2 /* vim: set expandtab sw=4 ts=4 sts=4: */
4 * displays and handles the form where the user can change his password
5 * linked from index.php
9 declare(strict_types
=1);
11 use PhpMyAdmin\DatabaseInterface
;
12 use PhpMyAdmin\Di\Container
;
13 use PhpMyAdmin\Display\ChangePassword
;
14 use PhpMyAdmin\Message
;
15 use PhpMyAdmin\Server\Privileges
;
16 use PhpMyAdmin\Relation
;
17 use PhpMyAdmin\RelationCleanup
;
18 use PhpMyAdmin\Response
;
19 use PhpMyAdmin\Template
;
20 use PhpMyAdmin\UserPassword
;
22 if (! defined('ROOT_PATH')) {
23 define('ROOT_PATH', __DIR__
. DIRECTORY_SEPARATOR
);
28 require_once ROOT_PATH
. 'libraries/common.inc.php';
30 $container = Container
::getDefaultContainer();
31 $container->set(Response
::class, Response
::getInstance());
33 /** @var Response $response */
34 $response = $container->get(Response
::class);
36 /** @var DatabaseInterface $dbi */
37 $dbi = $container->get(DatabaseInterface
::class);
39 $header = $response->getHeader();
40 $scripts = $header->getScripts();
41 $scripts->addFile('server_privileges.js');
42 $scripts->addFile('vendor/zxcvbn.js');
44 /** @var Template $template */
45 $template = $containerBuilder->get('template');
46 /** @var Relation $relation */
47 $relation = $containerBuilder->get('relation');
48 $relationCleanup = new RelationCleanup($dbi, $relation);
49 $serverPrivileges = new Privileges($template, $dbi, $relation, $relationCleanup);
50 $userPassword = new UserPassword($serverPrivileges);
53 * Displays an error message and exits if the user isn't allowed to use this
56 if (! $cfg['ShowChgPassword']) {
57 $cfg['ShowChgPassword'] = $dbi->selectDb('mysql');
59 if ($cfg['Server']['auth_type'] == 'config' ||
! $cfg['ShowChgPassword']) {
61 __('You don\'t have sufficient privileges to be here right now!')
67 * If the "change password" form has been submitted, checks for valid values
68 * and submit the query or logout
70 if (isset($_POST['nopass'])) {
71 if ($_POST['nopass'] == '1') {
74 $password = $_POST['pma_pw'];
76 $change_password_message = $userPassword->setChangePasswordMsg();
77 $msg = $change_password_message['msg'];
78 if (! $change_password_message['error']) {
79 $userPassword->changePassword($password, $msg, $change_password_message);
81 $userPassword->getChangePassMessage($change_password_message);
86 * If the "change password" form hasn't been submitted or the values submitted
87 * aren't valid -> displays the form
90 // Displays an error message if required
96 echo ChangePassword
::getHtml('change_pw', $username, $hostname);