2015-11-07 01:23:50 +01:00
|
|
|
<?php defined('BLUDIT') or die('Bludit CMS.');
|
|
|
|
|
|
|
|
// ============================================================================
|
|
|
|
// Functions
|
|
|
|
// ============================================================================
|
|
|
|
|
|
|
|
// ============================================================================
|
|
|
|
// Main before POST
|
|
|
|
// ============================================================================
|
|
|
|
|
|
|
|
// ============================================================================
|
|
|
|
// POST Method
|
|
|
|
// ============================================================================
|
|
|
|
|
2018-05-15 20:12:15 +02:00
|
|
|
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
|
2019-05-28 20:49:29 +02:00
|
|
|
// Prevent non-administrators to change other users
|
|
|
|
$username = $_POST['username'];
|
|
|
|
if ($login->role()!=='admin') {
|
|
|
|
$username = $login->username();
|
|
|
|
}
|
|
|
|
|
2018-05-15 20:12:15 +02:00
|
|
|
if (changeUserPassword(array(
|
2019-05-28 20:49:29 +02:00
|
|
|
'username'=>$username,
|
2018-05-15 20:12:15 +02:00
|
|
|
'newPassword'=>$_POST['newPassword'],
|
|
|
|
'confirmPassword'=>$_POST['confirmPassword']
|
|
|
|
))) {
|
2018-11-09 00:59:06 +01:00
|
|
|
if ($login->role()==='admin') {
|
|
|
|
Redirect::page('users');
|
|
|
|
}
|
|
|
|
Redirect::page('edit-user/'.$login->username());
|
2015-11-07 01:23:50 +01:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
// ============================================================================
|
|
|
|
// Main after POST
|
|
|
|
// ============================================================================
|
|
|
|
|
2018-05-15 20:12:15 +02:00
|
|
|
// Prevent non-administrators to change other users
|
2018-07-14 15:17:06 +02:00
|
|
|
if ($login->role()!=='admin') {
|
|
|
|
$layout['parameters'] = $login->username();
|
2015-11-07 01:23:50 +01:00
|
|
|
}
|
|
|
|
|
2018-07-25 23:42:00 +02:00
|
|
|
try {
|
|
|
|
$username = $layout['parameters'];
|
|
|
|
$user = new User($username);
|
|
|
|
} catch (Exception $e) {
|
2017-06-05 22:36:09 +02:00
|
|
|
Redirect::page('users');
|
2015-11-07 01:23:50 +01:00
|
|
|
}
|
|
|
|
|
2017-09-09 00:33:14 +02:00
|
|
|
// Title of the page
|
2018-08-05 17:54:20 +02:00
|
|
|
$layout['title'] = $L->g('Change password').' - '.$layout['title'];
|