151 lines
4.0 KiB
PHP
151 lines
4.0 KiB
PHP
<?php
|
|
/*=======================================================================
|
|
*
|
|
* cr_changepwd.php
|
|
*
|
|
* Autor: Marc Vollmann
|
|
*
|
|
=======================================================================*/
|
|
|
|
include_once ("../include/mcglobal.inc.php");
|
|
include_once ("../include/auth.inc.php");
|
|
|
|
|
|
// Check HTTP-Parameters
|
|
getSecHttpVars("1",array("f_act", "f_currentPassword", "f_newPassword", "f_newPassword2", "statusMessage"));
|
|
|
|
$pageTitel = "PASSWORTÄNDERUNG";
|
|
include_once ("../admin/menu.php");
|
|
include_once ("../include/html.inc.php");
|
|
|
|
|
|
// Check for authentication access and granted rights
|
|
$usrAccessArray["cr"] = "1";
|
|
authCheckForAccess($hq_id, $usr_id, $emp_id, "1", $customerId, $cscIdRoot, $cscIdActual);
|
|
|
|
|
|
if ($f_act == "setPassword") :
|
|
|
|
if (checkPasswordValidation($f_newPassword,$f_newPassword2)) :
|
|
|
|
// Current password
|
|
$currPwd = getFieldValueFromId("user","usr_id",$usr_id,"usr_password");
|
|
|
|
// Update password ONLY if old password matches
|
|
$sqlStmt = "UPDATE user SET usr_password = PASSWORD('$f_newPassword') WHERE usr_id = '$usr_id' AND usr_type = '$userType' AND usr_password = PASSWORD('$f_currentPassword')";
|
|
|
|
$res = $db->query($sqlStmt);
|
|
if (DB::isError($res)) die ("$PHP_SELF: <br>$sqlStmt<br>" . $res->getMessage());
|
|
|
|
$newPwd = getFieldValueFromId("user","usr_id",$usr_id,"usr_password");
|
|
|
|
if ($currPwd != $newPwd) :
|
|
$statusMessage = "Ihr Passwort wurde geändert!";
|
|
else :
|
|
$statusMessage = "Ihr Passwort konnte nicht geändert werden! Versuchen Sie es bitte erneut!";
|
|
endif;
|
|
endif;
|
|
endif;
|
|
|
|
|
|
// Output
|
|
$title = "Änderung des Passwortes";
|
|
?>
|
|
|
|
|
|
<html lang="de">
|
|
<head>
|
|
<title>PASSWORTÄNDERUNG</title>
|
|
|
|
<link rel="stylesheet" type="text/css" href="../css/phoenix.css">
|
|
|
|
<style type="text/css">
|
|
<?php include_once ("../css/navigation.css.php"); ?>
|
|
</style>
|
|
|
|
<?php include_once ("../include/js_framework.inc.php"); ?>
|
|
|
|
<script src="../include/checkFormTags.js" type="text/javascript"></script>
|
|
<script type="text/javascript">
|
|
<!--
|
|
// NAVIGATION
|
|
<?php echo $jsMenuOut; ?>
|
|
|
|
function finishPage(f_act,text) {
|
|
// if (confirm(text)) {
|
|
document.forms[0].f_act.value = f_act;
|
|
document.forms[0].submit();
|
|
// }
|
|
};
|
|
-->
|
|
</script>
|
|
<noscript>
|
|
<center>
|
|
<b><br>JavaScript ist nicht verfügbar. Bitte aktivieren Sie JavaScript<br><br>
|
|
in Ihrem Browser, damit diese Seite ordnungsgemäß funktioniert!</b><br><br>
|
|
</center>
|
|
</noscript>
|
|
</head>
|
|
|
|
<body onLoad="<?php echo $phpCurrentNavigationOnLoad ?>">
|
|
|
|
<?php echo $phpMenuOut ?>
|
|
<?php echo $phpReducedMenuOut ?>
|
|
<?php echo $phpPageTitelOut ?>
|
|
|
|
<div class="maincontent" name="maincontent" id="maincontent">
|
|
|
|
<form action="../courier/cr_changepwd.php" method="post">
|
|
|
|
<input type="hidden" name="f_act" value="">
|
|
|
|
<?php echo htmlDivLineSpacer("30px"); ?>
|
|
|
|
<div class="f12bp1_blue">
|
|
<?php echo $title ?>
|
|
</div>
|
|
|
|
<?php echo htmlDivLineSpacer("25px"); ?>
|
|
|
|
<div>
|
|
Das Passwort muss aus mindestens 8 Zeichen bestehen (Buchstaben, Zahlen, Sonderzeichen)
|
|
</div>
|
|
|
|
<?php echo htmlDivLineSpacer("25px"); ?>
|
|
|
|
<div>
|
|
<div <?php echo setStyleHtmlDiv("150px","left"); ?>>Aktuelles Passwort:</div>
|
|
<div>
|
|
<input type="password" name="f_currentPassword" value="" size="15">
|
|
</div>
|
|
</div>
|
|
<?php echo htmlDivLineSpacer("10px"); ?>
|
|
<div>
|
|
<div <?php echo setStyleHtmlDiv("150px","left"); ?>>Neues Passwort:</div>
|
|
<div>
|
|
<input type="password" name="f_newPassword" value="" size="15">
|
|
</div>
|
|
</div>
|
|
<?php echo htmlDivLineSpacer("5px"); ?>
|
|
<div>
|
|
<div <?php echo setStyleHtmlDiv("150px","left"); ?>>Wiederholung:</div>
|
|
<div>
|
|
<input type="password" name="f_newPassword2" value="" size="15">
|
|
</div>
|
|
</div>
|
|
|
|
<?php echo htmlDivLineSpacer("20px"); ?>
|
|
|
|
<?php echo defineButton("Passwort setzen", "action_pwd", "finishPage('setPassword');", "", "", "", "", "140px"); ?>
|
|
|
|
<?php echo htmlDivLineSpacer("20px"); ?>
|
|
|
|
<div class="f10bp1_red">
|
|
<?php echo $statusMessage; ?>
|
|
</div>
|
|
</form>
|
|
</div>
|
|
|
|
</body>
|
|
</html>
|