2 include_once("../globals.php");
3 include_once("$srcdir/md5.js");
4 include_once("$srcdir/sql.inc");
5 include_once("$srcdir/auth.inc");
9 <link rel
="stylesheet" href
="<?php echo $css_header;?>" type
="text/css">
10 <script src
="checkpwd_validation.js" type
="text/javascript"></script
>
11 <script language
='JavaScript'>
12 //Validating password and display message if password field is empty - starts
13 function pwdvalidation()
15 var password1
=trim(document
.user_form
.clearPass
.value
);
16 var password2
=trim(document
.user_form
.clearPass2
.value
);
17 document
.getElementById("display_msg").innerHTML
="";
20 alert("<?php echo xl('Please enter the password'); ?>");
21 document
.user_form
.clearPass
.focus();
26 alert("<?php echo xl('Please enter the password'); ?>");
27 document
.user_form
.clearPass2
.focus();
30 if (password1
!= password2
)
32 alert("<?php echo xl('Error: passwords don\'t match. Please check your typing.'); ?>");
33 document
.user_form
.clearPass
.value
="";
34 document
.user_form
.clearPass2
.value
="";
35 document
.user_form
.clearPass
.focus();
38 //Checking for the strong password if the 'secure password' feature is enabled
39 if(document
.user_form
.secure_pwd
.value
== 1){
40 var pwdresult
= passwordvalidate(password1
);
42 alert("<?php echo xl('The password must be at least eight characters, and should'); echo '\n'; echo xl('contain at least three of the four following items:'); echo '\n'; echo xl('A number'); echo '\n'; echo xl('A lowercase letter'); echo '\n'; echo xl('An uppercase letter'); echo '\n'; echo xl('A special character');echo '('; echo xl('not a letter or number'); echo ').'; echo '\n'; echo xl('For example:'); echo ' healthCare@09'; ?>");
43 document
.user_form
.clearPass
.value
="";
44 document
.user_form
.clearPass2
.value
="";
45 document
.user_form
.clearPass
.focus();
49 document
.user_form
.authPass
.value
=MD5(document
.user_form
.clearPass
.value
);
50 document
.user_form
.clearPass
.value
='';
51 document
.user_form
.authPass2
.value
=MD5(document
.user_form
.clearPass2
.value
);
52 document
.user_form
.clearPass2
.value
='';
57 <body
class="body_top">
59 <span
class="title"><?php
xl('Password Change','e'); ?
></span
>
65 $ip=$_SERVER['REMOTE_ADDR'];
66 if ($_GET["mode"] == "update") {
67 if ($_GET["authPass"] && $_GET["authPass2"] && $_GET["authPass"] != "d41d8cd98f00b204e9800998ecf8427e") { // account for empty
68 $tqvar = addslashes($_GET["authPass"]);
69 $tqvar2 = addslashes($_GET["authPass2"]);
70 if ($tqvar == $tqvar2) {
72 // Validating the password
73 if($GLOBALS['password_history'] != 0){
74 $updatepwd = UpdatePasswordHistory($_SESSION["authId"],$tqvar);
76 sqlStatement("update users set password='$tqvar' where id={$_SESSION["authId
"]}");
79 if ($updatepwd == 1) {
80 echo "<span class='alert'>".xl("Password change successful.",'','',' ').xl("Click")."<a href='$rootdir/logout.php?auth=logout' class=link_submit>".xl("here",'',' ',' ')."</a>".xl("to login again").".<br><br></span>";
86 echo "<span class=alert>" . xl("Error: passwords don't match. Please check your typing.") . "</span><br><br>\n";
91 $res = sqlStatement("select * from users where id={$_SESSION["authId
"]}");
92 $row = sqlFetchArray($res);
95 <div id
="display_msg">
97 if ($update_pwd_failed==1) //display message if entered password matched one of last three passwords.
99 echo "<font class='redtext'>". xl("Recent three passwords are not allowed.") ."</font>";
104 <span
class="text"><?php
xl('Once you change your password, you will have to re-login.','e'); ?
><br
></span
>
105 <FORM NAME
="user_form" METHOD
="GET" ACTION
="user_info.php"
106 onsubmit
="top.restoreSession()">
107 <input type
=hidden name
=secure_pwd value
="<? echo $GLOBALS['secure_password']; ?>">
110 <TD
><span
class=text
><?php
xl('Real Name','e'); ?
>: </span
></TD
>
111 <TD
><span
class=text
><?php
echo $iter["realname"]; ?
></span
></td
>
115 <TD
><span
class=text
><?php
xl('Username','e'); ?
>: </span
></TD
>
116 <TD
><span
class=text
><?php
echo $iter["username"]; ?
></span
></td
>
120 <TD
><span
class=text
><?php
xl('Password','e'); ?
>: </span
></TD
>
121 <TD
><input type
=password name
=clearPass size
=20 value
=""></td
>
124 <TD
><span
class=text
><?php
xl('Password','e'); ?
> (<?
xl('Again','e');?
>): </span
></TD
>
125 <TD
><input type
=password name
=clearPass2 size
=20 value
=""></td
>
129 <br
> 
; 
; 
;
130 <INPUT TYPE
="HIDDEN" NAME
="id" VALUE
="<?php echo $_GET["id
"]; ?>">
131 <INPUT TYPE
="HIDDEN" NAME
="mode" VALUE
="update">
132 <INPUT TYPE
="HIDDEN" NAME
="authPass" VALUE
="">
133 <INPUT TYPE
="HIDDEN" NAME
="authPass2" VALUE
="">
134 <INPUT TYPE
="Submit" VALUE
=<?php
xl('Save Changes','e','\'','\''); ?
> onClick
="return pwdvalidation()">
136 <?php
if (! $GLOBALS['concurrent_layout']) { ?
>
138 [<a href
="../main/main_screen.php" target
="_top" class="link_submit"
139 onclick
="top.restoreSession()"><?php
xl('Back','e'); ?
></font
></a
>]
149 // d41d8cd98f00b204e9800998ecf8427e == blank