-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathaccount_password.php
120 lines (93 loc) · 5.12 KB
/
account_password.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
<?php
/*
$Id$
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2010 osCommerce
Released under the GNU General Public License
*/
require('includes/application_top.php');
if (!isset($_SESSION['customer_id'])) {
$navigation->set_snapshot();
tep_redirect(tep_href_link(FILENAME_LOGIN, '', 'SSL'));
}
// needs to be included earlier to set the success message in the messageStack
require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_ACCOUNT_PASSWORD);
if (isset($_POST['action']) && ($_POST['action'] == 'process') && isset($_POST['formid']) && ($_POST['formid'] == $sessiontoken)) {
$password_current = tep_db_prepare_input($_POST['password_current']);
$password_new = tep_db_prepare_input($_POST['password_new']);
$password_confirmation = tep_db_prepare_input($_POST['password_confirmation']);
$error = false;
if (strlen($password_new) < ENTRY_PASSWORD_MIN_LENGTH) {
$error = true;
$messageStack->add('account_password', ENTRY_PASSWORD_NEW_ERROR);
} elseif ($password_new != $password_confirmation) {
$error = true;
$messageStack->add('account_password', ENTRY_PASSWORD_NEW_ERROR_NOT_MATCHING);
}
if ($error == false) {
$check_customer_query = tep_db_query("select customers_password from " . TABLE_CUSTOMERS . " where customers_id = '" . (int)$customer_id . "'");
$check_customer = tep_db_fetch_array($check_customer_query);
if (tep_validate_password($password_current, $check_customer['customers_password'])) {
tep_db_query("update " . TABLE_CUSTOMERS . " set customers_password = '" . tep_encrypt_password($password_new) . "' where customers_id = '" . (int)$customer_id . "'");
tep_db_query("update " . TABLE_CUSTOMERS_INFO . " set customers_info_date_account_last_modified = now() where customers_info_id = '" . (int)$customer_id . "'");
$messageStack->add_session('account', SUCCESS_PASSWORD_UPDATED, 'success');
tep_redirect(tep_href_link(FILENAME_ACCOUNT, '', 'SSL'));
} else {
$error = true;
$messageStack->add('account_password', ERROR_CURRENT_PASSWORD_NOT_MATCHING);
}
}
}
$breadcrumb->add(NAVBAR_TITLE_1, tep_href_link(FILENAME_ACCOUNT, '', 'SSL'));
$breadcrumb->add(NAVBAR_TITLE_2, tep_href_link(FILENAME_ACCOUNT_PASSWORD, '', 'SSL'));
require(DIR_WS_INCLUDES . 'template_top.php');
require('includes/form_check.js.php');
?>
<div class="page-header">
<h1><?php echo HEADING_TITLE; ?></h1>
</div>
<?php
if ($messageStack->size('account_password') > 0) {
echo $messageStack->output('account_password');
}
?>
<?php echo tep_draw_form('account_password', tep_href_link(FILENAME_ACCOUNT_PASSWORD, '', 'SSL'), 'post', 'class="form-horizontal" onsubmit="return check_form(account_password);"', true) . tep_draw_hidden_field('action', 'process'); ?>
<div class="contentContainer">
<p class="inputRequirement text-right"><?php echo FORM_REQUIRED_INFORMATION; ?></p>
<div class="contentText">
<div class="form-group has-feedback">
<label for="inputCurrent" class="control-label col-xs-3"><?php echo ENTRY_PASSWORD_CURRENT; ?></label>
<div class="col-xs-9">
<?php echo tep_draw_input_field('password_current', NULL, 'required aria-required="true" autofocus="autofocus" id="inputCurrent" placeholder="' . ENTRY_PASSWORD_CURRENT . '"'); ?>
<?php echo FORM_REQUIRED_INPUT; ?>
<?php if (tep_not_null(ENTRY_PASSWORD_CURRENT_TEXT)) echo '<span class="help-block">' . ENTRY_PASSWORD_CURRENT_TEXT . '</span>'; ?>
</div>
</div>
<div class="form-group has-feedback">
<label for="inputNew" class="control-label col-xs-3"><?php echo ENTRY_PASSWORD_NEW; ?></label>
<div class="col-xs-9">
<?php echo tep_draw_input_field('password_new', NULL, 'required aria-required="true" id="inputNew" placeholder="' . ENTRY_PASSWORD_NEW . '"'); ?>
<?php echo FORM_REQUIRED_INPUT; ?>
<?php if (tep_not_null(ENTRY_PASSWORD_NEW_TEXT)) echo '<span class="help-block">' . ENTRY_PASSWORD_NEW_TEXT . '</span>'; ?>
</div>
</div>
<div class="form-group has-feedback">
<label for="inputConfirmation" class="control-label col-xs-3"><?php echo ENTRY_PASSWORD_CONFIRMATION; ?></label>
<div class="col-xs-9">
<?php echo tep_draw_input_field('password_confirmation', NULL, 'required aria-required="true" id="inputConfirmation" placeholder="' . ENTRY_PASSWORD_CONFIRMATION . '"'); ?>
<?php echo FORM_REQUIRED_INPUT; ?>
<?php if (tep_not_null(ENTRY_PASSWORD_CONFIRMATION_TEXT)) echo '<span class="help-block">' . ENTRY_PASSWORD_CONFIRMATION_TEXT . '</span>'; ?>
</div>
</div>
</div>
<div class="buttonSet row">
<div class="col-xs-6"><?php echo tep_draw_button(IMAGE_BUTTON_BACK, 'glyphicon glyphicon-chevron-left', tep_href_link(FILENAME_ACCOUNT, '', 'SSL')); ?></div>
<div class="col-xs-6 text-right"><?php echo tep_draw_button(IMAGE_BUTTON_CONTINUE, 'glyphicon glyphicon-chevron-right', null, 'primary', null, 'btn-success'); ?></div>
</div>
</div>
</form>
<?php
require(DIR_WS_INCLUDES . 'template_bottom.php');
require(DIR_WS_INCLUDES . 'application_bottom.php');
?>