if (0 < $row['num_rows']) { $msg_error = $text['message-username_exists']; } } unset($sql); } if ($password != $password_confirm) { $msg_error = $text['message-password_mismatch']; } if ($msg_error != '') { $_SESSION["message"] = $msg_error; $_SESSION["message_mood"] = 'negative'; header("Location: usersupdate.php?id=" . $user_uuid); exit; } if (!check_password_strength($password, $text)) { header("Location: usersupdate.php?id=" . $user_uuid); exit; } //check to see if user language is set $sql = "select count(*) as num_rows from v_user_settings "; $sql .= "where user_setting_category = 'domain' "; $sql .= "and user_setting_subcategory = 'language' "; $sql .= "and user_uuid = '" . $user_uuid . "' "; $prep_statement = $db->prepare(check_sql($sql)); if ($prep_statement) { $prep_statement->execute(); $row = $prep_statement->fetch(PDO::FETCH_ASSOC); if ($row['num_rows'] == 0) { $user_setting_uuid = uuid(); $sql = "insert into v_user_settings ";
} } } } #============================================================================== # Check and register new passord #============================================================================== # Match new and confirm password if ($result === "") { if ($newpassword != $confirmpassword) { $result = "nomatch"; } } # Check password strength if ($result === "") { $result = check_password_strength($newpassword, $oldpassword, $pwd_policy_config); } # Change password if ($result === "") { $result = change_password($ldap, $userdn, $newpassword, $ad_mode, $ad_options, $samba_mode, $shadow_options, $hash); } #============================================================================== # HTML #============================================================================== ?> <div class="result <?php echo get_criticity($result); ?> "> <h2 class="<?php
* You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, * USA. * * $Id$ */ $id = $AUTH->id; if ($LMS->UserExists($id)) { if (isset($_POST['passwd'])) { $passwd = $_POST['passwd']; if ($passwd['passwd'] == '' || $passwd['confirm'] == '') { $error['password'] = trans('Empty passwords are not allowed!'); } elseif ($passwd['passwd'] != $passwd['confirm']) { $error['password'] = trans('Passwords does not match!'); } elseif (!check_password_strength($passwd['passwd'])) { $error['password'] = trans('The password should contain at least one capital letter, one lower case letter, one digit and should consist of at least 8 characters!'); } if (!$error) { $oldpasswd = $LMS->DB->GetOne('SELECT passwd FROM users WHERE id = ?', array($id)); list(, $alg, $salt) = explode('$', $oldpasswd); $newpasswd = crypt($passwd['passwd'], '$' . $alg . '$' . $salt . '$'); if ($newpasswd == $oldpasswd) { $error['password'] = $error['confirm'] = trans('New password is the same as old password!'); } if (!$error) { $LMS->SetUserPassword($id, $passwd['passwd']); $SESSION->save('session_passwdrequiredchange', FALSE); header('Location: ?' . $SESSION->get('backto')); } }
} elseif (!preg_match('/^[a-z0-9.-_]+$/i', $useradd['login'])) { $error['login'] = trans('Login contains forbidden characters!'); } elseif ($LMS->GetUserIDByLogin($useradd['login'])) { $error['login'] = trans('User with specified login exists or that login was used in the past!'); } if ($useradd['email'] != '' && !check_email($useradd['email'])) { $error['email'] = trans('E-mail isn\'t correct!'); } if ($useradd['name'] == '') { $error['name'] = trans('You have to enter first and lastname!'); } if ($useradd['password'] == '') { $error['password'] = trans('Empty passwords are not allowed!'); } elseif ($useradd['password'] != $useradd['confirm']) { $error['password'] = trans('Passwords does not match!'); } elseif (!check_password_strength($useradd['password'])) { $error['password'] = trans('The password should contain at least one capital letter, one lower case letter, one digit and should consist of at least 8 characters!'); } if ($useradd['accessfrom'] == '') { $accessfrom = 0; } elseif (preg_match('/^[0-9]{4}\\/[0-9]{2}\\/[0-9]{2}$/', $useradd['accessfrom'])) { list($y, $m, $d) = explode('/', $useradd['accessfrom']); if (checkdate($m, $d, $y)) { $accessfrom = mktime(0, 0, 0, $m, $d, $y); } else { $error['accessfrom'] = trans('Incorrect charging time!'); } } else { $error['accessfrom'] = trans('Incorrect charging time!'); } if ($useradd['accessto'] == '') {