90 lines
2.3 KiB
PHP
90 lines
2.3 KiB
PHP
<?php
|
|
//
|
|
// Postfix Admin
|
|
// by Mischa Peters <mischa at high5 dot nl>
|
|
// Copyright (c) 2002 - 2005, 2021 High5!
|
|
// License Info: http://www.postfixadmin.com/?file=LICENSE.TXT
|
|
//
|
|
// File: password.php
|
|
//
|
|
// Template File: users_password.tpl
|
|
//
|
|
// Template Variables:
|
|
//
|
|
// tMessage
|
|
//
|
|
// Form POST \ GET Variables:
|
|
//
|
|
// fPassword_current
|
|
// fPassword
|
|
// fPassword2
|
|
//
|
|
require ("../variables.inc.php");
|
|
require ("../config.inc.php");
|
|
require ("../functions.inc.php");
|
|
include ("../languages/" . check_language () . ".lang");
|
|
|
|
$USERID_USERNAME = check_user_session ();
|
|
$tmp = preg_split ('/@/', $USERID_USERNAME);
|
|
$USERID_DOMAIN = $tmp[1];
|
|
|
|
if ($_SERVER['REQUEST_METHOD'] == "GET")
|
|
{
|
|
include ("../templates/header.tpl");
|
|
include ("../templates/users_menu.tpl");
|
|
include ("../templates/users_password.tpl");
|
|
include ("../templates/footer.tpl");
|
|
}
|
|
|
|
if ($_SERVER['REQUEST_METHOD'] == "POST")
|
|
{
|
|
$fPassword_current = escape_string ($_POST['fPassword_current']);
|
|
$fPassword = escape_string ($_POST['fPassword']);
|
|
$fPassword2 = escape_string ($_POST['fPassword2']);
|
|
|
|
$username = $USERID_USERNAME;
|
|
|
|
$result = db_query ("SELECT * FROM mailbox WHERE username='$username'");
|
|
if ($result['rows'] == 1)
|
|
{
|
|
$row = db_array ($result['result']);
|
|
if (!password_verify($fPassword_current, $row['password']))
|
|
{
|
|
$error = 1;
|
|
$pPassword_password_current_text = $PALANG['pPassword_password_current_text_error'];
|
|
}
|
|
}
|
|
else
|
|
{
|
|
$error = 1;
|
|
$pPassword_email_text = $PALANG['pPassword_email_text_error'];
|
|
}
|
|
|
|
if (empty ($fPassword) or ($fPassword != $fPassword2))
|
|
{
|
|
$error = 1;
|
|
$pPassword_password_text = $PALANG['pPassword_password_text_error'];
|
|
}
|
|
|
|
if ($error != 1)
|
|
{
|
|
$password = pacrypt ($fPassword);
|
|
$result = db_query ("UPDATE mailbox SET password='$password',modified=NOW() WHERE username='$username'");
|
|
if ($result['rows'] == 1)
|
|
{
|
|
$tMessage = $PALANG['pPassword_result_succes'];
|
|
db_log ($USERID_USERNAME, $USERID_DOMAIN, "change password", "$USERID_USERNAME");
|
|
}
|
|
else
|
|
{
|
|
$tMessage = $PALANG['pPassword_result_error'];
|
|
}
|
|
}
|
|
|
|
include ("../templates/header.tpl");
|
|
include ("../templates/users_menu.tpl");
|
|
include ("../templates/users_password.tpl");
|
|
include ("../templates/footer.tpl");
|
|
}
|
|
?>
|