Quick Search:

View

Revision:

Diff

Diff from 1843 to:

Annotations

Annotate by Age | Author | Mixed | None
/fisheye/browse/osCommerce/oscommerce2/trunk/catalog/account_password.php

Annotated File View 

hpdl
 
477
 1 <?php
2 /* 
hpdl
 
1739
 3   $Id: account_password.php 1843 2008-12-12 13:32:10Z hpdl $ 
hpdl
 
477
 4
5   osCommerce, Open Source E-Commerce Solutions
6   http://www.oscommerce.com
7 
hpdl
 
1843
 8   Copyright (c) 2008 osCommerce 
hpdl
 
477
 9
10   Released under the GNU General Public License
11 */
12
13   require('includes/application_top.php');
14
15   if (!tep_session_is_registered('customer_id')) {
16     $navigation->set_snapshot();
17     tep_redirect(tep_href_link(FILENAME_LOGIN, '', 'SSL'));
18   }
19
20 // needs to be included earlier to set the success message in the messageStack
21   require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_ACCOUNT_PASSWORD);
22 
hpdl
 
1843
 23   if (isset($HTTP_POST_VARS['action']) && ($HTTP_POST_VARS['action'] == 'process') && isset($HTTP_POST_VARS['formid']) && ($HTTP_POST_VARS['formid'] == $sessiontoken)) { 
hpdl
 
477
 24     $password_current = tep_db_prepare_input($HTTP_POST_VARS['password_current']);
25     $password_new = tep_db_prepare_input($HTTP_POST_VARS['password_new']);
26     $password_confirmation = tep_db_prepare_input($HTTP_POST_VARS['password_confirmation']);
27
28     $error = false;
29
30     if (strlen($password_current) < ENTRY_PASSWORD_MIN_LENGTH) {
31       $error = true;
32
33       $messageStack->add('account_password', ENTRY_PASSWORD_CURRENT_ERROR);
34     } elseif (strlen($password_new) < ENTRY_PASSWORD_MIN_LENGTH) {
35       $error = true;
36
37       $messageStack->add('account_password', ENTRY_PASSWORD_NEW_ERROR);
38     } elseif ($password_new != $password_confirmation) {
39       $error = true;
40
41       $messageStack->add('account_password', ENTRY_PASSWORD_NEW_ERROR_NOT_MATCHING);
42     }
43
44     if ($error == false) {
45       $check_customer_query = tep_db_query("select customers_password from " . TABLE_CUSTOMERS . " where customers_id = '" . (int)$customer_id . "'");
46       $check_customer = tep_db_fetch_array($check_customer_query);
47
48       if (tep_validate_password($password_current, $check_customer['customers_password'])) {
49         tep_db_query("update " . TABLE_CUSTOMERS . " set customers_password = '" . tep_encrypt_password($password_new) . "' where customers_id = '" . (int)$customer_id . "'");
50
51         tep_db_query("update " . TABLE_CUSTOMERS_INFO . " set customers_info_date_account_last_modified = now() where customers_info_id = '" . (int)$customer_id . "'");
52
53         $messageStack->add_session('account', SUCCESS_PASSWORD_UPDATED, 'success');
54
55         tep_redirect(tep_href_link(FILENAME_ACCOUNT, '', 'SSL'));
56       } else {
57         $error = true;
58
59         $messageStack->add('account_password', ERROR_CURRENT_PASSWORD_NOT_MATCHING);
60       }
61     }
62   }
63
64   $breadcrumb->add(NAVBAR_TITLE_1, tep_href_link(FILENAME_ACCOUNT, '', 'SSL'));
65   $breadcrumb->add(NAVBAR_TITLE_2, tep_href_link(FILENAME_ACCOUNT_PASSWORD, '', 'SSL'));
66 ?>
67 <!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN">
68 <html <?php echo HTML_PARAMS; ?>>
69 <head>
70 <meta http-equiv="Content-Type" content="text/html; charset=<?php echo CHARSET; ?>">
71 <title><?php echo TITLE; ?></title>
72 <base href="<?php echo (($request_type == 'SSL') ? HTTPS_SERVER : HTTP_SERVER) . DIR_WS_CATALOG; ?>">
73 <link rel="stylesheet" type="text/css" href="stylesheet.css">
74 <?php require('includes/form_check.js.php'); ?>
75 </head>
76 <body marginwidth="0" marginheight="0" topmargin="0" bottommargin="0" leftmargin="0" rightmargin="0">
77 <!-- header //-->
78 <?php require(DIR_WS_INCLUDES . 'header.php'); ?>
79 <!-- header_eof //-->
80
81 <!-- body //-->
82 <table border="0" width="100%" cellspacing="3" cellpadding="3">
83   <tr>
84     <td width="<?php echo BOX_WIDTH; ?>" valign="top"><table border="0" width="<?php echo BOX_WIDTH; ?>" cellspacing="0" cellpadding="2">
85 <!-- left_navigation //-->
86 <?php require(DIR_WS_INCLUDES . 'column_left.php'); ?>
87 <!-- left_navigation_eof //-->
88     </table></td>
89 <!-- body_text //--> 
hpdl
 
