[mirrors/Kyberia-bloodline.git] / wwwroot / inc / eventz / set_password.inc

<?php

function set_password() {
	global $db,$error,$error_messages;
	$old_password=$_POST['old_password'];
	$new_password1=$_POST['new_password1'];
	$new_password2=$_POST['new_password2'];

	if ($new_password1!=$new_password2) {
		$error=$error_messages['NEW_PASSWORD_MISMATCH'];
		return false;
	}
	$user_id=$_SESSION['user_id'];
	$login=$_SESSION['user_name'];
	if (!$user_id) {
		return false;
	}

	//old password check

        $q="select * from users where login='$login'";
        $set=$db->query($q);
        $set->next();
        if ($set->getString('password')!=md5($old_password)) {
                $error="bad password";
		return false;
	}

	//changing in LDAP
        require(INCLUDE_DIR.'ldap.inc');
	LDAPuser::change_pass_forced($user_id,$new_password1);

	//changing in MySQL
	$password=md5($new_password1);
	$db->query("update users set password='$password' where user_id='$user_id'");
}

?>
Commit	Line	Data
51ff3226	1	<?php
	2
	3	function set_password() {
	4	global $db,$error,$error_messages;
	5	$old_password=$_POST['old_password'];
	6	$new_password1=$_POST['new_password1'];
	7	$new_password2=$_POST['new_password2'];
	8
	9	if ($new_password1!=$new_password2) {
	10	$error=$error_messages['NEW_PASSWORD_MISMATCH'];
	11	return false;
	12	}
	13	$user_id=$_SESSION['user_id'];
	14	$login=$_SESSION['user_name'];
	15	if (!$user_id) {
	16	return false;
	17	}
	18
	19	//old password check
	20
	21	$q="select * from users where login='$login'";
	22	$set=$db->query($q);
	23	$set->next();
	24	if ($set->getString('password')!=md5($old_password)) {
	25	$error="bad password";
	26	return false;
	27	}
	28
	29	//changing in LDAP
e909f81b	30	require(INCLUDE_DIR.'ldap.inc');
51ff3226	31	LDAPuser::change_pass_forced($user_id,$new_password1);
	32
	33	//changing in MySQL
	34	$password=md5($new_password1);
	35	$db->query("update users set password='$password' where user_id='$user_id'");
	36	}
	37
	38	?>