requireLogin(); require_once 'codebase/lib/FormValidator.inc.php'; /****************************************************************************** * CODE CONFIG *****************************************************************************/ // Titles and navigation header. $nav->addPage(_("Change password")); // The object to validate form input from the user. $fv = new FormValidator(); /****************************************************************************** * MAIN *****************************************************************************/ if (getFormData('boomerang', false) && isset($_SERVER['HTTP_REFERER'])) { // We remember which page we came from so we can go back there. App::setBoomerangURL($_SERVER['HTTP_REFERER'], 'admin_password'); } App::sslOn(); switch (getFormData('op')) { case 'update_password' : // Get the form variables. $frm = getFormData(); // Validate the posted data. // $fv->isEmpty('oldpassword', _("You did not specify the old password.")); $fv->checkRegex('oldpassword', '/^[[:alnum:][:punct:]]{0,128}$/i', true, _("The Old password specified is not valid.")); if (!$fv->isEmpty('newpassword', _("You did not specify the New password."))) { $fv->checkRegex('newpassword', '/^[[:alnum:][:punct:]]{6,128}$/i', true, _("The New password specified is not valid. A password must be 6 or more characters.")); if ($frm['newpassword'] != $frm['newpassword2'] && !$fv->isEmpty('newpassword2', _("You need to type the New password twice."))) { $fv->addError('newpassword', _("The New passwords do not match.")); $fv->addError('newpassword2'); } } if (!$fv->anyErrors() && false === $auth->authenticate($auth->getVal('username'), $frm['oldpassword'])) { $fv->addError('oldpassword', _("Your Old password failed authentication.")); App::logMsg(sprintf(_("Password change failed for %s, using (md5ed) password: %s"), $auth->getVal('username'), md5($frm['oldpassword'])), LOG_NOTICE, __FILE__, __LINE__); } if (!$fv->anyErrors()) { $auth->setPassword(null, $frm['newpassword']); App::logMsg(sprintf(_("Password change successful for %s"), $auth->getVal('username')), LOG_INFO, __FILE__, __LINE__); App::raiseMsg(sprintf(_("Password change successful for %s"), $auth->getVal('username')), MSG_SUCCESS, __FILE__, __LINE__); App::dieBoomerangURL('admin_password'); } break; } // Templates. include 'header.ihtml'; include 'codebase/services/templates/password.ihtml'; include 'footer.ihtml'; ?>