}
}
-?>
-<?php include("fbegin.inc"); ?>
-
-<?php
// Get a list of all admin pages & Descriptions
$pages = getAdminPageList();
-if ($_GET['act']=="new" || $_GET['act']=="edit") {
- if (isset($_GET['groupname'])) {
- $group=$config['system']['groups'][$_GET['groupname']];
+if (!is_array($config['system']['group'])) {
+ $config['system']['group'] = array();
+}
+admin_groups_sort();
+$a_group = &$config['system']['group'];
+
+$id = $_GET['id'];
+if (isset($_POST['id']))
+ $id = $_POST['id'];
+
+if ($_GET['act'] == "del") {
+ if ($a_group[$_GET['id']]) {
+ $ok_to_delete = true;
+ if (isset($config['system']['user'])) {
+ foreach ($config['system']['user'] as $userent) {
+ if ($userent['groupname'] == $a_group[$_GET['id']]['name']) {
+ $ok_to_delete = false;
+ $input_errors[] = "users still exist who are members of this group!";
+ break;
+ }
+ }
+ }
+ if ($ok_to_delete) {
+ unset($a_group[$_GET['id']]);
+ write_config();
+ header("Location: system_groupmanager.php");
+ exit;
+ }
}
}
+
+if ($_POST) {
-if (($_GET['act']=='delete') && (isset($_GET['groupname']))) {
+ unset($input_errors);
+ $pconfig = $_POST;
- // See if there are any users who are members of this group.
- $ok_to_delete = true;
- if (is_array($config['system']['users'])) {
- foreach ($config['system']['users'] as $key => $user) {
- if ($user['group'] == $_GET['groupname']) {
- $ok_to_delete = false;
- $input_errors[] = "users still exist who are members of this group!";
+ /* input validation */
+ $reqdfields = explode(" ", "groupname");
+ $reqdfieldsn = explode(",", "Group Name");
+
+ do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
+
+ if (preg_match("/[^a-zA-Z0-9\.\-_ ]/", $_POST['groupname']))
+ $input_errors[] = "The group name contains invalid characters.";
+
+ if (!$input_errors && !(isset($id) && $a_group[$id])) {
+ /* make sure there are no dupes */
+ foreach ($a_group as $group) {
+ if ($group['name'] == $_POST['groupname']) {
+ $input_errors[] = "Another entry with the same group name already exists.";
break;
}
}
}
- if ($ok_to_delete) {
- unset($config['system']['groups'][$_GET['groupname']]);
- write_config();
- $retval = system_password_configure();
- $savemsg = get_std_save_message($retval);
- $savemsg="Group ".$_GET['groupname']." successfully deleted<br>";
- }
-}
-
-if(isset($_POST['save'])) {
- //value-checking
- if($_POST['groupname']==""){
- $input_errors[] = "group name must not be empty!";
- }
- if($_POST['old_groupname'] != $_POST['groupname']) {
- // Either a new group, or one with a group name change
- if (isset($config['system']['groups'][$_POST['groupname']])) {
- $input_errors[] = "group name can not match an existing group!";
- }
- }
+ if (!$input_errors) {
- //check groupname: only allow letters from A-Z and a-z, _, -, . and numbers from 0-9 (note: groupname can
- //not contain characters which are not allowed in an xml-token. i.e. if you'd use @ in a groupname, config.xml
- //could not be parsed anymore!
- if(!preg_match('/^[a-zA-Z0-9_\-\.]*$/',$_POST['groupname'])){
- $input_errors[] = "groupname contains illegal characters, only letters from A-Z and a-z, _, -, . and numbers are allowed";
- }
- if(!empty($input_errors)){
- //there are illegal inputs --> print out error message and show formula again
- //and fill in all recently entered values except passwords
- $_GET['act']="new";
- $_POST['old_groupname']=($_POST['old_groupname'] ? $_POST['old_groupname'] : $_POST['groupname']);
- $_GET['groupname']=$_POST['old_groupname'];
-
- $group['description']=$_POST['description'];
-
+ if (isset($id) && $a_group[$id])
+ $group = $a_group[$id];
+
+ $group['name'] = $_POST['groupname'];
+ $group['description'] = $_POST['description'];
+ unset($group['pages']);
foreach ($pages as $fname => $title) {
- $id = str_replace('.php','',$fname);
- if ($_POST[$id] == 'yes') {
+ $identifier = str_replace('.php','',$fname);
+ if ($_POST[$identifier] == 'yes') {
$group['pages'][] = $fname;
}
- }
+ }
+
+ if (isset($id) && $a_group[$id])
+ $a_group[$id] = $group;
+ else
+ $a_group[] = $group;
- } else {
- //all values are okay --> saving changes
- $_POST['groupname']=trim($_POST['groupname']);
- if($_POST['old_groupname']!="" && $_POST['old_groupname']!=$_POST['groupname']){
- //change the groupname (which is used as array-index)
- $config['system']['groups'][$_POST['groupname']]=$config['system']['groups'][$_POST['old_groupname']];
- unset($config['system']['groups'][$_POST['old_groupname']]);
-
- // Group name was changed. Update all users that are members of this group to point to the new groupname.
