Commit | Line | Data |
---|---|---|
e586807d | 1 | <?php |
e586807d H |
2 | |
3 | function set_password() { | |
4 | global $db,$error,$error_messages; | |
5 | $old_password=$_POST['old_password']; | |
6 | $new_password1=$_POST['new_password1']; | |
7 | $new_password2=$_POST['new_password2']; | |
8 | ||
9 | if ($new_password1!=$new_password2) { | |
10 | $error=$error_messages['NEW_PASSWORD_MISMATCH']; | |
11 | return false; | |
12 | } | |
13 | $user_id=$_SESSION['user_id']; | |
14 | $login=$_SESSION['user_name']; | |
15 | if (!$user_id) { | |
16 | return false; | |
17 | } | |
18 | ||
19 | //old password check | |
20 | ||
21 | $q="select * from users where login='$login'"; | |
22 | $set=$db->query($q); | |
23 | $set->next(); | |
24 | if ($set->getString('password')!=md5($old_password)) { | |
25 | $error="bad password"; | |
26 | return false; | |
27 | } | |
28 | ||
29 | //changing in LDAP | |
30 | require(SYSTEM_ROOT.'/inc/ldap.inc'); | |
b42b2bf9 | 31 | LDAPuser::change_pass_forced($user_id,$new_password1); |
e586807d H |
32 | |
33 | //changing in MySQL | |
34 | $password=md5($new_password1); | |
35 | $db->query("update users set password='$password' where user_id='$user_id'"); | |
36 | } | |
37 | ||
38 | ?> |