1
0
mirror of https://github.com/e107inc/e107.git synced 2025-01-17 20:58:30 +01:00
php-e107/e107_admin/updateadmin.php
2021-02-01 18:18:30 -08:00

127 lines
3.6 KiB
PHP

<?php
/*
* e107 website system
*
* Copyright (C) 2008-2009 e107 Inc (e107.org)
* Released under the terms and conditions of the
* GNU General Public License (http://www.gnu.org/licenses/gpl.txt)
*
* Administration Area - Update Admin
*
*
*/
require_once(__DIR__.'/../class2.php');
// include_lan(e_LANGUAGEDIR.e_LANGUAGE.'/admin/lan_'.e_PAGE);
e107::lan('core','updateadmin',true);
$e_sub_cat = 'admin_pass';
require_once(e_ADMIN.'auth.php');
// require_once(e_HANDLER.'user_handler.php'); //use e107::getUserSession() instead.
require_once(e_HANDLER.'validator_class.php');
$userMethods = e107::getUserSession();
$mes = e107::getMessage();
$frm = e107::getForm();
if (isset($_POST['update_settings']))
{
if ($_POST['ac'] == md5(ADMINPWCHANGE))
{
$userData = array();
$userData['data'] = array();
if ($_POST['a_password'] != '' && $_POST['a_password2'] != '' && ($_POST['a_password'] == $_POST['a_password2']))
{
$userData['data']['user_password'] = $sql->escape($userMethods->HashPassword($_POST['a_password'], $currentUser['user_loginname']), FALSE);
unset($_POST['a_password']);
unset($_POST['a_password2']);
if (vartrue($pref['allowEmailLogin']))
{
$new_pass = e107::getParser()->filter($_POST['a_password']);
$user_prefs = e107::getArrayStorage()->unserialize($currentUser['user_prefs']);
$user_prefs['email_password'] = $userMethods->HashPassword($new_pass, USEREMAIL);
$userData['data']['user_prefs'] = e107::getArrayStorage()->serialize($user_prefs);
}
$userData['data']['user_pwchange'] = time();
$userData['WHERE'] = 'user_id='.USERID;
validatorClass::addFieldTypes($userMethods->userVettingInfo,$userData, $userMethods->otherFieldTypes);
$check = $sql->update('user',$userData);
if ($check)
{
e107::getLog()->add('ADMINPW_01', '');
$userMethods->makeUserCookie(array('user_id' => USERID,'user_password' => $userData['data']['user_password']), FALSE); // Can't handle autologin ATM
$mes->addSuccess(UDALAN_3." ".ADMINNAME);
e107::getEvent()->trigger('adpword'); //@deprecated
$eventData = array('user_id'=> USERID, 'user_pwchange'=> $userData['data']['user_pwchange']);
e107::getEvent()->trigger('admin_password_update',$eventData );
$ns->tablerender(UDALAN_2, $mes->render());
}
else
{
$mes->addError(UDALAN_1.' '.LAN_UPDATED_FAILED);
$ns->tablerender(LAN_UPDATED_FAILED, $mes->render());
}
}
else
{
$mes->addError(UDALAN_1.' '.LAN_UPDATED_FAILED);
$ns->tablerender(LAN_UPDATED_FAILED, $mes->render());
}
}
}
else
{
$text = "
<form method='post' action='".e_SELF."'>
<fieldset id='core-updateadmin'>
<legend class='e-hideme'>".UDALAN_8." ".ADMINNAME."</legend>
<table class='table adminform'>
<colgroup>
<col class='col-label' />
<col class='col-control' />
</colgroup>
<tbody>
<tr>
<td>".UDALAN_4.":</td>
<td>
".ADMINNAME."
</td>
</tr>
<tr>
<td>".LAN_PASSWORD.":</td>
<td>".$frm->password('a_password','',20,'generate=1&strength=1')."
</td>
</tr>
<tr>
<td>".UDALAN_6.":</td>
<td>
<input class='tbox form-control input-text' type='password' name='a_password2' size='60' value='' maxlength='20' />
</td>
</tr>
</tbody>
</table>
<div class='buttons-bar center'>
<input type='hidden' name='ac' value='".md5(defset('ADMINPWCHANGE'))."' />".
$frm->admin_button('update_settings','no-value','update',UDALAN_7)."
</div>
</fieldset>
</form>
";
$ns->tablerender(UDALAN_8." ".ADMINNAME, $text);
}
require_once(e_ADMIN.'footer.php');