- foreach ($config['system']['users'] as $key => $user) {
- if ($user['group'] == $_POST['old_groupname'])
- $config['system']['users'][$key]['group'] = $_POST['groupname'];
- }
- }
- $config['system']['groups'][$_POST['groupname']]['description']=trim($_POST['description']);
- // Clear pages info and read pages from POST
- if (isset($config['system']['groups'][$_POST['groupname']]['pages']))
- unset($config['system']['groups'][$_POST['groupname']]['pages']);
- foreach ($pages as $fname => $title) {
- $id = str_replace('.php','',$fname);
- if ($_POST[$id] == 'yes') {
- $config['system']['groups'][$_POST['groupname']]['pages'][] = $fname;
- }
- }
write_config();
- $retval = system_password_configure();
- $savemsg = get_std_save_message($retval);
- $savemsg="Group ".$_POST['groupname']." successfully saved<br>";
+
+ header("Location: system_groupmanager.php");
+ exit;
}
}
?>
+<?php include("fbegin.inc"); ?>
<?php if ($input_errors) print_input_errors($input_errors); ?>
<?php if ($savemsg) print_info_box($savemsg); ?>
<table width="100%" border="0" cellpadding="0" cellspacing="0">
<td class="tabcont">
<?php
if($_GET['act']=="new" || $_GET['act']=="edit"){
- if($_GET['act']=="edit" && isset($_GET['groupname'])){
- $group=$config['system']['groups'][$_GET['groupname']];
+ if($_GET['act']=="edit"){
+ if (isset($id) && $a_group[$id]) {
+ $pconfig['name'] = $a_group[$id]['name'];
+ $pconfig['description'] = $a_group[$id]['description'];
+ $pconfig['pages'] = $a_group[$id]['pages'];
+ }
}
?>
<form action="system_groupmanager.php" method="post" name="iform" id="iform">
<tr>
<td width="22%" valign="top" class="vncellreq">Group name</td>
<td width="78%" class="vtable">
- <input name="groupname" type="text" class="formfld" id="groupname" size="20" value="<?=$_GET['groupname'];?>">
+ <input name="groupname" type="text" class="formfld" id="groupname" size="20" value="<?=htmlspecialchars($pconfig['name']);?>">
</td>
</tr>
<tr>
<td width="22%" valign="top" class="vncell">Description</td>
<td width="78%" class="vtable">
- <input name="description" type="text" class="formfld" id="description" size="20" value="<?=htmlspecialchars($group['description']);?>">
+ <input name="description" type="text" class="formfld" id="description" size="20" value="<?=htmlspecialchars($pconfig['description']);?>">
<br>
Group description, for your own information only</td>
</tr>
</tr>
<?php
foreach ($pages as $fname => $title) {
- $id = str_replace('.php','',$fname);
+ $identifier = str_replace('.php','',$fname);
?>
<tr><td class="listlr">
- <input name="<?=$id?>" type="checkbox" id="<?=$id?>" value="yes" <?php if (in_array($fname,$group['pages'])) echo "checked"; ?>></td>
+ <input name="<?=$identifier?>" type="checkbox" id="<?=$identifier?>" value="yes" <?php if (in_array($fname,$pconfig['pages'])) echo "checked"; ?>></td>
<td class="listr"><?=$title?></td>
<td class="listr"><?=$fname?></td>
</tr>
<td width="22%" valign="top"> </td>
<td width="78%">
<input name="save" type="submit" class="formbtn" value="Save">
- <input name="old_groupname" type="hidden" value="<?=$_GET['groupname'];?>">
+ <?php if (isset($id) && $a_group[$id]): ?>
+ <input name="id" type="hidden" value="<?=$id;?>">
+ <?php endif; ?>
</td>
</tr>
</table>
<td width="20%" class="listhdrr">Pages Accessible</td>
<td width="10%" class="list"></td>
</tr>
-<?php
- if(is_array($config['system']['groups'])){
