[Sommaire] [Imprimer]

   1  <?php
   2  /**

   3   * Header code file for the Account Password page

   4   *

   5   * @package page

   6   * @copyright Copyright 2003-2006 Zen Cart Development Team

   7   * @copyright Portions Copyright 2003 osCommerce

   8   * @license http://www.zen-cart.com/license/2_0.txt GNU Public License V2.0

   9   * @version $Id: header_php.php 4276 2006-08-26 03:18:28Z drbyte $

  10   */
  11  // This should be first line of the script:

  12  $zco_notifier->notify('NOTIFY_HEADER_START_ACCOUNT_PASSWORD');
  13  
  14  if (!$_SESSION['customer_id']) {
  15    $_SESSION['navigation']->set_snapshot();
  16    zen_redirect(zen_href_link(FILENAME_LOGIN, '', 'SSL'));
  17  }
  18  
  19  require(DIR_WS_MODULES . zen_get_module_directory('require_languages.php'));
  20  
  21  if (isset($_POST['action']) && ($_POST['action'] == 'process')) {
  22    $password_current = zen_db_prepare_input($_POST['password_current']);
  23    $password_new = zen_db_prepare_input($_POST['password_new']);
  24    $password_confirmation = zen_db_prepare_input($_POST['password_confirmation']);
  25  
  26    $error = false;
  27  
  28    if (strlen($password_current) < ENTRY_PASSWORD_MIN_LENGTH) {
  29      $error = true;
  30  
  31      $messageStack->add('account_password', ENTRY_PASSWORD_CURRENT_ERROR);
  32    } elseif (strlen($password_new) < ENTRY_PASSWORD_MIN_LENGTH) {
  33      $error = true;
  34  
  35      $messageStack->add('account_password', ENTRY_PASSWORD_NEW_ERROR);
  36    } elseif ($password_new != $password_confirmation) {
  37      $error = true;
  38  
  39      $messageStack->add('account_password', ENTRY_PASSWORD_NEW_ERROR_NOT_MATCHING);
  40    }
  41  
  42    if ($error == false) {
  43      $check_customer_query = "SELECT customers_password, customers_nick
  44                               FROM   " . TABLE_CUSTOMERS . "
  45                               WHERE  customers_id = :customersID";
  46  
  47      $check_customer_query = $db->bindVars($check_customer_query, ':customersID',$_SESSION['customer_id'], 'integer');
  48      $check_customer = $db->Execute($check_customer_query);
  49  
  50      if (zen_validate_password($password_current, $check_customer->fields['customers_password'])) {
  51        $nickname = $check_customer->fields['customers_nick'];
  52        $sql = "UPDATE " . TABLE_CUSTOMERS . "
  53                SET customers_password = :password 
  54                WHERE customers_id = :customersID";
  55  
  56        $sql = $db->bindVars($sql, ':customersID',$_SESSION['customer_id'], 'integer');
  57        $sql = $db->bindVars($sql, ':password',zen_encrypt_password($password_new), 'string');
  58        $db->Execute($sql);
  59  
  60        $sql = "UPDATE " . TABLE_CUSTOMERS_INFO . "
  61                SET    customers_info_date_account_last_modified = now()
  62                WHERE  customers_info_id = :customersID";
  63  
  64        $sql = $db->bindVars($sql, ':customersID',$_SESSION['customer_id'], 'integer');
  65        $db->Execute($sql);
  66  
  67          if ($phpBB->phpBB['installed'] == true) {
  68            if (zen_not_null($nickname) && $nickname != '') {
  69              $phpBB->phpbb_change_password($nickname, $password_new);
  70            }
  71          }
  72  
  73        $messageStack->add_session('account', SUCCESS_PASSWORD_UPDATED, 'success');
  74  
  75        zen_redirect(zen_href_link(FILENAME_ACCOUNT, '', 'SSL'));
  76      } else {
  77        $error = true;
  78  
  79        $messageStack->add('account_password', ERROR_CURRENT_PASSWORD_NOT_MATCHING);
  80      }
  81    }
  82  }
  83  
  84  $breadcrumb->add(NAVBAR_TITLE_1, zen_href_link(FILENAME_ACCOUNT, '', 'SSL'));
  85  $breadcrumb->add(NAVBAR_TITLE_2);
  86  
  87  // This should be last line of the script:

  88  $zco_notifier->notify('NOTIFY_HEADER_END_ACCOUNT_PASSWORD');
  89  ?>