egroupware/preferences/changepassword.php

108 lines
3.7 KiB
PHP
Raw Normal View History

2000-08-18 05:24:22 +02:00
<?php
/**************************************************************************\
* phpGroupWare - preferences *
* http://www.phpgroupware.org *
* Written by Joseph Engo <jengo@phpgroupware.org> *
* -------------------------------------------- *
* This program is free software; you can redistribute it and/or modify it *
* under the terms of the GNU General Public License as published by the *
* Free Software Foundation; either version 2 of the License, or (at your *
* option) any later version. *
\**************************************************************************/
/* $Id$ */
$phpgw_info["flags"] = array("noheader" => True, "nonavbar" => True);
2000-08-18 05:24:22 +02:00
$phpgw_info["flags"]["currentapp"] = "preferences";
2000-08-18 05:24:22 +02:00
include("../header.inc.php");
if (!$phpgw->acl->check("changepassword", 1)){
Header("Location: index.php");
exit;
}
if (! $submit) {
$phpgw->common->phpgw_header();
$phpgw->common->navbar();
2000-08-18 05:24:22 +02:00
?>
2000-09-05 04:45:44 +02:00
<form method="POST" acion="<?php echo $phpgw->link("changepassword.php"); ?>">
2000-08-18 05:24:22 +02:00
<table border="0">
<tr>
<td>
2000-09-07 23:35:30 +02:00
<?php echo lang("enter your new password"); ?>
2000-08-18 05:24:22 +02:00
</td>
<td>
<input type="password" name="n_passwd">
</td>
</tr>
<tr>
<td>
2000-09-07 23:35:30 +02:00
<?php echo lang("re-enter your password"); ?>
2000-08-18 05:24:22 +02:00
</td>
<td>
<input type="password" name="n_passwd_2">
</td>
</tr>
<tr>
<td colspan="2">
2000-09-07 23:35:30 +02:00
<input type="submit" name="submit" value="<?php echo lang("change"); ?>">
2000-08-18 05:24:22 +02:00
</td>
</tr>
</table>
</form>
<br>
<?php
if ($phpgw_info["server"]["auth_type"] != "ldap") {
echo "<pre>" . lang("note: This feature does *not* change your email password. This will "
. "need to be done manually.") . "</pre>";
}
$phpgw->common->phpgw_footer();
2000-08-18 05:24:22 +02:00
} else {
if ($n_passwd != $n_passwd_2)
2000-09-07 23:35:30 +02:00
$error = lang("the two passwords are not the same");
2000-08-18 05:24:22 +02:00
if (! $n_passwd)
2000-09-07 23:35:30 +02:00
$error = lang("you must enter a password");
2000-08-18 05:24:22 +02:00
if ($error) {
2000-09-27 04:04:01 +02:00
$phpgw->common->navbar();
2000-08-18 05:24:22 +02:00
echo "<p><br>$error</p>";
exit;
}
if ($phpgw_info["server"]["auth_type"] == "sql") {
$phpgw->db->query("update accounts set account_pwd='" . md5($n_passwd) . "' "
. "where account_lid='" . $phpgw_info["user"]["userid"] . "'");
}
if ($phpgw_info["server"]["auth_type"] == "ldap") {
$ldap = ldap_connect($phpgw_info["server"]["ldap_host"]);
if (! @ldap_bind($ldap, $phpgw_info["server"]["ldap_root_dn"], $phpgw_info["server"]["ldap_root_pw"])) {
echo "<p><b>Error binding to LDAP server. Check your config</b>";
exit;
}
$entry["userpassword"] = $phpgw->common->encrypt_password($n_passwd);
$entry["phpgw_lastpasswd_change"] = time();
$dn = $phpgw_info["user"]["account_dn"];
@ldap_modify($ldap, $dn, $entry);
}
2000-08-18 05:24:22 +02:00
// Since they are logged in, we need to change the password in sessions
// in case they decied to check there mail.
2000-11-25 22:34:19 +01:00
$phpgw->db->query("update phpgw_sessions set session_pwd='" . $phpgw->common->encrypt($n_passwd)
2000-12-11 04:58:43 +01:00
. "' where session_lid='" . $phpgw_info["user"]["userid"] . "'");
// Update there last password change
$phpgw->db->query("update accounts set account_lastpwd_change='" . time() . "' where account_id='"
2000-12-11 04:58:43 +01:00
. $phpgw_info["user"]["account_id"] . "'");
2000-08-18 05:24:22 +02:00
2000-12-11 04:58:43 +01:00
Header("Location: " . $phpgw->link($phpgw_info["server"]["webserver_url"] . "/preferences/","cd=18"));
2000-08-18 05:24:22 +02:00
}
2000-09-27 04:04:01 +02:00
?>