- foreach($config['system']['groups'] as $groupname => $group){
-?>
+ <?php $i = 0; foreach($a_group as $group): ?>
<tr>
- <td class="listlr">
- <?=$groupname; ?>
- </td>
- <td class="listr">
- <?=htmlspecialchars($group['description']);?>
- </td>
- <td class="listr">
- <?=count($group['pages']);?>
- </td>
-
<td valign="middle" nowrap class="list"> <a href="system_groupmanager.php?act=edit&groupname=<?=$groupname; ?>"><img src="e.gif" title="edit group" width="17" height="17" border="0"></a>
-
<a href="system_groupmanager.php?act=delete&groupname=<?=$groupname; ?>" onclick="return confirm('Do you really want to delete this Group?')"><img src="x.gif" title="delete group" width="17" height="17" border="0"></a></td>
+ <td class="listlr">
+ <?=htmlspecialchars($group['name']); ?>
+ </td>
+ <td class="listr">
+ <?=htmlspecialchars($group['description']);?>
+ </td>
+ <td class="listbg">
+ <?=count($group['pages']);?>
+ </td>
+
<td valign="middle" nowrap class="list"> <a href="system_groupmanager.php?act=edit&id=<?=$i; ?>"><img src="e.gif" title="edit group" width="17" height="17" border="0"></a>
+
<a href="system_groupmanager.php?act=del&id=<?=$i; ?>" onclick="return confirm('Do you really want to delete this group?')"><img src="x.gif" title="delete group" width="17" height="17" border="0"></a></td>
</tr>
-<?php
- }
- } ?>
+ <?php $i++; endforeach; ?>
<tr>
<td class="list" colspan="3"></td>
<td class="list"> <a href="system_groupmanager.php?act=new"><img src="plus.gif" title="add group" width="17" height="17" border="0"></a></td>
// The page title for non-admins
$pgtitle = array("System", "User password");
-if ($_SERVER['REMOTE_USER'] === $config['system']['username']) {
- $pgtitle = array("System", "User manager");
-}
-?>
-<?php include("fbegin.inc"); ?>
-<?php
if ($_SERVER['REMOTE_USER'] === $config['system']['username']) {
+
+ // Page title for main admin
+ $pgtitle = array("System", "User manager");
+
+ $id = $_GET['id'];
+ if (isset($_POST['id']))
+ $id = $_POST['id'];
+
+ if (!is_array($config['system']['user'])) {
+ $config['system']['user'] = array();
+ }
+ admin_users_sort();
+ $a_user = &$config['system']['user'];
+
+ if ($_GET['act'] == "del") {
+ if ($a_user[$_GET['id']]) {
+ $userdeleted = $a_user[$_GET['id']]['name'];
+ unset($a_user[$_GET['id']]);
+ write_config();
+ $retval = system_password_configure();
+ $savemsg = get_std_save_message($retval);
+ $savemsg = "User ".$userdeleted." successfully deleted<br>";
+ }
+ }
- if ($_GET['act']=="new" || $_GET['act']=="edit") {
- if (isset($_GET['username'])) {
- $user=$config['system']['users'][$_GET['username']];
- }
- }
-
- if (($_GET['act']=='delete') && (isset($_GET['username']))) {
- unset($config['system']['users'][$_GET['username']]);
- write_config();
- $retval = system_password_configure();
- $savemsg = get_std_save_message($retval);
- $savemsg="User ".$_GET['username']." successfully deleted<br>";
- }
-
- if(isset($_POST['save'])) {
- //value-checking
- if(trim($_POST['password1'])!="********" &&
- trim($_POST['password1'])!="" &&
- trim($_POST['password1'])!=trim($_POST['password2'])){
- //passwords are to be changed but don't match
- $input_errors[]="passwords don't match";
- }
- if((trim($_POST['password1'])=="" || trim($_POST['password1'])=="********") &&
- (trim($_POST['password2'])=="" || trim($_POST['password2'])=="********")){
- //assume password should be left as is if a password is set already.
