Example #1
0
function register_valid()
{
    global $Language;
    if (!isset($GLOBALS['Update'])) {
        return 0;
    }
    if (!isset($GLOBALS['user_id'])) {
        $GLOBALS['Response']->addFeedback('error', $Language->getText('admin_user_changepw', 'error_userid'));
        return 0;
    }
    if (!isset($GLOBALS['form_pw'])) {
        $GLOBALS['Response']->addFeedback('error', $Language->getText('admin_user_changepw', 'error_nopasswd'));
        return 0;
    }
    if ($GLOBALS['form_pw'] != $GLOBALS['form_pw2']) {
        $GLOBALS['Response']->addFeedback('error', $Language->getText('admin_user_changepw', 'error_passwd'));
        return 0;
    }
    if (!account_pwvalid($GLOBALS['form_pw'], $errors)) {
        foreach ($errors as $e) {
            $GLOBALS['Response']->addFeedback('error', $e);
        }
        return 0;
    }
    // if we got this far, it must be good
    if (!account_set_password($GLOBALS['user_id'], $GLOBALS['form_pw'])) {
        $GLOBALS['register_error'] = $Language->getText('admin_user_changepw', 'error_update');
        return 0;
    }
    return 1;
}
Example #2
0
function register_valid($user_id)
{
    $request =& HTTPRequest::instance();
    if (!$request->isPost() || !$request->exist('Update')) {
        return 0;
    }
    // check against old pw
    $res = db_query("SELECT user_pw, status FROM user WHERE status IN ('A', 'R') AND user_id=" . db_ei($user_id));
    if (!$res || db_numrows($res) != 1) {
        $GLOBALS['Response']->addFeedback('error', "Internal error: Cannot locate user in database.");
        return 0;
    }
    $row_pw = db_fetch_array();
    if ($row_pw['user_pw'] != md5($request->get('form_oldpw'))) {
        $GLOBALS['Response']->addFeedback('error', "Old password is incorrect.");
        return 0;
    }
    if ($row_pw['status'] != 'A' && $row_pw['status'] != 'R') {
        $GLOBALS['Response']->addFeedback('error', "Account must be active to change password.");
        return 0;
    }
    if (!$request->exist('form_pw')) {
        $GLOBALS['Response']->addFeedback('error', "You must supply a password.");
        return 0;
    }
    if ($request->get('form_pw') != $request->get('form_pw2')) {
        $GLOBALS['Response']->addFeedback('error', "Passwords do not match.");
        return 0;
    }
    if (!account_pwvalid($request->get('form_pw'), $errors)) {
        foreach ($errors as $e) {
            $GLOBALS['Response']->addFeedback('error', $e);
        }
        return 0;
    }
    // if we got this far, it must be good
    if (!account_set_password($user_id, $request->get('form_pw'))) {
        $GLOBALS['Response']->addFeedback('error', "Internal error: Could not update password.");
        return 0;
    }
    return 1;
}