search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Patient List module: very minor bug fixes
[openemr.git] / interface / usergroup / user_info.php
blob1e9b292ecfa911db1e56118120a6062443251832
1 <?php
2 include_once("../globals.php");
3 include_once("$srcdir/md5.js");
4 include_once("$srcdir/sql.inc");
5 include_once("$srcdir/auth.inc");
6 ?>
7 <html>
8 <head>
9 <link rel="stylesheet" href="<?php echo $css_header;?>" type="text/css">
10 <script src="checkpwd_validation.js" type="text/javascript"></script>
11 <script language='JavaScript'>
12 //Validating password and display message if password field is empty - starts
13 function pwdvalidation()
14 {
15 var password1=trim(document.user_form.clearPass.value);
16 var password2=trim(document.user_form.clearPass2.value);
17 document.getElementById("display_msg").innerHTML="";
18 if (password1 == "")
19 {
20 alert("<?php echo xl('Please enter the password'); ?>");
21 document.user_form.clearPass.focus();
22 return false;
23 }
24 if (password2 == "")
25 {
26 alert("<?php echo xl('Please enter the password'); ?>");
27 document.user_form.clearPass2.focus();
28 return false;
29 }
30 if (password1 != password2)
31 {
32 alert("<?php echo xl('Error: passwords don\'t match. Please check your typing.'); ?>");
33 document.user_form.clearPass.value="";
34 document.user_form.clearPass2.value="";
35 document.user_form.clearPass.focus();
36 return false;
37 }
38 //Checking for the strong password if the 'secure password' feature is enabled
39 if(document.user_form.secure_pwd.value == 1){
40 var pwdresult = passwordvalidate(password1);
41 if (pwdresult == 0){
42 alert("<?php echo xl('The password must be at least eight characters, and should'); echo '\n'; echo xl('contain at least three of the four following items:'); echo '\n'; echo xl('A number'); echo '\n'; echo xl('A lowercase letter'); echo '\n'; echo xl('An uppercase letter'); echo '\n'; echo xl('A special character');echo '('; echo xl('not a letter or number'); echo ').'; echo '\n'; echo xl('For example:'); echo ' healthCare@09'; ?>");
43 document.user_form.clearPass.value="";
44 document.user_form.clearPass2.value="";
45 document.user_form.clearPass.focus();
46 return false;
47 }
48 }
49 document.user_form.authPass.value=MD5(document.user_form.clearPass.value);
50 document.user_form.clearPass.value='';
51 document.user_form.authPass2.value=MD5(document.user_form.clearPass2.value);
52 document.user_form.clearPass2.value='';
53 }
54
55 </script>
56 </head>
57 <body class="body_top">
58
59 <span class="title"><?php xl('Password Change','e'); ?></span>
60 <br><br>
61
62 <?php
63
64 $update_pwd_failed=0;
65 $ip=$_SERVER['REMOTE_ADDR'];
66 if ($_GET["mode"] == "update") {
67 if ($_GET["authPass"] && $_GET["authPass2"] && $_GET["authPass"] != "d41d8cd98f00b204e9800998ecf8427e") { // account for empty
68 $tqvar = addslashes($_GET["authPass"]);
69 $tqvar2 = addslashes($_GET["authPass2"]);
70 if ($tqvar == $tqvar2) {
71
72 // Validating the password
73 if($GLOBALS['password_history'] != 0){
74 $updatepwd = UpdatePasswordHistory($_SESSION["authId"],$tqvar);
75 }else {
76 sqlStatement("update users set password='$tqvar' where id={$_SESSION["authId"]}");
77 $updatepwd=1;
78 }
79 if ($updatepwd == 1) {
80 echo "<span class='alert'>".xl("Password change successful.",'','',' ').xl("Click")."<a href='$rootdir/logout.php?auth=logout' class=link_submit>".xl("here",'',' ',' ')."</a>".xl("to login again").".<br><br></span>";
81 } else {
82 $update_pwd_failed=1;
83 }
84 }
85 else {
86 echo "<span class=alert>" . xl("Error: passwords don't match. Please check your typing.") . "</span><br><br>\n";
87 }
88 }
89 }
90
91 $res = sqlStatement("select * from users where id={$_SESSION["authId"]}");
92 $row = sqlFetchArray($res);
93 $iter=$row;
94 ?>
95 <div id="display_msg">
96 <?
97 if ($update_pwd_failed==1) //display message if entered password matched one of last three passwords.
98 {
99 echo "<font class='redtext'>". xl("Recent three passwords are not allowed.") ."</font>";
100 }
101 ?>
102 </div>
103 <br>
104 <span class="text"><?php xl('Once you change your password, you will have to re-login.','e'); ?><br></span>
105 <FORM NAME="user_form" METHOD="GET" ACTION="user_info.php"
106 onsubmit="top.restoreSession()">
107 <input type=hidden name=secure_pwd value="<? echo $GLOBALS['secure_password']; ?>">
108 <TABLE>
109 <TR>
110 <TD><span class=text><?php xl('Full Name','e'); ?>: </span></TD>
111 <TD><span class=text><?php echo htmlspecialchars($iter["fname"] . " " . $iter["lname"], ENT_NOQUOTES); ?></span></td>
112 </TR>
113
114 <TR>
115 <TD><span class=text><?php xl('Username','e'); ?>: </span></TD>
116 <TD><span class=text><?php echo $iter["username"]; ?></span></td>
117 </TR>
118
119 <TR>
120 <TD><span class=text><?php xl('Password','e'); ?>: </span></TD>
121 <TD><input type=password name=clearPass size=20 value=""></td>
122 </TR>
123 <TR>
124 <TD><span class=text><?php xl('Password','e'); ?> (<?xl('Again','e');?>): </span></TD>
125 <TD><input type=password name=clearPass2 size=20 value=""></td>
126 </TR>
127
128 </TABLE>
129 <br>&nbsp;&nbsp;&nbsp;
130 <INPUT TYPE="HIDDEN" NAME="id" VALUE="<?php echo $_GET["id"]; ?>">
131 <INPUT TYPE="HIDDEN" NAME="mode" VALUE="update">
132 <INPUT TYPE="HIDDEN" NAME="authPass" VALUE="">
133 <INPUT TYPE="HIDDEN" NAME="authPass2" VALUE="">
134 <INPUT TYPE="Submit" VALUE=<?php xl('Save Changes','e','\'','\''); ?> onClick="return pwdvalidation()">
135
136 <?php if (! $GLOBALS['concurrent_layout']) { ?>
137 &nbsp;&nbsp;&nbsp;
138 [<a href="../main/main_screen.php" target="_top" class="link_submit"
139 onclick="top.restoreSession()"><?php xl('Back','e'); ?></font></a>]
140 <?php } ?>
141
142 </FORM>
143
144 <br><br>
145 </BODY>
146 </HTML>
147
148 <?php
149 // d41d8cd98f00b204e9800998ecf8427e == blank
150 ?>
Mirror of official OpenEMR Sourceforge repository