bludit/bl-kernel/admin/controllers/user-password.php

<?php defined('BLUDIT') or die('Bludit CMS.');

// ============================================================================
// Functions
// ============================================================================

function setPassword($username, $new_password, $confirm_password)
{
	global $dbUsers;
	global $Language;
	global $Syslog;

	// Password length
	if( strlen($new_password) < 6 )
	{
		Alert::set($Language->g('Password must be at least 6 characters long'), ALERT_STATUS_FAIL);
		return false;
	}

	if($new_password===$confirm_password)
	{
		if( $dbUsers->setPassword($username, $new_password) ) {
			Alert::set($Language->g('The changes have been saved'), ALERT_STATUS_OK);
			// Add to syslog
			$Syslog->add(array(
				'dictionaryKey'=>'user-password-changed',
				'notes'=>$username
			));
			return true;
		}
		else {
			Log::set(__METHOD__.LOG_SEP.'Error occurred when trying to change the user password.');
			return false;
		}
	}
	else {
		Alert::set($Language->g('The password and confirmation password do not match'), ALERT_STATUS_FAIL);
		return false;
	}
}

// ============================================================================
// Main before POST
// ============================================================================

// ============================================================================
// POST Method
// ============================================================================

if( $_SERVER['REQUEST_METHOD'] == 'POST' )
{
	// Prevent editors to administrate other users.
	if($Login->role()!=='admin')
	{
		$_POST['username'] = $Login->username();
		unset($_POST['role']);
	}

	if( setPassword($_POST['username'], $_POST['new_password'], $_POST['confirm_password']) ) {
		Redirect::page('users');
	}
}

// ============================================================================
// Main after POST
// ============================================================================

if($Login->role()!=='admin') {
	$layout['parameters'] = $Login->username();
}

$_user = $dbUsers->getDb($layout['parameters']);

// If the user doesn't exist, redirect to the users list.
if($_user===false) {
	Redirect::page('users');
}

$_user['username'] = $layout['parameters'];

// Title of the page
$layout['title'] .= ' - '.$Language->g('Change password');
User manager improves 2015-11-07 01:23:50 +01:00			`<?php defined('BLUDIT') or die('Bludit CMS.');`

			`// ============================================================================`
			`// Functions`
			`// ============================================================================`

			`function setPassword($username, $new_password, $confirm_password)`
			`{`
			`global $dbUsers;`
			`global $Language;`
Auth token for users 2017-07-05 23:42:28 +02:00			`global $Syslog;`
User manager improves 2015-11-07 01:23:50 +01:00
			`// Password length`
			`if( strlen($new_password) < 6 )`
			`{`
			`Alert::set($Language->g('Password must be at least 6 characters long'), ALERT_STATUS_FAIL);`
			`return false;`
			`}`

			`if($new_password===$confirm_password)`
			`{`
			`if( $dbUsers->setPassword($username, $new_password) ) {`
			`Alert::set($Language->g('The changes have been saved'), ALERT_STATUS_OK);`
Auth token for users 2017-07-05 23:42:28 +02:00			`// Add to syslog`
			`$Syslog->add(array(`
			`'dictionaryKey'=>'user-password-changed',`
			`'notes'=>$username`
			`));`
User manager improves 2015-11-07 01:23:50 +01:00			`return true;`
			`}`
			`else {`
			`Log::set(__METHOD__.LOG_SEP.'Error occurred when trying to change the user password.');`
			`return false;`
			`}`
			`}`
			`else {`
			`Alert::set($Language->g('The password and confirmation password do not match'), ALERT_STATUS_FAIL);`
			`return false;`
			`}`
			`}`

			`// ============================================================================`
			`// Main before POST`
			`// ============================================================================`

			`// ============================================================================`
			`// POST Method`
			`// ============================================================================`

			`if( $_SERVER['REQUEST_METHOD'] == 'POST' )`
			`{`
			`// Prevent editors to administrate other users.`
			`if($Login->role()!=='admin')`
			`{`
			`$_POST['username'] = $Login->username();`
			`unset($_POST['role']);`
			`}`

			`if( setPassword($_POST['username'], $_POST['new_password'], $_POST['confirm_password']) ) {`
Bug fixes, developer area, google plugin updated, rss and sitemap updated 2017-06-05 22:36:09 +02:00			`Redirect::page('users');`
User manager improves 2015-11-07 01:23:50 +01:00			`}`
			`}`

			`// ============================================================================`
			`// Main after POST`
			`// ============================================================================`

			`if($Login->role()!=='admin') {`
			`$layout['parameters'] = $Login->username();`
			`}`

			`$_user = $dbUsers->getDb($layout['parameters']);`

			`// If the user doesn't exist, redirect to the users list.`
			`if($_user===false) {`
Bug fixes, developer area, google plugin updated, rss and sitemap updated 2017-06-05 22:36:09 +02:00			`Redirect::page('users');`
User manager improves 2015-11-07 01:23:50 +01:00			`}`

			`$_user['username'] = $layout['parameters'];`
Updated language dictionary, improves on Admin panel, Title on each section 2017-09-09 00:33:14 +02:00
			`// Title of the page`
			`$layout['title'] .= ' - '.$Language->g('Change password');`