- if(!empty($config['system']['users'][$_POST['old_username']]['password'])){
- $_POST['password1']="********";
- $_POST['password2']="********";
- } else {
- $input_errors[]="password must not be empty";
- }
- } else {
- if(trim($_POST['password1'])!=trim($_POST['password2'])){
- //passwords are to be changed or set but don't match
- $input_errors[]="passwords don't match";
- } else {
- //check password for invalid characters
- if(!preg_match('/^[a-zA-Z0-9_\-\.@\~\(\)\&\*\+§?!\$£°\%;:]*$/',$_POST['username'])){
- $input_errors[] = "password contains illegal characters, only letters from A-Z and a-z, _, -, .,@,~,(,),&,*,+,§,?,!,$,£,°,%,;,: and numbers are allowed";
- //test pw: AZaz_-.@~()&*+§?!$£°%;:
- }
- }
- }
- if($_POST['username']==""){
- $input_errors[] = "username must not be empty!";
- }
+ if ($_POST) {
+
+ unset($input_errors);
+ $pconfig = $_POST;
+
+ /* input validation */
+ if (isset($id) && ($a_user[$id])) {
+ $reqdfields = explode(" ", "username");
+ $reqdfieldsn = explode(",", "Username");
+ } else {
+ $reqdfields = explode(" ", "username password");
+ $reqdfieldsn = explode(",", "Username,Password");
+ }
+
+ do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
+
+ if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['username']))
+ $input_errors[] = "The username contains invalid characters.";
+
if($_POST['username']==$config['system']['username']) {
$input_errors[] = "username can not match the administrator username!";
- }
- if($_POST['old_username'] != $_POST['username']) {
- // Either a new user, or one with a username change
- if (isset($config['system']['users'][$_POST['username']])) {
- $input_errors[] = "username can not match an existing user!";
- }
- }
- if(!isset($config['system']['groups'][$_POST['group']])) {
+ }
+
+ if (($_POST['password']) && ($_POST['password'] != $_POST['password2']))
+ $input_errors[] = "The passwords do not match.";
+
+ if (!$input_errors && !(isset($id) && $a_user[$id])) {
+ /* make sure there are no dupes */
+ foreach ($a_user as $userent) {
+ if ($userent['name'] == $_POST['username']) {
+ $input_errors[] = "Another entry with the same username already exists.";
+ break;
+ }
+ }
+ }
+
+ if(!isset($groupindex[$_POST['groupname']])) {
$input_errors[] = "group does not exist, please define the group before assigning users.";
}
-
- //check username: only allow letters from A-Z and a-z, _, -, . and numbers from 0-9 (note: username can
- //not contain characters which are not allowed in an xml-token. i.e. if you'd use @ in a username, config.xml
- //could not be parsed anymore!
- if(!preg_match('/^[a-zA-Z0-9_\-\.]*$/',$_POST['username'])){
- $input_errors[] = "username contains illegal characters, only letters from A-Z and a-z, _, -, . and numbers are allowed";
- }
- if(!empty($input_errors)){
- //there are illegal inputs --> print out error message and show formula again
- //and fill in all recently entered values except passwords
- $_GET['act']="new";
- $_POST['old_username']=($_POST['old_username'] ? $_POST['old_username'] : $_POST['username']);
- $_GET['username']=$_POST['old_username'];
-
- $user['fullname']=$_POST['fullname'];
-
- } else {
- //all values are okay --> saving changes
- $_POST['username']=trim($_POST['username']);
- if($_POST['old_username']!="" && $_POST['old_username']!=$_POST['username']){
- //change the username (which is used as array-index)
- $config['system']['users'][$_POST['username']]=$config['system']['users'][$_POST['old_username']];
- unset($config['system']['users'][$_POST['old_username']]);
- }
- $config['system']['users'][$_POST['username']]['fullname']=trim($_POST['fullname']);
- if(trim($_POST['password1'])!="********" && trim($_POST['password1'])!=""){
- $config['system']['users'][$_POST['username']]['password']=crypt(trim($_POST['password1']));
- }
- $config['system']['users'][$_POST['username']]['group']=trim($_POST['group']);
- // Remove config information from old way of handling sub-admin users.
