2 /************************************************************************/
4 /************************************************************************/
5 /* Copyright (c) 2002-2010 */
6 /* Inclusive Design Institute */
8 /* This program is free software. You can redistribute it and/or */
9 /* modify it under the terms of the GNU General Public License */
10 /* as published by the Free Software Foundation. */
11 /************************************************************************/
13 define('AT_INCLUDE_PATH', '../../../../include/');
14 require(AT_INCLUDE_PATH.'vitals.inc.php');
16 if ($_SESSION['valid_user'] !== true) {
17 require(AT_INCLUDE_PATH.'header.inc.php');
18 $info = array('INVALID_USER', $_SESSION['course_id']);
19 $msg->printInfos($info);
20 require(AT_INCLUDE_PATH.'footer.inc.php');
24 if (isset($_POST['cancel'])) {
25 $msg->addFeedback('CANCELLED');
26 header('Location: '.AT_BASE_HREF.'admin/index.php');
30 if (isset($_POST['submit'])) {
31 if (!empty($_POST['form_old_password_hidden'])) {
32 //check if old password entered is correct
33 $sql = "SELECT password FROM ".TABLE_PREFIX."admins WHERE login='$_SESSION[login]'";
34 $result = mysql_query($sql,$db);
35 if ($row = mysql_fetch_assoc($result)) {
36 if ($row['password'] != $_POST['form_old_password_hidden']) {
37 $msg->addError('WRONG_PASSWORD');
38 Header('Location: my_password.php');
43 $msg->addError(array('EMPTY_FIELDS', _AT('password')));
44 header('Location: my_password.php');
49 if ($_POST['password_error'] <> "")
51 $pwd_errors = explode(",", $_POST['password_error']);
53 foreach ($pwd_errors as $pwd_error)
55 if ($pwd_error == "missing_password")
56 $missing_fields[] = _AT('password');
58 $msg->addError($pwd_error);
62 if (!$msg->containsErrors()) {
63 $password = addslashes($_POST['form_password_hidden']);
65 $sql = "UPDATE ".TABLE_PREFIX."admins SET password='$password', last_login=last_login WHERE login='$_SESSION[login]'";
66 $result = mysql_query($sql, $db);
68 $msg->addFeedback('PASSWORD_CHANGED');
69 header('Location: '.AT_BASE_HREF.'admin/index.php');
74 /* template starts here */
75 $savant->display('users/password_change.tmpl.php');