Project

General

Profile

« Previous | Next » 

Revision 1425

Added by Dietmar almost 14 years ago

redefined wrong admin backlinks

View differences:

password.php
24 24 
$new_password = $_POST['new_password'];
25 25 
$new_password2 = $_POST['new_password2'];
26 26 

  		




  
  27
  
    
// Create a javascript back link


  		




  
  28
  
    
$js_back = WB_URL.'/account/preferences.php';


  		




  
  29
  
    

  		




  27
  30
  
    
if (!$wb->checkFTAN())


  		




  28
  31
  
    
{


  		




  29
  
  
    
	$wb->print_error($MESSAGE['GENERIC_SECURITY_ACCESS'], WB_URL);


  		




  
  32
  
    
	$wb->print_error($MESSAGE['GENERIC_SECURITY_ACCESS'], $js_back, false);


  		




  30
  33
  
    
	exit();


  		




  31
  34
  
    
}


  		




  32
  35
  
    

  		




  33
  
  
    
// Create a javascript back link


  		




  34
  
  
    
$js_back = "javascript: history.go(-1);";


  		




  35
  
  
    

  		




  36
  36
  
    
// Get existing password


  		




  37
  37
  
    
// $database = new database();


  		




  38
  38
  
    
$query = "SELECT user_id FROM ".TABLE_PREFIX."users WHERE user_id = '".$wb->get_user_id()."' AND password = '".md5($current_password)."'";


  		




  ......




  42
  42
  
    
if($results->numRows() == 0) {


  		




  43
  43
  
    
	$wb->print_error($MESSAGE['PREFERENCES']['CURRENT_PASSWORD_INCORRECT'], $js_back, false);


  		




  44
  44
  
    
}


  		




  
  45
  
    

  		




  45
  46
  
    
if(strlen($new_password) < 3) {


  		




  46
  47
  
    
	$wb->print_error($MESSAGE['USERS']['PASSWORD_TOO_SHORT'], $js_back, false);


  		




  47
  48
  
    
}


  		




  ......




  57
  58
  
    
$query = "UPDATE ".TABLE_PREFIX."users SET password = '$md5_password' WHERE user_id = '".$wb->get_user_id()."'";


  		




  58
  59
  
    
$database->query($query);


  		




  59
  60
  
    
if($database->is_error()) {


  		




  60
  
  
    
	$wb->print_error($database->get_error, 'index.php', false);


  		




  
  61
  
    
	$wb->print_error($database->get_error, $js_back, false);


  		




  61
  62
  
    
} else {


  		




  62
  
  
    
	$wb->print_success($MESSAGE['PREFERENCES']['PASSWORD_CHANGED'], WB_URL.'/account/preferences.php');


  		




  
  63
  
    
	$wb->print_success($MESSAGE['PREFERENCES']['PASSWORD_CHANGED']);


  		




  63
  64
  
    
}


  		




  64
  65
  
    

  		




  65
  66
  
    
?>


  		












Also available in:  Unified diff