Пример #1
0
function setUserPassword()
{
    global $arrConf;
    include_once "libs/paloSantoACL.class.php";
    include_once "libs/paloSantoOrganization.class.php";
    $old_pass = getParameter("oldPassword");
    $new_pass = getParameter("newPassword");
    $new_repass = getParameter("newRePassword");
    $arrResult = array();
    $arrResult['status'] = FALSE;
    if ($old_pass == "") {
        $arrResult['msg'] = _tr("Please write your current password.");
        return $arrResult;
    }
    if ($new_pass == "" || $new_repass == "") {
        $arrResult['msg'] = _tr("Please write the new password and confirm the new password.");
        return $arrResult;
    }
    if ($new_pass != $new_repass) {
        $arrResult['msg'] = _tr("The new password doesn't match with retype new password.");
        return $arrResult;
    }
    //verificamos que la nueva contraseña sea fuerte
    if (!isStrongPassword($new_pass)) {
        $arrResult['msg'] = _tr("The new password can not be empty. It must have at least 10 characters and contain digits, uppers and little case letters");
        return $arrResult;
    }
    $user = isset($_SESSION['elastix_user']) ? $_SESSION['elastix_user'] : "";
    $pDB = new paloDB($arrConf['elastix_dsn']['elastix']);
    $pACL = new paloACL($pDB);
    $uid = $pACL->getIdUser($user);
    if ($uid === FALSE) {
        $arrResult['msg'] = _tr("Please your session id does not exist. Refresh the browser and try again.");
    } else {
        // verificando la clave vieja
        $val = $pACL->authenticateUser($user, md5($old_pass));
        if ($val === TRUE) {
            $pORG = new paloSantoOrganization($pDB);
            $status = $pORG->changeUserPassword($user, $new_pass);
            if ($status) {
                $arrResult['status'] = TRUE;
                $arrResult['msg'] = _tr("Elastix password has been changed.");
                $_SESSION['elastix_pass'] = md5($new_pass);
                $_SESSION['elastix_pass2'] = $new_pass;
            } else {
                $arrResult['msg'] = _tr("Impossible to change your Elastix password.") . " " . $pORG->errMsg;
            }
        } else {
            $arrResult['msg'] = _tr("Impossible to change your Elastix password. User does not exist or password is wrong");
        }
    }
    return $arrResult;
}