dwh/change_password.php

<?PHP
include_once("session_checker.php");
include_once 'class/ORAConnectionClass.php';
include_once 'init/initialisation_parameter.php';
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
	<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
	<link rel="stylesheet" href="/css/style.css" type="text/css" />
	<script language="javascript" type="text/JavaScript" src="/js/script_incl_js.js"></script>
	<script language="VBScript"  type="text/vbscript" src="js/script_incl_vb.js"></script>
	<script language="javascript" type="text/JavaScript" src="/js/md5.js"></script>
	<script language="javascript" type="text/JavaScript" src="/js/ajax.js"></script>
	<title>Data Warehouse</title>
</head>
<body>
	<div id="page" align="center">
		<?php include_once("header.php"); ?>
	<div id="content" align="center">
		<?php include_once("navigation.php"); ?>
	<div id="contenttext">
		<?php include_once("group_header.php"); ?>

	<div class="bodytext" style="padding:12px;" align="justify">
		<h1>Change Password</h1>
		<span>
			<TABLE width="400" cellpadding="0" cellspacing="0" border="0" style="background-color:white;table-layout:fixed;">
			<form name="CHANGEPWDFORM" onsubmit="return false;">
				<tr>
					<td style="padding:0px 0px 0px 7px;text-align:left" width="200">Old Password</td>
					<td style="padding:0px 0px 0px 7px;text-align:left" width="200"> : <input type="password" name="oldpwd" size="20" style="font-size:10px;font-weight:bold"></td>
				</tr>
				<tr>
					<td style="padding:0px 0px 0px 7px;text-align:left" width="200">New Password</td>
					<td style="padding:0px 0px 0px 7px;text-align:left" width="200"> : <input type="password" name="newpwd" size="20" style="font-size:10px;font-weight:bold"><input type="hidden" name="uid" value="<?=strtoupper(trim($_SESSION['KD_USER']))?>"></td>
				</tr>
				<tr>
					<td style="padding:0px 0px 0px 7px;text-align:left">Retype New Password</td>
					<td style="padding:0px 0px 0px 7px;text-align:left"> : <input type="password" name="retypenewpwd" size="20" style="font-size:10px;font-weight:bold"></td>
				</tr>
				<tr  style="padding:5px 0 5px 0;">
					<td colspan="2" style="text-align:left" width="350">
						<INPUT type="button" name="resetBtn" value="Reset" style="font-size:10px;font-weight:bold" onclick="javascript:initChangePwdForm();return false;">
						<INPUT type="submit" name="changePwdBtn" value="Change Password" style="font-size:10px;font-weight:bold">
						<input type="hidden" id="minLenPassword" name="minLenPassword" readonly>
						<input type="hidden" id="masterStatus" name="masterStatus" value="<?php echo $_SESSION['MASTER_STATUS']?>" readonly>				
					</td>
				</tr>
			</form>
			</TABLE>
			<div id="CHANGEPWDRES" style="text-align:center;"></div>
		</span>
	</div>
	<?php include_once("footer.php"); ?>
	</div>
	<script language="JavaScript" type="text/javascript">
		function window.onload(){
			AjaxGetLoginParam();
		}
	</script>
</body>
</html>
	<script type="text/javascript" src="/js/gen_validatorv31.js"></script>
	<script type="text/javascript">
	var ajax = new sack();
	initFormValidator();

	function initFormValidator(){
		var frmvalidator  = new Validator("CHANGEPWDFORM");
		frmvalidator.setAddnlValidationFunction("changePassword");

		frmvalidator.addValidation("newpwd","req","NEW password is required.");
		frmvalidator.addValidation("newpwd","alnum","Alphanumeric characters only");
		frmvalidator.addValidation("oldpwd","req","OLD password is required.");
		frmvalidator.addValidation("oldpwd","alnum","Alphanumeric characters only");
		frmvalidator.addValidation("retypenewpwd","req","RETYPE New password is required.");
		frmvalidator.addValidation("retypenewpwd","alnum","Alphanumeric characters only");
	}


	function changePassword(){
		document.getElementById("CHANGEPWDRES").innerHTML = "";		
		if (confirm("Are you sure you want to CHANGE PASSWORD?")) {		
			var valPwd = validatePwd(CHANGEPWDFORM);
			if (valPwd == 0) {
				var encpwd = makeHash(CHANGEPWDFORM.uid.value,CHANGEPWDFORM.newpwd.value);
				var encoldpwd = makeHash(CHANGEPWDFORM.uid.value,CHANGEPWDFORM.oldpwd.value);
				ajaxChangePassword(encpwd,encoldpwd);
			} else {
				if (valPwd == 1) {
					// oldPwd == newPwd
					msg = "New Password identical with Old Pasword";
					CHANGEPWDFORM.newpwd.focus();
				} else if (valPwd == 2) {
					// newPwd.length == 0
					msg = "New Password has to be filled";
					CHANGEPWDFORM.newpwd.focus();
				} else if (valPwd == 3) {
					// reType.length == 0
					msg = "Retype Password has to be filled";
					CHANGEPWDFORM.retypenewpwd.focus();
				} else if (valPwd == 4) {
					// newPwd.length < minLen
					msg = "New Password less than required length";
					CHANGEPWDFORM.newpwd.focus();
				} else if (valPwd == 5) {
					// reType == newPwd
					msg = "New Password not identical with Retype password field";
					CHANGEPWDFORM.retypenewpwd.value = "";
					CHANGEPWDFORM.retypenewpwd.focus();					
				} else if (valPwd == 6) {
					// uid.length == 0
					msg = "Invalid user";
				}
				alerter(msg,"ERROR","");
			} 
		} else {
			document.getElementById("CHANGEPWDRES").innerHTML = "Changing password cancelled by user.";
		}
	}

