188 lines
7.1 KiB
PHP
188 lines
7.1 KiB
PHP
<?php
|
|
|
|
include_once("../include/global.inc.php");
|
|
|
|
getLanguage(__FILE__);
|
|
|
|
$pageTitel = getLngt("PASSWORT-ÄNDERUNG");
|
|
$usr_id = -1;
|
|
include_once ("../admin/menu.php");
|
|
include_once ("../include/html.inc.php");
|
|
getCurrentScript(__FILE__);
|
|
$title = getLngt("Passwort-Änderung");
|
|
|
|
session_start();
|
|
$usr_id = $_SESSION["usr_id"];
|
|
$tries = getFieldValueFromClause("genericdatacontainer", "gdc_content", "gdc_obj_type = 'usr' AND gdc_obj_id = " . $usr_id . " AND gdc_gen_fieldname = 'set_new_pwd'" );
|
|
if ($tries == ""):
|
|
header("Location: ../admin/start.php");
|
|
endif;
|
|
|
|
list($f_submit, $f_chk_password, $f_chg_password, $f_chg_password1, $pwd_changed) =
|
|
getHttpVars(array('f_submit', 'f_chk_password', 'f_chg_password', 'f_chg_password1', 'pwd_changed'));
|
|
$f_chk_password = trim($f_chk_password);
|
|
$f_chg_password = trim($f_chg_password);
|
|
$f_chg_password1 = trim($f_chg_password1);
|
|
|
|
$passwordfields = true;
|
|
$statusMessage = "";
|
|
|
|
if ($f_submit == "Ändern"):
|
|
//echo getFieldValueFromId("user","usr_id",$usr_id,"usr_password") . " == " . $db->getOne("SELECT PASSWORD('". $f_chg_password . "')") . "?";
|
|
if ($usr_id != $db->getOne("SELECT usr_id FROM user WHERE usr_id = " . $usr_id . " AND usr_password = PASSWORD('$f_chk_password')")):
|
|
$statusMessage = "Das alte Passwort ist nicht korrekt.";
|
|
elseif ($f_chg_password == "" && $f_chg_password1 == ""):
|
|
$statusMessage = "Bitte das neue Passwort eingeben und zur Sicherheit wiederholen!";
|
|
elseif (!checkPasswordValidation($f_chg_password, $f_chg_password1)):
|
|
elseif (getFieldValueFromId("user", "usr_id", $usr_id, "usr_password") == $db->getOne("SELECT PASSWORD('". $f_chg_password . "')")):
|
|
$statusMessage = "Das neue Passwort muss sich vom alten unterscheiden!";
|
|
else:
|
|
$currentTime = getDateTime("0");
|
|
$db->query("UPDATE user SET usr_password = PASSWORD('" . $f_chg_password . "'), usr_password_modify = '" . $currentTime . "' WHERE usr_id = " . $usr_id);
|
|
// deleteStmt("genericdatacontainer","gdc_obj_type = 'usr' AND gdc_gen_fieldname = 'set_new_pwd' AND gdc_obj_id = " . $usr_id);
|
|
//echo date("Y-m-d H:i:s") . "|" . $tries;
|
|
updateStmt("genericdatacontainer", "gdc_obj_id", $usr_id, array("gdc_content", "", "gdc_context", date("Y-m-d H:i:s") . "|" . $tries), "gdc_obj_type = 'usr' AND gdc_gen_fieldname = 'set_new_pwd'");
|
|
$statusMessage = "Sie haben Ihr Passwort geändert!";
|
|
$passwordfields = false;
|
|
endif;
|
|
endif;
|
|
|
|
if ($f_submit == getLngt("Weiter")):
|
|
if ($pwd_changed == "false")
|
|
updateStmt("genericdatacontainer", "gdc_obj_id", $usr_id, array("gdc_content", ($tries - 1)), "gdc_obj_type = 'usr' AND gdc_gen_fieldname = 'set_new_pwd'");
|
|
$_SESSION['chgpwd'] = '0';
|
|
header("Location: ../admin/start.php");
|
|
endif;
|
|
|
|
if ($f_submit == getLngt("Abmelden")):
|
|
header("Location: ../admin/logout.php");
|
|
endif;
|
|
|
|
?>
|
|
|
|
<html>
|
|
<head>
|
|
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
|
|
<meta name="description" content="votian"> <meta name="keywords" content="votian">
|
|
<title><?php echo $pageTitel; ?></title>
|
|
<link rel="stylesheet" type="text/css" href="../css/phoenix.css">
|
|
<style type="text/css">
|
|
<?php include_once ("../css/navigation.css.php"); ?>
|
|
</style>
|
|
|
|
<?php include_once ("../include/js_framework.inc.php"); ?>
|
|
|
|
<script type="text/javascript">
|
|
<!--
|
|
<?php echo $jsMenuOut; ?>
|
|
|
|
function initForm()
|
|
{
|
|
myhide('sprache');
|
|
document.forms[0].f_chk_password.focus();
|
|
}
|
|
|
|
function content_loaded() {
|
|
setTimeout(function(){ document.forms[0].f_chk_password.value = ""; document.forms[0].f_chg_password.value = ""; document.forms[0].f_chg_password1.value = "";}, 20);
|
|
}
|
|
|
|