1843
 90     <td width="100%" valign="top"><?php echo tep_draw_form('account_password', tep_href_link(FILENAME_ACCOUNT_PASSWORD, '', 'SSL'), 'post', 'onSubmit="return check_form(account_password);"', true) . tep_draw_hidden_field('action', 'process'); ?><table border="0" width="100%" cellspacing="0" cellpadding="0"> 
hpdl
 
477
 91       <tr>
92         <td><table border="0" width="100%" cellspacing="0" cellpadding="0">
93           <tr>
94             <td class="pageHeading"><?php echo HEADING_TITLE; ?></td>
95             <td class="pageHeading" align="right"><?php echo tep_image(DIR_WS_IMAGES . 'table_background_account.gif', HEADING_TITLE, HEADING_IMAGE_WIDTH, HEADING_IMAGE_HEIGHT); ?></td>
96           </tr>
97         </table></td>
98       </tr>
99       <tr>
100         <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td>
101       </tr>
102 <?php
103   if ($messageStack->size('account_password') > 0) {
104 ?>
105       <tr>
106         <td><?php echo $messageStack->output('account_password'); ?></td>
107       </tr>
108       <tr>
109         <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td>
110       </tr>
111 <?php
112   }
113 ?>
114       <tr>
115         <td><table border="0" width="100%" cellspacing="0" cellpadding="2">
116           <tr>
117             <td><table border="0" width="100%" cellspacing="0" cellpadding="2">
118               <tr>
119                 <td class="main"><b><?php echo MY_PASSWORD_TITLE; ?></b></td>
120                 <td class="inputRequirement" align="right"><?php echo FORM_REQUIRED_INFORMATION; ?></td>
121               </tr>
122             </table></td>
123           </tr>
124           <tr>
125             <td><table border="0" width="100%" cellspacing="1" cellpadding="2" class="infoBox">
126               <tr class="infoBoxContents">
127                 <td><table border="0" cellspacing="2" cellpadding="2">
128                   <tr>
129                     <td class="main"><?php echo ENTRY_PASSWORD_CURRENT; ?></td>
130                     <td class="main"><?php echo tep_draw_password_field('password_current') . '&nbsp;' . (tep_not_null(ENTRY_PASSWORD_CURRENT_TEXT) ? '<span class="inputRequirement">' . ENTRY_PASSWORD_CURRENT_TEXT . '</span>': ''); ?></td>
131                   </tr>
132                   <tr>
133                     <td colspan="2"><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td>
134                   </tr>
135                   <tr>
136                     <td class="main"><?php echo ENTRY_PASSWORD_NEW; ?></td>
137                     <td class="main"><?php echo tep_draw_password_field('password_new') . '&nbsp;' . (tep_not_null(ENTRY_PASSWORD_NEW_TEXT) ? '<span class="inputRequirement">' . ENTRY_PASSWORD_NEW_TEXT . '</span>': ''); ?></td>
138                   </tr>
139                   <tr>
140                     <td class="main"><?php echo ENTRY_PASSWORD_CONFIRMATION; ?></td>
141                     <td class="main"><?php echo tep_draw_password_field('password_confirmation') . '&nbsp;' . (tep_not_null(ENTRY_PASSWORD_CONFIRMATION_TEXT) ? '<span class="inputRequirement">' . ENTRY_PASSWORD_CONFIRMATION_TEXT . '</span>': ''); ?></td>
142                   </tr>
143                 </table></td>
144               </tr>
145             </table></td>
146           </tr>
147         </table></td>
148       </tr>
149       <tr>
150         <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td>
151       </tr>
152       <tr>
153         <td><table border="0" width="100%" cellspacing="1" cellpadding="2" class="infoBox">
154           <tr class="infoBoxContents">
155             <td><table border="0" width="100%" cellspacing="0" cellpadding="2">
156               <tr>
157                 <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td>
158                 <td><?php echo '<a href="' . tep_href_link(FILENAME_ACCOUNT, '', 'SSL') . '">' . tep_image_button('button_back.gif', IMAGE_BUTTON_BACK) . '</a>'; ?></td>
159                 <td align="right"><?php echo tep_image_submit('button_continue.gif', IMAGE_BUTTON_CONTINUE); ?></td>
160                 <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td>
161               </tr>
162             </table></td>
163           </tr>
164         </table></td>
165       </tr>
166     </table></form></td>
167 <!-- body_text_eof //-->
168     <td width="<?php echo BOX_WIDTH; ?>" valign="top"><table border="0" width="<?php echo BOX_WIDTH; ?>" cellspacing="0" cellpadding="2">
169 <!-- right_navigation //-->
170 <?php require(DIR_WS_INCLUDES . 'column_right.php'); ?>
171 <!-- right_navigation_eof //-->
172     </table></td>
173   </tr>
174 </table>
175 <!-- body_eof //-->
176
177 <!-- footer //-->
178 <?php require(DIR_WS_INCLUDES . 'footer.php'); ?>
179 <!-- footer_eof //-->
180 <br>
181 </body>
182 </html>
183 <?php require(DIR_WS_INCLUDES . 'application_bottom.php'); ?>