1: 2: /* -------------------------------------------------------------
3: This file is part of FreeNATS
4:
5: FreeNATS is (C) Copyright 2008-2010 PurplePixie Systems
6:
7: FreeNATS is free software: you can redistribute it and/or modify
8: it under the terms of the GNU General Public License as published by
9: the Free Software Foundation, either version 3 of the License, or
10: (at your option) any later version.
11:
12: FreeNATS is distributed in the hope that it will be useful,
13: but WITHOUT ANY WARRANTY; without even the implied warranty of
14: MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15: GNU General Public License for more details.
16:
17: You should have received a copy of the GNU General Public License
18: along with FreeNATS. If not, see www.gnu.org/licenses
19:
20: For more information see www.purplepixie.org/freenats
21: -------------------------------------------------------------- */
22:
23: ob_start();
24: require("include.php");
25: $NATS->Start();
26: if (!$NATS_Session->Check($NATS->DB))
27: {
28: header("Location: ./?login_msg=Invalid+Or+Expired+Session");
29: exit();
30: }
31: ob_end_flush();
32:
33: if (isset($_REQUEST['action']))
34: {
35: switch ($_REQUEST['action'])
36: {
37: case "password":
38: if ($_REQUEST['p_new']!=$_REQUEST['p_confirm']) $message="Passwords Do Not Match";
39: else if ($_REQUEST['p_new']=="") $message="Illegal New Password";
40: else
41: {
42: $q="UPDATE fnuser SET password=MD5(\"".ss($_REQUEST['p_new'])."\") WHERE username=\"".ss($NATS_Session->username)."\"";
43: $q.=" AND password=MD5(\"".ss($_REQUEST['p_current'])."\")";
44: $NATS->DB->Query($q);
45: if ($NATS->DB->Affected_Rows()>0) $message=$NATS->Lang->Item("pass.change.ok");
46: else $message=$NATS->Lang->Item("pass.change.fail");
47: }
48: break;
49:
50: }
51: }
52:
53: Screen_Header($NATS->Lang->Item("user.pref"),1,0,"","main","pref");
54:
55: if (isset($_REQUEST['message'])) echo " ".$_REQUEST['message']." ";
56: if (isset($message)) echo " ".$message." ";
57:
58: ?>
59: 60: Lang->Item("user.pref"); ?>