Revision 1425
Added by Dietmar almost 14 years ago
password.php | ||
---|---|---|
24 | 24 |
$new_password = $_POST['new_password']; |
25 | 25 |
$new_password2 = $_POST['new_password2']; |
26 | 26 |
|
27 |
// Create a javascript back link |
|
28 |
$js_back = WB_URL.'/account/preferences.php'; |
|
29 |
|
|
27 | 30 |
if (!$wb->checkFTAN()) |
28 | 31 |
{ |
29 |
$wb->print_error($MESSAGE['GENERIC_SECURITY_ACCESS'], WB_URL);
|
|
32 |
$wb->print_error($MESSAGE['GENERIC_SECURITY_ACCESS'], $js_back, false);
|
|
30 | 33 |
exit(); |
31 | 34 |
} |
32 | 35 |
|
33 |
// Create a javascript back link |
|
34 |
$js_back = "javascript: history.go(-1);"; |
|
35 |
|
|
36 | 36 |
// Get existing password |
37 | 37 |
// $database = new database(); |
38 | 38 |
$query = "SELECT user_id FROM ".TABLE_PREFIX."users WHERE user_id = '".$wb->get_user_id()."' AND password = '".md5($current_password)."'"; |
... | ... | |
42 | 42 |
if($results->numRows() == 0) { |
43 | 43 |
$wb->print_error($MESSAGE['PREFERENCES']['CURRENT_PASSWORD_INCORRECT'], $js_back, false); |
44 | 44 |
} |
45 |
|
|
45 | 46 |
if(strlen($new_password) < 3) { |
46 | 47 |
$wb->print_error($MESSAGE['USERS']['PASSWORD_TOO_SHORT'], $js_back, false); |
47 | 48 |
} |
... | ... | |
57 | 58 |
$query = "UPDATE ".TABLE_PREFIX."users SET password = '$md5_password' WHERE user_id = '".$wb->get_user_id()."'"; |
58 | 59 |
$database->query($query); |
59 | 60 |
if($database->is_error()) { |
60 |
$wb->print_error($database->get_error, 'index.php', false);
|
|
61 |
$wb->print_error($database->get_error, $js_back, false);
|
|
61 | 62 |
} else { |
62 |
$wb->print_success($MESSAGE['PREFERENCES']['PASSWORD_CHANGED'], WB_URL.'/account/preferences.php');
|
|
63 |
$wb->print_success($MESSAGE['PREFERENCES']['PASSWORD_CHANGED']); |
|
63 | 64 |
} |
64 | 65 |
|
65 | 66 |
?> |
Also available in: Unified diff
redefined wrong admin backlinks