- if (isset($config['system']['users'][$_POST['username']]['pages']))
- unset($config['system']['users'][$_POST['username']]['pages']);
- write_config();
+
+ if (!$input_errors) {
+
+ if (isset($id) && $a_user[$id])
+ $userent = $a_user[$id];
+
+ $userent['name'] = $_POST['username'];
+ $userent['fullname'] = $_POST['fullname'];
+ $userent['groupname'] = $_POST['groupname'];
+
+ if ($_POST['password'])
+ $userent['password'] = crypt($_POST['password']);
+
+ if (isset($id) && $a_user[$id])
+ $a_user[$id] = $userent;
+ else
+ $a_user[] = $userent;
+
+ write_config();
$retval = system_password_configure();
$savemsg = get_std_save_message($retval);
- $savemsg="User ".$_POST['username']." successfully saved<br>";
- }
- }
+
+ header("Location: system_usermanager.php");
+ }
+ }
?>
+<?php include("fbegin.inc"); ?>
<?php if ($input_errors) print_input_errors($input_errors); ?>
<?php if ($savemsg) print_info_box($savemsg); ?>
<table width="100%" border="0" cellpadding="0" cellspacing="0">
<tr>
<td class="tabcont">
<?php
-if($_GET['act']=="new" || $_GET['act']=="edit"){
- if($_GET['act']=="edit" && isset($_GET['username'])){
- $user=$config['system']['users'][$_GET['username']];
- }
+if($_GET['act']=="new" || $_GET['act']=="edit" || $input_errors){
+ if($_GET['act']=="edit"){
+ if (isset($id) && $a_user[$id]) {
+ $pconfig['username'] = $a_user[$id]['name'];
+ $pconfig['fullname'] = $a_user[$id]['fullname'];
+ $pconfig['groupname'] = $a_group[$id]['groupname'];
+ }
+ }
?>
<form action="system_usermanager.php" method="post" name="iform" id="iform">
<table width="100%" border="0" cellpadding="6" cellspacing="0">
<tr>
<td width="22%" valign="top" class="vncellreq">Username</td>
<td width="78%" class="vtable">
- <input name="username" type="text" class="formfld" id="username" size="20" value="<?=$_GET['username'];?>">
+ <input name="username" type="text" class="formfld" id="username" size="20" value="<?=htmlspecialchars($pconfig['username']);?>">
</td>
</tr>
<tr>
<td width="22%" valign="top" class="vncellreq">Password</td>
<td width="78%" class="vtable">
- <input name="password1" type="password" class="formfld" id="password1" size="20" value="<?php echo ($_GET['act']=='edit' ? "********" : "" ); ?>"> <br>
- <input name="password2" type="password" class="formfld" id="password2" size="20" value="<?php echo ($_GET['act']=='edit' ? "********" : "" ); ?>">
+ <input name="password" type="password" class="formfld" id="password" size="20" value=""> <br>
+ <input name="password2" type="password" class="formfld" id="password2" size="20" value="">
(confirmation) </td>
</tr>
<tr>
<td width="22%" valign="top" class="vncell">Full name</td>
<td width="78%" class="vtable">
- <input name="fullname" type="text" class="formfld" id="fullname" size="20" value="<?=htmlspecialchars($user['fullname']);?>">
+ <input name="fullname" type="text" class="formfld" id="fullname" size="20" value="<?=htmlspecialchars($pconfig['fullname']);?>">
<br>
User's full name, for your own information only</td>
</tr>
<tr>
<td width="22%" valign="top" class="vncell">Group Name</td>
<td width="78%" class="vtable">
- <select name="group" class="formfld" id="group">
- <?php foreach ($config['system']['groups'] as $gname => $group): ?>
-
- <option value="<?=$gname;?>" <?php if ($gname == $user['group']) echo "selected"; ?>>
- <?=htmlspecialchars($gname);?>
+ <select name="groupname" class="formfld" id="groupname">
+ <?php foreach ($config['system']['group'] as $group): ?>
+ <option value="<?=$group['name'];?>" <?php if ($group['name'] == $pconfig['groupname']) echo "selected"; ?>>
+ <?=htmlspecialchars($group['name']);?>
</option>
<?php endforeach; ?>
</select>
<td width="22%" valign="top"> </td>
<td width="78%">
<input name="save" type="submit" class="formbtn" value="Save">
- <input name="old_username" type="hidden" value="<?=$_GET['username'];?>">
+ <?php if (isset($id) && $a_user[$id]): ?>
+ <input name="id" type="hidden" value="<?=$id;?>">
+ <?php endif; ?>
</td>
</tr>
</table>
<td width="20%" class="listhdrr">Group</td>
<td width="10%" class="list"></td>
</tr>
-<?php
- if(is_array($config['system']['users'])){
- foreach($config['system']['users'] as $username => $user){
-?>
+ <?php $i = 0; foreach($a_user as $userent): ?>
<tr>
