// Special form template that will be replaced to current skin on ajax response
$Form->fieldstart = '#fieldstart#';
$Form->fieldend = '#fieldend#';
$Form->labelclass = '#labelclass#';
$Form->labelstart = '#labelstart#';
$Form->labelend = '#labelend#';
$Form->inputstart = '#inputstart#';
$Form->inputend = '#inputend#';
$org_suffix .= ' ' . get_icon('add', 'imgtag', array('class' => 'add_org', 'style' => 'cursor:pointer'));
$org_suffix .= ' ' . get_icon('minus', 'imgtag', array('class' => 'remove_org', 'style' => 'cursor:pointer'));
$Form->select_input_object('organizations[]', 0, $OrganizationCache, T_('Organization'), array('allow_none' => $first_org ? true : false, 'field_suffix' => $org_suffix));
break;
case 'autocomplete_usernames':
// Get usernames by first chars for autocomplete jQuery plugin & TinyMCE autocomplete plugin
$q = param('q', 'string', '');
if (!is_valid_login($q) || evo_strlen($q) < 4) {
// Restrict a wrong request
debug_die('Wrong request');
}
// Add backslash for special char of sql operator LIKE
$q = str_replace('_', '\\_', $q);
if (utf8_strlen($q) == 0) {
// Don't search logins with empty request
$usernames = array();
} else {
$SQL = new SQL();
$SQL->SELECT('user_login');
$SQL->FROM('T_users');
$SQL->WHERE('user_login LIKE ' . $DB->quote($q . '%'));
$SQL->WHERE_and('user_status = "activated" OR user_status = "autoactivated"');
$SQL->ORDER_BY('user_login');
?>
<!DOCTYPE html>
<html>
<head>
<style>
body{
background-color:#efefef;
text-align:center;
}
</style>
</head>
<body>
<div style = "margin:0 auto;margin-top:32px;margin-bottom:32px;width:100%;">
<?php
require_once '../scripts/functions.php';
$un = $_SESSION['username'];
$em = get_email($_SESSION['username']);
$op = $_POST['oldpass1'];
$np = $_POST['newpass1'];
error_reporting(0);
if (!is_valid_login($em, $op)) {
echo "Your information could not be validated.";
} else {
change_password($em, $np);
echo "Password successfully changed.";
}
?>
</div>
<a href="javascript: self.close()">[x] close this window</a>
</body>
</html>
/**
* Get user media directory subpath, e.g. users/{login}/ or users/usr_{user ID}/
*/
function get_media_subpath()
{
if (is_valid_login($this->login, true)) {
// Valid ASCII login, use it as is
return 'users/' . $this->login . '/';
} else {
// Non-ASCII login
return 'users/usr_' . $this->ID . '/';
}
}
/**
* Check if the value is a valid login (in terms of allowed chars)
*
* @param string param name
* @return boolean true if OK
*/
function param_check_valid_login($var)
{
global $Settings;
if (empty($GLOBALS[$var])) {
// empty variable is OK
return T_('Please choose a username.');
}
$check = is_valid_login($GLOBALS[$var]);
if (!$check || $check === 'usr') {
if ($check === 'usr') {
// Special case, the login is valid however we forbid it's usage.
$msg = T_('Logins cannot start with "usr_", this prefix is reserved for system use.');
} elseif (!isset($Settings) || $Settings->get('strict_logins')) {
$msg = T_('Logins can only contain letters, digits and the following characters: _ .');
} else {
$msg = sprintf(T_('Logins cannot contain whitespace and the following characters: %s'), '\', ", >, <, @');
}
param_error($var, $msg);
return false;
}
return true;
}
