mirrored from git://git.moodle.org/moodle.git
/
change_password.php
122 lines (87 loc) · 3.64 KB
/
change_password.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
<?PHP // $Id$
include("../config.php");
optional_variable($id);
if ($id) {
if (!$course = get_record("course", "id", $id)) {
error("No such course!");
}
}
if ($frm = data_submitted()) {
validate_form($frm, $err);
update_login_count();
if (!count((array)$err)) {
$username = $frm->username;
$password = md5($frm->newpassword1);
$user = get_user_info_from_db("username", $username);
if (isguest($user->id)) {
error("Can't change guest password!");
}
if (set_field("user", "password", $password, "username", $username)) {
$user->password = $password;
} else {
error("Could not set the new password");
}
$USER = $user;
$USER->loggedin = true;
$USER->site = $CFG->wwwroot; // for added security
save_session("USER");
set_moodle_cookie($USER->username);
reset_login_count();
$strpasswordchanged = get_string("passwordchanged");
if ($course->id) {
print_header($strpasswordchanged, $strpasswordchanged,
"<A HREF=\"$CFG->wwwroot/course/view.php?id=$course->id\">$course->shortname</A> ->
<A HREF=\"$CFG->wwwroot/user/index.php?id=$course->id\">".get_string("participants")."</A> ->
<A HREF=\"$CFG->wwwroot/user/view.php?id=$USER->id&course=$course->id\">$USER->firstname $USER->lastname</A> -> $strpasswordchanged", $focus);
notice($strpasswordchanged, "$CFG->wwwroot/user/view.php?id=$USER->id&course=$id");
} else {
print_header($strpasswordchanged, $strpasswordchanged, $strpasswordchanged, "");
notice($strpasswordchanged, "$CFG->wwwroot");
}
print_footer();
exit;
}
}
if ($course->id) {
$frm->id = $id;
}
if (empty($frm->username)) {
$frm->username = get_moodle_cookie();
}
if (!empty($frm->username)) {
$focus = "form.password";
} else {
$focus = "form.username";
}
$strchangepassword = get_string("changepassword");
if (!empty($course->id)) {
print_header($strchangepassword, $strchangepassword,
"<A HREF=\"$CFG->wwwroot/course/view.php?id=$course->id\">$course->shortname</A> ->
<A HREF=\"$CFG->wwwroot/user/index.php?id=$course->id\">".get_string("participants")."</A> ->
<A HREF=\"$CFG->wwwroot/user/view.php?id=$USER->id&course=$course->id\">$USER->firstname $USER->lastname</A> -> $strchangepassword", $focus);
} else {
print_header($strchangepassword, $strchangepassword, $strchangepassword, $focus);
}
print_simple_box_start("center", "", $THEME->cellheading);
include("change_password_form.html");
print_simple_box_end();
print_footer();
/******************************************************************************
* FUNCTIONS
*****************************************************************************/
function validate_form($frm, &$err) {
if (empty($frm->username))
$err->username = get_string("missingusername");
else if (empty($frm->password))
$err->password = get_string("missingpassword");
else if (!authenticate_user_login($frm->username, $frm->password))
$err->password = get_string("wrongpassword");
if (empty($frm->newpassword1))
$err->newpassword1 = get_string("missingnewpassword");
if (empty($frm->newpassword2))
$err->newpassword2 = get_string("missingnewpassword");
else if ($frm->newpassword1 <> $frm->newpassword2)
$err->newpassword2 = get_string("passwordsdiffer");
return;
}
?>