Example #1
0
 } elseif (strlen($pass1) < $pass_length_min) {
     $msg = _('Password is not long enough. The minimum is ') . $pass_length_min . _(' characters');
 } elseif (strlen($pass1) > $pass_length_max) {
     $msg = _('Password is too long. The maximum is ') . $pass_length_max . _(' characters');
 } elseif (!Session::pass_check_complexity($pass1)) {
     $msg = _('Password is not complex enough');
 } elseif (count($recent_pass) > 0 && (in_array(md5($pass1), $recent_pass) || in_array(hash('sha256', $pass1), $recent_pass))) {
     $msg = _('This password is recently used. Try another');
 } elseif (count($user_list = Session::get_list($conn, "WHERE login = '******' and pass = '******'")) > 0) {
     $msg = _('You must change your old password');
 } else {
     $_SESSION['_user'] = $_SESSION['_backup_user'];
     unset($_SESSION['_backup_user']);
     $res = Session::change_pass($conn, $user, $pass1, $current_pass);
     if ($res > 0) {
         Session::disable_first_login($conn, $user);
         //Relogin user
         $session = new Session($user, $pass1, '');
         $is_disabled = $session->is_user_disabled();
         $login_return = FALSE;
         if ($is_disabled == FALSE) {
             $login_return = $session->login();
         }
         if ($login_return != TRUE) {
             unset($_SESSION);
             // destroy session to force relogin
             session_destroy();
         }
         header("location:../index.php");
     } else {
         $msg = _('Current password does not match');