$smarty->assign('error_msg', 'y'); $smarty->assign('if_error_password_empty', 'y'); } else { if (check_passwd_length($_POST['new_passwd2']) == false) { $smarty->assign('error_msg', 'y'); $smarty->assign('if_error_password_long', 'y'); } else { if ($_POST['new_passwd1'] != $_POST['new_passwd2']) { $smarty->assign('error_msg', 'y'); $smarty->assign('if_new_passwd_not_same', 'y'); } else { if (decrypt_passwd($_SESSION['cpasswd']) != $_POST['old_passwd']) { $smarty->assign('error_msg', 'y'); $smarty->assign('if_error_password_old_wrong', 'y'); } else { if ($config['cleartext_passwd'] == 1) { $cleartext = $_POST['new_passwd1']; } else { $cleartext = ""; } $sql = sprintf("UPDATE users SET passwd='%s',cpasswd='%s' WHERE id='%d'", $db->escapeSimple($cleartext), $db->escapeSimple(crypt($_POST['new_passwd1'])), $db->escapeSimple($_SESSION['uid'])); $res =& $db->query($sql); $smarty->assign('passwd_changed', 'y'); $smarty->assign('success_msg', 'y'); $smarty->assign('if_password_changed', 'y'); $_SESSION['cpasswd'] = encrypt_passwd($_POST['new_passwd1']); } } } } }
$_SESSION['p_mailfilter'] = $data_domain['p_mailfilter']; $_SESSION['lang'] = get_email_options($_SESSION['uid'], 'web_lang', 'en_US'); } } } } else { $sql = sprintf("SELECT * FROM adm_users WHERE username='******' AND access='1'", $db->escapeSimple($_POST['email'])); $result =& $db->query($sql); if ($result->numRows() == 1) { $daten = $result->fetchrow(DB_FETCHMODE_ASSOC); if (check_password($daten['cpasswd'], $_POST['password']) == 1) { $login = 1; $_SESSION['lang'] = $daten['web_lang']; $_SESSION['s_uid'] = $daten['id']; $_SESSION['email'] = $daten['username']; $_SESSION['cpasswd'] = encrypt_passwd($_POST['password']); $_SESSION['superadmin'] = '1'; $_SESSION['manager'] = $daten['manager']; $smarty->assign('if_login_ok', 'yes'); logging($_SESSION['email']); } } } } if ($login == 0) { $smarty->assign('error_msg', 'y'); $smarty->assign('if_error_login_failed', 'y'); } else { if ($login == 1) { header("Location: index.php?module=main"); } else {