} // uname $_uname = isset($_COOKIE['uname']) ? trim($_COOKIE['uname']) : ''; // update password if (isset($_POST['updatePassword'])) { $cpasswd = trim($_POST['currentPasswd']); $passwd = trim($_POST['newPasswd']); $passwd2 = trim($_POST['newPasswd2']); if (empty($cpasswd)) { utility::jsAlert(__('Current password can not be empty!')); } else { if ($passwd and $passwd2 and $passwd !== $passwd2) { utility::jsAlert(__('Password confirmation does not match. See if your Caps Lock key is on!')); } else { $logon = new admin_logon($_uname, $cpasswd); if ($logon->changePasswd($dbs, $passwd2)) { // write log utility::writeLogs($dbs, 'staff', $_uname, 'Login', 'Change password SUCCESS for user ' . $_uname . ' from address ' . $_SERVER['REMOTE_ADDR']); // clear cookie setcookie('token', '', time() - 3600, SWB); setcookie('uname', '', time() - 3600, SWB); echo '<script type="text/javascript">'; echo 'alert("Password Updated. Please log in again!");'; echo 'location.href = \'index.php?p=login\';'; echo '</script>'; exit; } else { // write log utility::writeLogs($dbs, 'staff', $_uname, 'Login', 'Change password FAILED for user ' . $_uname . ' from address ' . $_SERVER['REMOTE_ADDR']); utility::jsAlert($logon->errors); }