requireLogin(); require_once 'codebase/lib/FormValidator.inc.php'; /****************************************************************************** * CODE CONFIG *****************************************************************************/ // Titles and navigation header. $nav->add(_("Change password")); // The object to validate form input from the user. $fv = new FormValidator(); /******************************************************************** * MAIN ********************************************************************/ if (getFormData('boomerang', false) && isset($_SERVER['HTTP_REFERER'])) { // We remember which page we came from so we can go back there. $app->setBoomerangURL($_SERVER['HTTP_REFERER'], 'admin_password'); } $app->sslOn(); switch (getFormData('op')) { case 'update_password' : // Get the form variables. $frm = getFormData(); // Validate the posted data. // $fv->isEmpty('oldpassword', _("You did not specify the old password.")); $fv->checkRegex('oldpassword', '/^[[:alnum:][:punct:]]{0,128}$/i', true, _("The Old password specified is not valid.")); if (!$fv->isEmpty('newpassword', _("You did not specify the New password."))) { $fv->checkRegex('newpassword', '/^[[:alnum:][:punct:]]{6,128}$/i', true, _("The New password specified is not valid. A password must be 6 or more characters.")); if ($frm['newpassword'] != $frm['newpassword2'] && !$fv->isEmpty('newpassword2', _("You need to type the New password twice."))) { $fv->addError('newpassword', _("The New passwords do not match.")); $fv->addError('newpassword2'); } } if (!$fv->anyErrors() && false === $auth->authenticate($auth->get('username'), $frm['oldpassword'])) { $fv->addError('oldpassword', _("Your Old password failed authentication.")); $app->logMsg(sprintf('Password change failed for %s, using (md5ed) password: %s', $auth->get('username'), md5($frm['oldpassword'])), LOG_NOTICE, __FILE__, __LINE__); } if (!$fv->anyErrors()) { $auth->setPassword(null, $frm['newpassword']); $app->logMsg(sprintf('Password change successful for %s', $auth->get('username')), LOG_INFO, __FILE__, __LINE__); $app->raiseMsg(sprintf(_("Password change successful for %s"), $auth->get('username')), MSG_SUCCESS, __FILE__, __LINE__); $app->dieBoomerangURL('admin_password'); } break; } // Templates. include 'header.ihtml'; include 'codebase/services/templates/password.ihtml'; include 'footer.ihtml'; ?>