} $tzone_diff = Session::get_timezone($tzone); if ($is_my_profile && $_SESSION['_timezone'] != $tzone_diff) { $_SESSION['_timezone'] = $tzone_diff; $tzone_changed = TRUE; } Session_activity::force_user_logout($conn, $login); } else { $msg = 'unknown_error'; } } // Change Pass if ($error == 0 && $login_method != 'ldap' && !empty($pass1) && !empty($pass2)) { //Set new pass Session::change_pass($conn, $login, $pass1, NULL); Session::log_pass_history($login, hash('sha256', $pass1)); // Note: session_start will show an alert here. Calling to expire when back to users.php if (method_exists('Session_activity', 'expire_my_others_sessions')) { $exp_user = $login; } } // Special case LDAP if ($error == 0 && $login_method == 'ldap') { Session::change_pass($conn, $login, $login, NULL, FALSE); } } if ($language_changed) { $av_menu = new Menu($conn); $db->close(); $av_menu->set_menu_option('configuration', 'administration'); $av_menu->set_hmenu_option('users');
$error = new OssimError(); $error->display("PASSWORD_RECENT"); } /* check for old password if not actual user or admin */ /* if ((($_SESSION["_user"] != $user) && $_SESSION["_user"] != ACL_DEFAULT_OSSIM_ADMIN) && !is_array($user_list = Session::get_list($conn, "WHERE login = '******' and pass = '******'"))) { require_once ("ossim_error.inc"); $error = new OssimError(); $error->display("BAD_OLD_PASSWORD"); }*/ /* only the user himself or the admin can change passwords */ if (POST('user') != $_SESSION["_user"] && !Session::am_i_admin()) { die(ossim_error(_("To change the password for other user is not allowed"))); } Session::changepass($conn, $user, $pass1, $oldpass); Session::log_pass_history($user, md5($pass1)); if (method_exists('Session_activity', 'expire_my_others_sessions')) { Session_activity::expire_my_others_sessions($conn, $user); } } $db->close($conn); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html> <head> <title> <?php echo gettext("OSSIM Framework"); ?> </title> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/>