$smarty->assign('error_msg', 'y');
$smarty->assign('if_error_password_empty', 'y');
} else {
if (check_passwd_length($_POST['new_passwd2']) == false) {
$smarty->assign('error_msg', 'y');
$smarty->assign('if_error_password_long', 'y');
} else {
if ($_POST['new_passwd1'] != $_POST['new_passwd2']) {
$smarty->assign('error_msg', 'y');
$smarty->assign('if_new_passwd_not_same', 'y');
} else {
if (decrypt_passwd($_SESSION['cpasswd']) != $_POST['old_passwd']) {
$smarty->assign('error_msg', 'y');
$smarty->assign('if_error_password_old_wrong', 'y');
} else {
if ($config['cleartext_passwd'] == 1) {
$cleartext = $_POST['new_passwd1'];
} else {
$cleartext = "";
}
$sql = sprintf("UPDATE users SET passwd='%s',cpasswd='%s' WHERE id='%d'", $db->escapeSimple($cleartext), $db->escapeSimple(crypt($_POST['new_passwd1'])), $db->escapeSimple($_SESSION['uid']));
$res =& $db->query($sql);
$smarty->assign('passwd_changed', 'y');
$smarty->assign('success_msg', 'y');
$smarty->assign('if_password_changed', 'y');
$_SESSION['cpasswd'] = encrypt_passwd($_POST['new_passwd1']);
}
}
}
}
}
$_SESSION['p_mailfilter'] = $data_domain['p_mailfilter'];
$_SESSION['lang'] = get_email_options($_SESSION['uid'], 'web_lang', 'en_US');
}
}
}
} else {
$sql = sprintf("SELECT * FROM adm_users WHERE username='******' AND access='1'", $db->escapeSimple($_POST['email']));
$result =& $db->query($sql);
if ($result->numRows() == 1) {
$daten = $result->fetchrow(DB_FETCHMODE_ASSOC);
if (check_password($daten['cpasswd'], $_POST['password']) == 1) {
$login = 1;
$_SESSION['lang'] = $daten['web_lang'];
$_SESSION['s_uid'] = $daten['id'];
$_SESSION['email'] = $daten['username'];
$_SESSION['cpasswd'] = encrypt_passwd($_POST['password']);
$_SESSION['superadmin'] = '1';
$_SESSION['manager'] = $daten['manager'];
$smarty->assign('if_login_ok', 'yes');
logging($_SESSION['email']);
}
}
}
}
if ($login == 0) {
$smarty->assign('error_msg', 'y');
$smarty->assign('if_error_login_failed', 'y');
} else {
if ($login == 1) {
header("Location: index.php?module=main");
} else {
