root/trunk/wifidog-auth/wifidog/change_password.php @ 708

Revision 708, 4.2 KB (checked in by benoitg, 8 years ago)

2005-09-01 Benoit Gr�goire <bock@…>

WARNING: DO NOT use the CVS auth server in production until further notice.
Massive internal changes are underway.
Use the release tagged 1.0m1 in production.

  • Network abstraction mostly complete, including UI. All that is missing is new network creation, network stakeholder UI and testing.
  • Cleanup the config file of all the now unneeded constants. Note that the install script is currently broken. There can now be multiple networks on the server. The install script will have to make sure that there is at least one, with one super-admin
  • Property svn:eol-style set to native
  • Property svn:executable set to *
  • Property svn:keywords set to Author Date Id Revision
Line 
1<?php
2  // $Id$
3  /********************************************************************\
4   * This program is free software; you can redistribute it and/or    *
5   * modify it under the terms of the GNU General Public License as   *
6   * published by the Free Software Foundation; either version 2 of   *
7   * the License, or (at your option) any later version.              *
8   *                                                                  *
9   * This program is distributed in the hope that it will be useful,  *
10   * but WITHOUT ANY WARRANTY; without even the implied warranty of   *
11   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the    *
12   * GNU General Public License for more details.                     *
13   *                                                                  *
14   * You should have received a copy of the GNU General Public License*
15   * along with this program; if not, contact:                        *
16   *                                                                  *
17   * Free Software Foundation           Voice:  +1-617-542-5942       *
18   * 59 Temple Place - Suite 330        Fax:    +1-617-542-2652       *
19   * Boston, MA  02111-1307,  USA       gnu@gnu.org                   *
20   *                                                                  *
21   \********************************************************************/
22  /**@file
23   * Login page
24   * @author Copyright (C) 2004 Benoit Grégoire et Philippe April
25   */
26define('BASEPATH','./');
27require_once BASEPATH.'include/common.php';
28require_once BASEPATH.'classes/MainUI.php';
29require_once BASEPATH.'include/common_interface.php';
30require_once BASEPATH.'classes/User.php';
31
32isset($_REQUEST["username"]) && $smarty->assign("username", $_REQUEST["username"]);
33
34if (isset($_REQUEST["submit"])) {
35    try {
36        // If the source is present and that it's in our, save it to a var for later use
37                $account_origin = Networt::getObject($_REQUEST['auth_source']);
38               
39        if (!$account_origin || !$_REQUEST["username"] || !$_REQUEST["oldpassword"] || !$_REQUEST["newpassword"] || !$_REQUEST["newpassword_again"])
40            throw new Exception(_('You MUST fill in all the fields.'));
41        $username = $db->EscapeString(trim($_REQUEST['username']));
42            $current_password = $db->EscapeString(trim($_REQUEST['oldpassword']));
43        $new_password = $db->EscapeString(trim($_REQUEST['newpassword']));
44
45                if(empty($account_origin))
46                        throw new Exception(_("Sorry, this network does not exist !"));
47                               
48        if ($_REQUEST["newpassword"] != $_REQUEST["newpassword_again"])
49            throw new Exception(_("Passwords do not match."));
50
51        // Warning for now, password change only works for local users, registered through our signup process.
52        $user = User::getUserByUsernameAndOrigin($username, $account_origin);
53        /**
54         * utf8_decode is used for backward compatibility with old passwords
55         * containing special characters.
56         * Conversion from UTF-8 to ISO-8859-1 is done to match the MD5 hash
57         */
58        if ($user->getPasswordHash() != User::passwordHash(utf8_decode($current_password)))
59            throw new Exception(_("Wrong password."));
60
61        $user->SetPassword($new_password);
62        $ui = new MainUI();
63        $smarty->assign("message", _("Your password has been changed succesfully."));
64        $ui->setMainContent($smarty->fetch("templates/validate.html"));
65        $ui->display();
66        exit;
67    } catch (Exception $e) {
68        $smarty->assign("error", $e->getMessage());
69    }
70}
71
72// Add the auth servers list to smarty variables
73$sources = array ();
74// Preserve keys
75$network_array=Network::getAllNetworks();
76foreach ($network_array as $network)
77        if ($network->getAuthenticator()->isRegistrationPermitted())
78                $sources[$network->getId()] = $network->getName();
79               
80isset ($sources) && $smarty->assign('auth_sources', $sources);
81// Pass the account_origin along, if it's set
82isset ($_REQUEST["auth_source"]) && $smarty->assign('selected_auth_source', $_REQUEST["auth_source"]);
83
84$ui = new MainUI();
85$smarty->assign('SelectNetworkUI', Network::getSelectNetworkUI('auth_source'));
86$ui->setMainContent($smarty->fetch("templates/change_password.html"));
87$ui->display();
88//$smarty->display("templates/change_password.html");
89?>
Note: See TracBrowser for help on using the browser.