- <td class="listlr">
- <?=$username; ?>
- </td>
- <td class="listr">
- <?=htmlspecialchars($user['fullname']);?>
- </td>
- <td class="listr">
- <?=$user['group'];?>
- </td>
-
<td valign="middle" nowrap class="list"> <a href="system_usermanager.php?act=edit&username=<?=$username; ?>"><img src="e.gif" title="edit user" width="17" height="17" border="0"></a>
-
<a href="system_usermanager.php?act=delete&username=<?=$username; ?>" onclick="return confirm('Do you really want to delete this User?')"><img src="x.gif" title="delete user" width="17" height="17" border="0"></a></td>
+ <td class="listlr">
+ <?=htmlspecialchars($userent['name']); ?>
+ </td>
+ <td class="listr">
+ <?=htmlspecialchars($userent['fullname']);?>
+ </td>
+ <td class="listbg">
+ <?=htmlspecialchars($userent['groupname']); ?>
+ </td>
+
<td valign="middle" nowrap class="list"> <a href="system_usermanager.php?act=edit&id=<?=$i; ?>"><img src="e.gif" title="edit user" width="17" height="17" border="0"></a>
+
<a href="system_usermanager.php?act=del&id=<?=$i; ?>" onclick="return confirm('Do you really want to delete this User?')"><img src="x.gif" title="delete user" width="17" height="17" border="0"></a></td>
</tr>
-<?php
- }
- } ?>
+ <?php $i++; endforeach; ?>
<tr>
<td class="list" colspan="3"></td>
<td class="list"> <a href="system_usermanager.php?act=new"><img src="plus.gif" title="add user" width="17" height="17" border="0"></a></td>
</table>
<?php
} else { // end of admin user code, start of normal user code
- if(isset($_POST['save'])) {
- //value-checking
- if(trim($_POST['password1'])!="********" &&
- trim($_POST['password1'])!="" &&
- trim($_POST['password1'])!=trim($_POST['password2'])){
- //passwords are to be changed but don't match
- $input_errors[]="passwords don't match";
- }
- if((trim($_POST['password1'])=="" || trim($_POST['password1'])=="********") &&
- (trim($_POST['password2'])=="" || trim($_POST['password2'])=="********")){
- //assume password should be left as is if a password is set already.
- if(!empty($config['system']['users'][$_POST['old_username']]['password'])){
- $_POST['password1']="********";
- $_POST['password2']="********";
- } else {
- $input_errors[]="password must not be empty";
- }
- } else {
- if(trim($_POST['password1'])!=trim($_POST['password2'])){
- //passwords are to be changed or set but don't match
- $input_errors[]="passwords don't match";
- } else {
- //check password for invalid characters
- if(!preg_match('/^[a-zA-Z0-9_\-\.@\~\(\)\&\*\+§?!\$£°\%;:]*$/',$_POST['username'])){
- $input_errors[] = "password contains illegal characters, only letters from A-Z and a-z, _, -, .,@,~,(,),&,*,+,§,?,!,$,£,°,%,;,: and numbers are allowed";
- //test pw: AZaz_-.@~()&*+§?!$£°%;:
- }
- }
- }
+ if (isset($_POST['save'])) {
+
+ unset($input_errors);
+
+ /* input validation */
+ $reqdfields = explode(" ", "password");
+ $reqdfieldsn = explode(",", "Password");
+
+ do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
+
+ if ($_POST['password'] != $_POST['password2'])
+ $input_errors[] = "The passwords do not match.";
+
if (!$input_errors) {
//all values are okay --> saving changes
- if(trim($_POST['password1'])!="********" && trim($_POST['password1'])!=""){
- $config['system']['users'][$_SERVER['REMOTE_USER']]['password']=crypt(trim($_POST['password1']));
- }
+ $config['system']['user'][$userindex[$_SERVER['REMOTE_USER']]]['password']=crypt(trim($_POST['password']));
+
write_config();
$retval = system_password_configure();
$savemsg = get_std_save_message($retval);
?>
+<?php include("fbegin.inc"); ?>
<?php if ($input_errors) print_input_errors($input_errors); ?>
<?php if ($savemsg) print_info_box($savemsg); ?>
<form action="system_usermanager.php" method="post" name="iform" id="iform">
</tr>
<tr>
<td width="22%" valign="top" class="vncell">Password</td>
- <td width="78%" class="vtable"> <input name="password1" type="password" class="formfld" id="password1" size="20">
+ <td width="78%" class="vtable"> <input name="password" type="password" class="formfld" id="password" size="20">
<br> <input name="password2" type="password" class="formfld" id="password2" size="20">
(confirmation) <br> <span class="vexpl">Select a new password</span></td>
</tr>
projects / m0n0chwall.git / commitdiff