fs_e('New password'); ?> </label></td> <td><input type='password' size='30' id='new_password' value='' /></td> </tr> <tr> <td><label for='new_password_verify'><?php fs_e('Verify new password'); ?> </label></td> <td><input type='password' size='30' id='new_password_verify' value='' /></td> </tr> <tr> <td colspan='2'> <button id='change_password' class='button' onclick='FS.changePassword(<?php echo fs_current_user_id(); ?> )'><?php fs_e('Change password'); ?> </button> </td> </tr> </table> <?php } } else { echo $instructions; ?> </div> <form action="<?php
function fs_change_password($id, $username, $password) { $fsdb =& fs_get_db_conn(); $users = fs_users_table(); $id = $fsdb->escape($id); $username = $fsdb->escape($username); $password = $fsdb->escape($password); $user = $fsdb->get_row("SELECT `id`,`username`,`email`,`security_level` FROM `{$users}` WHERE `username` = {$username} AND `id` = {$id}"); if ($user === false) { return fs_db_error(); } else { if ($user === null) { return "fs_change_password: Unknown user"; // not translated } else { $allowed = fs_is_admin() || $user->id == fs_current_user_id(); if (!$allowed) { return "Access denied: fs_change_password"; // not translated } else { $sql = "UPDATE `{$users}` set `password`=MD5({$password}) WHERE `username` = {$username} AND `id` = {$id}"; $r = $fsdb->query($sql); if ($r === false) { return fs_db_error(); } return true; } } } }
function fs_update_option($key, $value) { $uid = fs_current_user_id(); if ($uid === false) { echo "Unknown user when updating option {$key}"; return; } return fs_update_option_impl($uid, $key, $value); }