$msg = _("Password is long enought. The minimum is ") . $pass_length_min . _(" characters.");
} elseif (strlen($pass1) > $pass_length_max) {
$msg = _("Password is too long. The maximum is ") . $pass_length_max . _(" characters.");
} elseif (!Session::pass_check_complexity($pass1)) {
$msg = _("Password is not complex enought.");
} elseif (count($recent_pass) > 0 && in_array(md5($pass1), $recent_pass)) {
$msg = _("This password is recently used. Try another.");
} elseif (count($user_list = Session::get_list($conn, "WHERE login = '******' and pass = '******'")) > 0) {
$msg = _("You must change your old password.");
} else {
$_SESSION['_user'] = $_SESSION['_backup_user'];
unset($_SESSION['_backup_user']);
if (preg_match("/pro|demo/", $conf->get_conf("ossim_server_version", FALSE))) {
$res = Acl::changepass($conn, $user, $pass1, $current_pass);
} else {
$res = Session::changepass($conn, $user, $pass1, $current_pass);
}
if ($res > 0) {
if (preg_match("/pro|demo/", $conf->get_conf("ossim_server_version", FALSE))) {
Acl::changefirst($conn, $user);
} else {
Session::changefirst($conn, $user);
}
header("location:../index.php");
} else {
$msg = "Current password does not match";
}
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
$error = new OssimError();
$error->display("BAD_OLD_PASSWORD");
}
/* check passwords */
if (0 != strcmp($pass1, $pass2)) {
require_once "ossim_error.inc";
$error = new OssimError();
$error->display("PASSWORDS_MISMATCH");
}
/* only the user himself or the admin can change passwords */
if (POST('user') != $_SESSION["_user"] && !Session::am_i_admin()) {
die(ossim_error(_("To change the password for other user is not allowed")));
}
/* check OK, insert into DB */
if (POST('update')) {
Session::changepass($conn, $user, $pass1);
?>
<p> <?php
echo gettext("User succesfully updated");
?>
</p>
<?php
$location = "users.php";
sleep(2);
echo "<script>\n///history.go(-1);\nwindow.location='{$location}';\n</script>\n";
?>
<?php
}
$db->close($conn);
?>
require_once "ossim_error.inc";
$error = new OssimError();
$error->display("PASSWORD_RECENT");
}
/* check for old password if not actual user or admin */
/*
if ((($_SESSION["_user"] != $user) && $_SESSION["_user"] != ACL_DEFAULT_OSSIM_ADMIN) && !is_array($user_list = Session::get_list($conn, "WHERE login = '******' and pass = '******'"))) {
require_once ("ossim_error.inc");
$error = new OssimError();
$error->display("BAD_OLD_PASSWORD");
}*/
/* only the user himself or the admin can change passwords */
if (POST('user') != $_SESSION["_user"] && !Session::am_i_admin()) {
die(ossim_error(_("To change the password for other user is not allowed")));
}
Session::changepass($conn, $user, $pass1, $oldpass);
Session::log_pass_history($user, md5($pass1));
if (method_exists('Session_activity', 'expire_my_others_sessions')) {
Session_activity::expire_my_others_sessions($conn, $user);
}
}
$db->close($conn);
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<title> <?php
echo gettext("OSSIM Framework");
?>
</title>
