if (is_numeric($_REQUEST["staff_id"])) { $staff_id = $_REQUEST["staff_id"]; } else { print _("Perhaps you have come here by a funny path?"); exit; } /// Create our record $record = new Staff($staff_id); // Generate form box $password_box = $record->outputPasswordForm(); $staff_name = $record->getFullName(); // See if a password has been submitted if (isset($_POST['action']) && $_POST['action'] == 'password') { if ($_POST["password"] != "") { if ($record->correctPassword($_POST['password'])) { $pass_result = $record->updatePassword($_POST["password"]); if ($pass_result == TRUE) { $feedback = "<div class=\"box\">" . _("Password updated. Close this box to continue.") . "</div>"; $password_box = ""; } else { $feedback = "<div class=\"box\">" . _("There was a problem. Contact the admin.") . "</div>"; } } else { $feedback = "<div class=\"box\">" . _("Password must have at least one letter, one number, one special character, and be at least 6 characters long.") . "</div>"; } } else { $feedback = "<div class=\"box\">" . _("You cannot leave the password box blank. Close this window if you don't want to change the password.") . "</div>"; } } print "<div id=\"maincontent\">\n<h2 class=\"bw_head\">" . _("Update Password for ") . " {$staff_name}</h2>"; print $feedback;
$lstrMessage = "Hello {$lobjStaff->getFullName()},\n\nHere is the link to reset your password. Link only works for three days. {$BaseURL}control/forgotpassword.php?id={$lobjStaff->getRecordID()}&code={$lstrCode}"; mail($lobjStaff->getEmail(), 'Reset password for SubjectsPlus', $lstrMessage, "From: {$administrator_email}"); $introtext = "<p align=\"center\" style=\"clear: both;\" class=\"smaller\"><br /><strong>" . _("An email has been sent to reset your password. Please click the link in the email and follow the instructions.") . "</strong></p>"; } } else { $lobjStaff = new Staff(); $introtext = "<p align=\"center\" style=\"clear: both;\" class=\"smaller\"><br />" . _("Please enter your <strong>email</strong> so we can email you a link to reset your password.") . "</p>"; $lstrForm = $lobjStaff->outputEmailForm(); } } else { $_SESSION['staff_id'] = $_GET['id']; $lobjStaff = new Staff($_GET['id']); if (isset($_POST['password'])) { if ($lobjStaff->correctPassword($_POST['password'])) { if ($_POST['password'] == $_POST['password_confirm']) { $lobjStaff->updatePassword(trim($_POST['password'])); $introtext = "<p align=\"center\" style=\"clear: both;\" class=\"smaller\"><br />" . _("Password has been updated.") . "</p>"; $introtext .= '<br><p align="center"><a href="login.php">Login</a></p>'; } else { $introtext = "<p align=\"center\" style=\"clear: both;\" class=\"smaller\"><br /><span style=\"background-color:yellow;\">" . _("Passwords did not match.") . "</span><br />" . _("Please enter your new password.") . "<br /><strong>" . _("Password must have at least one letter, one number, one special character, and be at least 6 characters long.") . "</strong></p>"; $lstrForm = $lobjStaff->outputResetPasswordForm(); } } else { $introtext = "<p align=\"center\" style=\"clear: both;\" class=\"smaller\"><br /><span style=\"background-color:yellow;\">" . _("Password doesn't meet requirements.") . "</span><br />" . _("Please enter your new password.") . "<br /><strong>" . _("Password must have at least one letter, one number, one special character, and be at least 6 characters long.") . "</strong></p>"; $lstrForm = $lobjStaff->outputResetPasswordForm(); } } else { //create a DateTime object that defaults to today's date $lobjTodayDate = new DateTime(); //clone Today's Date object because without clone, the object will pass by reference $lobjTodayMinusOne = clone $lobjTodayDate;