You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
postfixadmin/users/password.php

93 lines
2.5 KiB
PHP

<?php
//
// Postfix Admin
// by Mischa Peters <mischa at high5 dot net>
// Copyright (c) 2002 - 2005 High5!
// Licensed under GPL for more info check GPL-LICENSE.TXT
//
// File: password.php
//
// Template File: users_password.tpl
//
// Template Variables:
//
// tMessage
//
// Form POST \ GET Variables:
//
// fPassword_current
// fPassword
// fPassword2
//
require_once('../common.php');
authentication_require_role('user');
$USERID_USERNAME = authentication_get_username();
$tmp = preg_split ('/@/', $USERID_USERNAME);
$USERID_DOMAIN = $tmp[1];
if ($_SERVER['REQUEST_METHOD'] == "GET")
{
include ("../templates/header.tpl");
include ("../templates/users_menu.tpl");
include ("../templates/users_password.tpl");
include ("../templates/footer.tpl");
}
if ($_SERVER['REQUEST_METHOD'] == "POST")
{
$fPassword_current = escape_string ($_POST['fPassword_current']);
$fPassword = escape_string ($_POST['fPassword']);
$fPassword2 = escape_string ($_POST['fPassword2']);
$username = $USERID_USERNAME;
$result = db_query ("SELECT * FROM $table_mailbox WHERE username='$username'");
if ($result['rows'] == 1)
{
$row = db_array ($result['result']);
$checked_password = pacrypt ($fPassword_current, $row['password']);
$result = db_query ("SELECT * FROM $table_mailbox WHERE username='$username' AND password='$checked_password'");
if ($result['rows'] != 1)
{
$error = 1;
$pPassword_password_current_text = $PALANG['pPassword_password_current_text_error'];
}
}
else
{
$error = 1;
$pPassword_email_text = $PALANG['pPassword_email_text_error'];
}
if (empty ($fPassword) or ($fPassword != $fPassword2))
{
$error = 1;
$pPassword_password_text = $PALANG['pPassword_password_text_error'];
}
if ($error != 1)
{
$password = pacrypt ($fPassword);
$result = db_query ("UPDATE $table_mailbox SET password='$password',modified=NOW() WHERE username='$username'");
if ($result['rows'] == 1)
{
$tMessage = $PALANG['pPassword_result_success'];
db_log ($USERID_USERNAME, $USERID_DOMAIN, "change password", "$USERID_USERNAME");
}
else
{
$tMessage = $PALANG['pPassword_result_error'];
}
}
include ("../templates/header.tpl");
include ("../templates/users_menu.tpl");
include ("../templates/users_password.tpl");
include ("../templates/footer.tpl");
}
?>