document.addEventListener("DOMContentLoaded", content_loaded, false);
|
|
|
|
-->
|
|
</script>
|
|
<script src="../include/lib_global.js" type="text/javascript">
|
|
</script>
|
|
<noscript>
|
|
<center>
|
|
<b><br>JavaScript ist nicht verfügbar. Bitte aktivieren Sie JavaScript<br><br>
|
|
in Ihrem Browser, damit diese Seite ordnungsgemäß funktioniert!</b><br><br>
|
|
</center>
|
|
</noscript>
|
|
</head>
|
|
|
|
<body leftmargin="1" topmargin="1" marginwidth="0" marginheight="0" link="#990000" vlink="#990000" alink="#990000" onLoad="<?php echo $phpCurrentNavigationOnLoad ?>initForm();">
|
|
<?php echo $phpMenuOut ?>
|
|
<?php echo $phpReducedMenuOut ?>
|
|
<?php echo $phpPageTitelOut ?>
|
|
|
|
<div class="maincontent" name="maincontent" id="maincontent">
|
|
|
|
<?php echo htmlDivLineSpacer("30px"); ?>
|
|
|
|
<div class="f12bp1_blue">
|
|
<?php echo $title ?>
|
|
</div>
|
|
|
|
<?php echo htmlDivLineSpacer("25px"); ?>
|
|
|
|
<?php if (!$passwordfields) echo "<!--"; ?>
|
|
<div>
|
|
<?php echo getLngt("Bitte ändern Sie Ihr Passwort (mindestens 8 Zeichen, eine Zahl und ein Buchstabe):") ?>
|
|
</div>
|
|
<?php if (!$passwordfields) echo "-->"; ?>
|
|
|
|
<?php echo htmlDivLineSpacer("25px"); ?>
|
|
|
|
<form action="chgpwd.php" method="POST">
|
|
<?php if (!$passwordfields) echo "<!--"; ?>
|
|
<div>
|
|
<div <?php echo setStyleHtmlDiv("150px","left"); ?>><?php echo getLngt("Altes Passwort:") ?></div>
|
|
<div>
|
|
<input type="password" name="f_chk_password" value="" size="20" maxlength="20" autocomplete="off">
|
|
</div>
|
|
</div>
|
|
<?php echo htmlDivLineSpacer("20px"); ?>
|
|
<div>
|
|
<div <?php echo setStyleHtmlDiv("150px","left"); ?>><?php echo getLngt("Neues Passwort:") ?></div>
|
|
<div>
|
|
<input type="password" name="f_chg_password" value="" size="20" maxlength="20">
|
|
</div>
|
|
</div>
|
|
<?php echo htmlDivLineSpacer("10px"); ?>
|
|
<div>
|
|
<div <?php echo setStyleHtmlDiv("150px","left"); ?>><?php echo getLngt("Wiederholung:") ?></div>
|
|
<div>
|
|
<input type="password" name="f_chg_password1" value="" size="20" maxlength="20">
|
|
</div>
|
|
</div>
|
|
<?php echo htmlDivLineSpacer("10px"); ?>
|
|
|
|
<?php if (!$passwordfields) echo "-->"; ?>
|
|
<div class="f10bp1_red">
|
|
<?php echo $statusMessage; ?>
|
|
</div>
|
|
<?php if ($statusMessage != "") echo htmlDivLineSpacer("10px"); ?>
|
|
<?php if (!$passwordfields) echo "<!--"; ?>
|
|
|
|
<?php echo defineButton(getLngt("Ändern"), "f_submit", "", "", "", "", "", "", "", "", "", "", "", "", "", getLngt("Ändern") . " ALT+n", "n", true); ?>
|
|
<?php echo htmlDivLineSpacer("25px"); ?>
|
|
<div>
|
|
<?php if ($tries > 0) echo getLngt("Sie können Ihr Passwort auch zu einem späteren Zeitpunkt ändern und sich noch <b>" . $tries .
|
|
"</b> mal wieder anmelden, bis Sie Ihr Passwort ändern müssen (klicken Sie auf \"Weiter\").") ?>
|
|
</div>
|
|
<?php if ($tries > 0) echo htmlDivLineSpacer("10px"); ?>
|
|
<?php if (!$passwordfields) echo "-->"; ?>
|
|
|
|
<input type="hidden" name="pwd_changed" value="<?php if (!$passwordfields) echo 'true'; else echo 'false'; ?>">
|
|
|
|
<?php if ($tries > 0 || !$passwordfields) echo defineButton(getLngt("Weiter"), "f_submit", "", "", "", "", "", "", "", "", "", "", "", "", "", getLngt("Weiter") . " ALT+w", "w", true); ?>
|
|
|
|
<?php if ($passwordfields) echo htmlDivLineSpacer("25px"); ?>
|
|
<div>
|
|
<?php if ($passwordfields) echo getLngt("Melden Sie sich oben im Menü ab, wenn Sie jetzt noch keine Entscheidung treffen möchten.") ?>
|
|
</div>
|
|
|
|
</form>
|
|
|
|
<?php /*echo "($dbhost, \$f_submit = '$f_submit', \$usr_id = $usr_id, \$f_chg_password = '$f_chg_password', \$f_chg_password1 = '$f_chg_password1', \$tries = $tries, \$_SESSION['chgpwd'] = " . $_SESSION['chgpwd']*/?>
|
|
|
|
</div>
|
|
</body>
|
|
</html>
|
|
|
|
<script type="text/javascript">
|
|
<!--
|
|
checkBrowser();
|
|
-->
|
|
</script>
|