$password = $parms->getParm('password');
// check that password is correct
if (md5($password) != $user->getPassword()) {
passwordChg("Incorrect password");
}
// check password matches
if ($parms->getParm('newpassword') != $parms->getParm('repeatpassword')) {
passwordChg("Passwords do not match");
}
$newpassword = $parms->getParm('newpassword');
// set password in database
$kdb->setUserPassword($username, md5($newpassword));
// redirect to dashboard page - with message password changed
header("Location: dashboard.php?message=newpass");
} else {
passwordChg($user_messages, $username);
}
function passwordChg($message, $username)
{
include "inc/dashboardheaders.php";
print <<<EOT
{$header}\t
{$login_banner}
{$main_banner}
{$main_menu}
<h1>Kidsafe change password</h1>
<div id="intro">
\t<p>{$message}</p>
}
// don't use existing password - use login for that
// Do we have a password (new and repeat new)
if ($parms->getParm('password') != '') {
// check password matches
if ($parms->getParm('newpassword') != $parms->getParm('repeatpassword')) {
passwordChg("Passwords do not match");
}
$newpassword = $parms->getParm('newpassword');
// set password in database
$kdb->setUserPassword($username, md5($newpassword));
// redirect to listuser page - with message password changed
header("Location: dashboardlistusers.php?message=newpass");
exit(0);
} else {
passwordChg($user_messages, $username, $user->getUsername());
}
function passwordChg($message, $chgusername, $username)
{
include "inc/dashboardheaders.php";
print <<<EOT
<h1>Kidsafe change password {$chgusername}</h1>
{$header}
{$login_banner}
{$main_banner}
{$main_menu}
<div id="intro">
\t<p>{$message}</p>
\t<form action="chguserpw.php" method="post">
