$err["password_confirm"] = "Passwords must match";
$valid = false;
}
}
$form->load_by_pk($_SESSION['usr_id']);
//load the data from the table by using the user type
$panel_head = false;
if ($valid && isset($_POST['new_password']) && isset($_POST['password_confirm']) && isset($_POST['old_password'])) {
//if old and new password are set, check if the old
$pass = new PasswordField();
//password matches the one that's currently in the database, if so check if the newpassowrd and the confirmation match. if they do, save it to the database
$pass->new_password($_POST['old_password']);
if ($pass->value == $form->fields['password']->value) {
if ($_POST['new_password'] == $_POST['password_confirm']) {
$form->fields['password']->new_password($_POST['new_password']);
if ($form->save()) {
$panel_head = true;
} else {
echo "Password not changed.";
}
}
} else {
$err['password_confirm'] = "Either old password is incorrect or new passwords do not match.";
}
}
//load the html templates for the look of the change_password page
$logout = "logout_button.php";
$page_title = "Change Password";
$panel_heading = "Change your password";
if ($panel_head) {
$panel_heading = "Success!";
} else {
header('Location: index.php');
}
include "models/admin_model.php";
$admins = new AdminForm();
$to_edit = new AdminForm();
if (isset($_POST['add_admin'])) {
$to_edit->load_from_post();
$valid = $to_edit->validate();
if ($_POST['password2'] != $to_edit->fields['password']->value) {
$valid = false;
} else {
$to_edit->fields['password']->hash_pass();
}
if ($valid) {
$to_edit->save();
}
} elseif (isset($_POST['admin_id'])) {
$to_edit->load_by_pk($_POST['admin_id']);
$to_edit->load_from_post();
$valid = $to_edit->validate();
if ($valid) {
$to_edit->save();
$to_edit = new AdminForm();
}
}
$admins->load_by_filter("");
$page_title = "Manage Administrators";
$panel_heading = "Manage Administrators";
$page_body = "manage_admins_template.php";
include "templates/template.php";