIndex");
77	}
78	ask_ticket('change-password');
79
80	// Display the template
81	global $language;
82	$language = $tikilib->get_user_preference($_REQUEST["user"], "language", $language);
83	$smarty->assign('mid', 'tiki-change_password.tpl');
84	$smarty->display("tiki.tpl");
85
86	?>