search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
fix: set default x12 partner for item in billing manager (#7502)
[openemr.git] / interface / usergroup / user_info_ajax.php
blob80fdb94b10c92c14fffc48d251a6d407874bd57b
1 <?php
2
3 /**
4 * Controller to handle user password change requests.
5 *
6 * <pre>
7 * Expected REQUEST parameters
8 * $_REQUEST['pk'] - The primary key being used for encryption. The browser would have requested this previously
9 * $_REQUEST['curPass'] - ciphertext of the user's current password
10 * $_REQUEST['newPass'] - ciphertext of the new password to use
11 * $_REQUEST['newPass2']) - second copy of ciphertext of the new password to confirm proper user entry.
12 * </pre>
13 *
14 * @package OpenEMR
15 * @link http://www.open-emr.org
16 * @author Kevin Yeh <kevin.y@integralemr.com>
17 * @author Brady Miller <brady.g.miller@gmail.com>
18 * @copyright Copyright (c) 2013 Kevin Yeh <kevin.y@integralemr.com>
19 * @copyright Copyright (c) 2013 OEMR <www.oemr.org>
20 * @copyright Copyright (c) 2017-2019 Brady Miller <brady.g.miller@gmail.com>
21 * @license https://github.com/openemr/openemr/blob/master/LICENSE CNU General Public License 3
22 */
23
24 // Set $sessionAllowWrite to true to prevent session concurrency issues during authorization related code
25 $sessionAllowWrite = true;
26 require_once("../globals.php");
27
28 use OpenEMR\Common\Auth\AuthUtils;
29 use OpenEMR\Common\Csrf\CsrfUtils;
30
31 if (!empty($_POST)) {
32 if (!CsrfUtils::verifyCsrfToken($_POST["csrf_token_form"])) {
33 CsrfUtils::csrfNotVerified();
34 }
35 }
36
37 $curPass = $_REQUEST['curPass'];
38 $newPass = $_REQUEST['newPass'];
39 $newPass2 = $_REQUEST['newPass2'];
40
41 if ($newPass != $newPass2) {
42 echo "<div class='alert alert-danger'>" . xlt("Passwords Don't match!") . "</div>";
43 exit;
44 }
45
46 $authUtilsUpdatePassword = new AuthUtils();
47 $success = $authUtilsUpdatePassword->updatePassword($_SESSION['authUserID'], $_SESSION['authUserID'], $curPass, $newPass);
48 if ($success) {
49 echo "<div class='alert alert-success'>" . xlt("Password change successful") . "</div>";
50 } else {
51 // If updatePassword fails the error message is returned
52 echo "<div class='alert alert-danger'>" . text($authUtilsUpdatePassword->getErrorMessage()) . "</div>";
53 }
Mirror of official OpenEMR Sourceforge repository