******************************************************************************/
$smarty->assign('email', $_SESSION['email']);
if (isset($_POST['u_submit'])) {
if (!isset($_POST['new_passwd1']) || empty($_POST['new_passwd1']) || !isset($_POST['new_passwd2']) || empty($_POST['new_passwd2'])) {
$smarty->assign('error_msg', 'y');
$smarty->assign('if_error_password_empty', 'y');
} else {
if (check_passwd_length($_POST['new_passwd2']) == false) {
$smarty->assign('error_msg', 'y');
$smarty->assign('if_error_password_long', 'y');
} else {
if ($_POST['new_passwd1'] != $_POST['new_passwd2']) {
$smarty->assign('error_msg', 'y');
$smarty->assign('if_new_passwd_not_same', 'y');
} else {
if (decrypt_passwd($_SESSION['cpasswd']) != $_POST['old_passwd']) {
$smarty->assign('error_msg', 'y');
$smarty->assign('if_error_password_old_wrong', 'y');
} else {
if ($config['cleartext_passwd'] == 1) {
$cleartext = $_POST['new_passwd1'];
} else {
$cleartext = "";
}
$sql = sprintf("UPDATE users SET passwd='%s',cpasswd='%s' WHERE id='%d'", $db->escapeSimple($cleartext), $db->escapeSimple(crypt($_POST['new_passwd1'])), $db->escapeSimple($_SESSION['uid']));
$res =& $db->query($sql);
$smarty->assign('passwd_changed', 'y');
$smarty->assign('success_msg', 'y');
$smarty->assign('if_password_changed', 'y');
$_SESSION['cpasswd'] = encrypt_passwd($_POST['new_passwd1']);
}
<?php
/******************************************************************************
* Copyright (C) 2006 Jonas Genannt <*****@*****.**>
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
******************************************************************************/
if ($_SESSION['p_mailfilter'] != 1) {
header("Location: index.php");
exit;
}
//get IMAP Folders
$folders = list_imap_folders($config['imap_server'], $_SESSION['email'], decrypt_passwd($_SESSION['cpasswd']), 0);
if ($folders == false) {
$smarty->assign('imap_folder_exits', 0);
} else {
$smarty->assign('imap_folder_exits', 1);
$smarty->assign('available_folders', $folders);
}
if ($result->numRows() == 1) {
$daten = $result->fetchrow(DB_FETCHMODE_ASSOC);
if (check_password($daten['cpasswd'], decrypt_passwd($_SESSION['cpasswd'])) == 1) {
} else {
$no_login = 1;
}
} else {
$no_login = 1;
}
} else {
if (isset($_SESSION['email']) && isset($_SESSION['cpasswd'])) {
$sql = sprintf("SELECT cpasswd FROM users WHERE email='%s' AND access='1'", $db->escapeSimple($_SESSION['email']));
$result =& $db->query($sql);
if ($result->numRows() == 1) {
$daten = $result->fetchrow(DB_FETCHMODE_ASSOC);
if (check_password($daten['cpasswd'], decrypt_passwd($_SESSION['cpasswd'])) == 1) {
} else {
$no_login = 1;
}
} else {
$no_login = 1;
}
} else {
$no_login = 1;
}
}
$smarty->assign('if_login', false);
if ($no_login == 1) {
//$smarty->display('login.tpl');
$smarty->assign('if_login', 'y');
$smarty->assign('template', 'login.tpl');