View file pages/password.php

File size: 2.65Kb
<?php
/*\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\//
// Sitchi CMS - Mobile Content Management System //
// The author:  Nikoloz Sitchinava [sitchi]      //
// Link:        http://sitchicms.num.ge          //
// Skype:       SitchiCMS                        //
// License:     LICENSE.txt (see attached file)  //
// Version:     VERSION.txt (see attached file)  //
//\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\*/
define('_SITCHICMS', 1);
$root_path='../';
require $root_path.'includes/db_connect.php';
require $root_path.'includes/start.php';
require $root_path.'includes/header.php';
require $root_path.'includes/functions.php';
require $root_path.'includes/head.php'; // თავი
$lng_pass = load_lng('pass');
head(''.$lng_pass['1_24'].'');
aut_off();
if (!isset($_GET['act']))$_GET['act']='';
$act=htmlspecialchars(trim($_GET['act']));
switch ($act) {
case 'change':
/*ვცვლით პაროლს*/
$err = array ();
$oldpass = isset($_POST['oldpass']) ? trim($_POST['oldpass']) : '';
$newpass = isset($_POST['newpass']) ? trim($_POST['newpass']) : '';
$newconf = isset($_POST['newconf']) ? trim($_POST['newconf']) : '';
if (!$err &&  md5($oldpass.$user['login']) !== $user['pass']){
$err[] = ''.$lng_pass['1_30'].'';}
if ($newpass != $newconf){
$err[] = ''.$lng_pass['1_31'].'';}
if (preg_match("/[^\da-zA-Z_]+/", $newpass) && !$err){
$err[] = ''.$lng_pass['1_32'].'';}
if (!$err && (strlen($newpass) < 4 || strlen($newpass) > 20)){
$err[] = ''.$lng_pass['1_33'].'';}
if (!$err) {
// ვწერთ ბაზაში
mysql_query("UPDATE `users` SET `pass` = '" . mysql_real_escape_string(md5($newpass.$user['login'])) . "' WHERE `id` = '" . $user['id'] . "'");
unset($_SESSION['id_user']);
session_destroy();
session_unset ();
echo'<div class="egmenu"><p><b>'.$lng_pass['1_34'].'</b><br/>' .
'<a href="../pages/login.php">' . $lng['1_41'] . '</a></p></div>';
}else{
err();
}
break;
default:
/*პაროლის შეცვლის ფორმა*/
echo'<div class="hdr"><b>'.$lng_pass['1_24'].'</b></div>';
echo'<form action="password.php?act=change&amp;user='.$user['id'].'" method="post">' .
'<div class="menu"><p>'.$lng_pass['1_25'].':<br/><input type="password" name="oldpass" /></p></div>' .
'<div class="egmenu"><p>'.$lng_pass['1_26'].':<br/>' .
'<input type="password" name="newpass" /><br/>'.$lng_pass['1_27'].':<br/>' .
'<input type="password" name="newconf" /></p>' .
'<p><input type="submit" value="'.$lng_pass['1_29'].'" name="submit" />' .
'</p></div></form>' .
'<div class="hdr"><small>'.$lng_pass['1_28'].'.</small></div>';
}
require $root_path.'includes/end.php'; // დასასრული
?>