[Summary view] [Print] [Text view]

   1  <?php
   2  /*

   3  $Id: account_password.php 3 2006-05-27 04:59:07Z user $

   4  

   5    osCMax Power E-Commerce

   6    http://oscdox.com

   7  

   8    Copyright 2006 osCMax

   9  

  10    Released under the GNU General Public License

  11  */
  12  
  13  // Most of this file is changed or moved to BTS - Basic Template System - format.

  14  // For adding in contribution or modification - parts of this file has been moved to: catalog\templates\fallback\contents\<filename>.tpl.php as a default (sub 'fallback' with your current template to see if there is a template specife change).

  15  //       catalog\templates\fallback\contents\<filename>.tpl.php as a default (sub 'fallback' with your current template to see if there is a template specife change).

  16  // (Sub 'fallback' with your current template to see if there is a template specific file.)

  17  
  18    require ('includes/application_top.php');
  19  
  20    if (!tep_session_is_registered('customer_id')) {
  21      $navigation->set_snapshot();
  22      tep_redirect(tep_href_link(FILENAME_LOGIN, '', 'SSL'));
  23    }
  24  
  25  // needs to be included earlier to set the success message in the messageStack

  26    require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_ACCOUNT_PASSWORD);
  27  
  28    if (isset($HTTP_POST_VARS['action']) && ($HTTP_POST_VARS['action'] == 'process')) {
  29      $password_current = tep_db_prepare_input($HTTP_POST_VARS['password_current']);
  30      $password_new = tep_db_prepare_input($HTTP_POST_VARS['password_new']);
  31      $password_confirmation = tep_db_prepare_input($HTTP_POST_VARS['password_confirmation']);
  32  
  33      $error = false;
  34  
  35      if (strlen($password_current) < ENTRY_PASSWORD_MIN_LENGTH) {
  36        $error = true;
  37  
  38        $messageStack->add('account_password', ENTRY_PASSWORD_CURRENT_ERROR);
  39      } elseif (strlen($password_new) < ENTRY_PASSWORD_MIN_LENGTH) {
  40        $error = true;
  41  
  42        $messageStack->add('account_password', ENTRY_PASSWORD_NEW_ERROR);
  43      } elseif ($password_new != $password_confirmation) {
  44        $error = true;
  45  
  46        $messageStack->add('account_password', ENTRY_PASSWORD_NEW_ERROR_NOT_MATCHING);
  47      }
  48  
  49      if ($error == false) {
  50        $check_customer_query = tep_db_query("select customers_password from " . TABLE_CUSTOMERS . " where customers_id = '" . (int)$customer_id . "'");
  51        $check_customer = tep_db_fetch_array($check_customer_query);
  52  
  53        if (tep_validate_password($password_current, $check_customer['customers_password'])) {
  54          tep_db_query("update " . TABLE_CUSTOMERS . " set customers_password = '" . tep_encrypt_password($password_new) . "' where customers_id = '" . (int)$customer_id . "'");
  55  
  56          tep_db_query("update " . TABLE_CUSTOMERS_INFO . " set customers_info_date_account_last_modified = now() where customers_info_id = '" . (int)$customer_id . "'");
  57  
  58          $messageStack->add_session('account', SUCCESS_PASSWORD_UPDATED, 'success');
  59  
  60          tep_redirect(tep_href_link(FILENAME_ACCOUNT, '', 'SSL'));
  61        } else {
  62          $error = true;
  63  
  64          $messageStack->add('account_password', ERROR_CURRENT_PASSWORD_NOT_MATCHING);
  65        }
  66      }
  67    }
  68  
  69    $breadcrumb->add(NAVBAR_TITLE_1, tep_href_link(FILENAME_ACCOUNT, '', 'SSL'));
  70    $breadcrumb->add(NAVBAR_TITLE_2, tep_href_link(FILENAME_ACCOUNT_PASSWORD, '', 'SSL'));
  71  
  72    $content = CONTENT_ACCOUNT_PASSWORD;
  73    $javascript = 'form_check.js.php';
  74  
  75    include (bts_select('main', $content_template)); // BTSv1.5

  76  
  77    require (DIR_WS_INCLUDES . 'application_bottom.php');
  78  ?>