assign ('SESSID_USERNAME', $SESSID_USERNAME); $smarty->assign ('smarty_template', 'password'); if ($_SERVER['REQUEST_METHOD'] == "GET") { $smarty->display ('index.tpl'); } if ($_SERVER['REQUEST_METHOD'] == "POST") { if (isset ($_POST['fPassword_current'])) $fPassword_current = escape_string ($_POST['fPassword_current']); if (isset ($_POST['fPassword'])) $fPassword = escape_string ($_POST['fPassword']); if (isset ($_POST['fPassword2'])) $fPassword2 = escape_string ($_POST['fPassword2']); $username = $SESSID_USERNAME; $result = db_query ("SELECT * FROM $table_admin WHERE username='$username'"); if ($result['rows'] == 1) { $row = db_array ($result['result']); $checked_password = pacrypt ($fPassword_current, $row['password']); $result = db_query ("SELECT * FROM $table_admin WHERE username='$username' AND password='$checked_password'"); if ($result['rows'] != 1) { $error = 1; $pPassword_password_current_text = $PALANG['pPassword_password_current_text_error']; } } else { $error = 1; $pPassword_email_text = $PALANG['pPassword_email_text_error']; } if (empty ($fPassword) or ($fPassword != $fPassword2)) { $error = 1; $pPassword_password_text = $PALANG['pPassword_password_text_error']; } if ($error != 1) { $password = pacrypt ($fPassword); $result = db_query ("UPDATE $table_admin SET password='$password',modified=NOW() WHERE username='$username'"); if ($result['rows'] == 1) { $tMessage = $PALANG['pPassword_result_success']; } else { $tMessage = $PALANG['pPassword_result_error']; } } $smarty->assign ('pPassword_password_current_text', $pPassword_password_current_text); $smarty->assign ('pPassword_password_text', $pPassword_password_text); $smarty->assign ('tMessage', $tMessage,false); $smarty->display ('index.tpl'); } /* vim: set expandtab softtabstop=4 tabstop=4 shiftwidth=4: */ ?>