	function validatePwd( frm ) {
		var oldPwd = frm.oldpwd.value;
		var newPwd = frm.newpwd.value;
		var reType = frm.retypenewpwd.value;
		var minLen = frm.minLenPassword.value;
		var uid = frm.uid.value;
		var retVal = 0;
		var chkPwd = true;
		
		while (chkPwd) {
			if (oldPwd === newPwd) {
				retVal = 1;
				break;
			}
			if (newPwd.length == 0) {
				retVal = 2;
				break;
			}
			if (reType.length == 0) {
				retVal = 3;
				break;
			}
			if (newPwd.length < minLen) {
				retVal = 4;
				break;			
			}
			if (reType != newPwd) {
				retVal = 5;
				break;
			}
			if (uid.length == 0) {
				retVal = 6;
				break;
			}
			chkPwd = false;
		}
		return retVal;
	}

	/*init form function*/

	function initChangePwdForm(){
		CHANGEPWDFORM.newpwd.value = "";
		CHANGEPWDFORM.oldpwd.value = "";
		CHANGEPWDFORM.retypenewpwd.value = "";
	}
	/*end init form function*/
	/*ajax function*/
	function ajaxChangePassword(encpwd,encoldpwd){
		document.getElementById("CHANGEPWDRES").innerHTML = "Changing Password... please wait";
		var data="action=changePwd";
		data=data+"&encPwd="+encpwd;
		data=data+"&encOldPwd="+encoldpwd;
		data=data+"&sid="+Math.random();
		ajax.requestFile = '/change_password_ajax.php?'+data;
		ajax.onCompletion = chgPwdChanged;
		ajax.runAJAX();
	}

	function chgPwdChanged(){
		var msg;
		if (ajax.response == 1) {
			ajax.reset();
			if (document.getElementById("masterStatus").value == 'P') {
				msg = "Password has been save successfully changed, log out now";
				alerter(msg,"INFORMATION",64);
				doLogout();
			} else {
			msg = "Password has been save successfully changed.";
			alerter(msg,"INFORMATION",64);
			document.getElementById("CHANGEPWDRES").innerHTML = msg;
			initChangePwdForm();
			}			
		} else {
			if (ajax.response == -1){
				msg = "Unable to change password.";
			} else if (ajax.response == -2){
				msg = "Unable to change password because data waiting for authorisation.";
			} else if (ajax.response == -3){
				msg = "Unable to change password neither user nor application is not authorised to change the password for this user";
			} else if (ajax.response == -4){
				msg = "Old password is wrong.";
				CHANGEPWDFORM.oldpwd.value = "";
				CHANGEPWDFORM.oldpwd.focus();
				document.getElementById("CHANGEPWDRES").innerHTML = msg;
			} else {
				msg = ajax.response;
			}
			alerter(msg,"ERROR","");
			ajax.reset();
		}
	}
	
	function AjaxGetLoginParam() {
		document.getElementById("CHANGEPWDRES").innerHTML = "Get Parameter... please wait";
		var data="action=getParam";
		data=data+"&paramid=MIN_LEN_PASSWORD";
		data=data+"&sid="+Math.random();
		ajax.requestFile = '/change_password_ajax.php?'+data;
		ajax.onCompletion = paramChanged;
		ajax.runAJAX();
	}

	function paramChanged(){
		CHANGEPWDFORM.minLenPassword.value = ajax.response;
		document.getElementById("CHANGEPWDRES").innerHTML = "";
		ajax.reset();
	}

	function doLogout() {
		var data="action=logout";
		data=data+"&sid="+Math.random();
		ajax.requestFile = '/ajax_login.php?'+data;
		ajax.onCompletion = logChanged;
		ajax.runAJAX();
	}
	
	function logChanged(){
		if (ajax.response == 1) {
			ajax.reset();
			location.href="/index.php";
		} else {
			ajax.reset();
			alert("ERROR: Could not log you out at this time.");
		}
	}
	
	</SCRIPT>
first commit 2023-10-02 10:26:17 +00:00			`<?PHP`
			`include_once("session_checker.php");`
			`include_once 'class/ORAConnectionClass.php';`
			`include_once 'init/initialisation_parameter.php';`
			`?>`

			`<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">`
			`<html xmlns="http://www.w3.org/1999/xhtml">`
			`<head>`
			`<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />`
			`<link rel="stylesheet" href="/css/style.css" type="text/css" />`
			`<script language="javascript" type="text/JavaScript" src="/js/script_incl_js.js"></script>`
			`<script language="VBScript" type="text/vbscript" src="js/script_incl_vb.js"></script>`
			`<script language="javascript" type="text/JavaScript" src="/js/md5.js"></script>`
			`<script language="javascript" type="text/JavaScript" src="/js/ajax.js"></script>`
			`<title>Data Warehouse</title>`
			`</head>`
			`<body>`
			`<div id="page" align="center">`
			`<?php include_once("header.php"); ?>`
			`<div id="content" align="center">`
			`<?php include_once("navigation.php"); ?>`
			`<div id="contenttext">`
			`<?php include_once("group_header.php"); ?>`

			`<div class="bodytext" style="padding:12px;" align="justify">`
			`<h1>Change Password</h1>`
			`<span>`
			`<TABLE width="400" cellpadding="0" cellspacing="0" border="0" style="background-color:white;table-layout:fixed;">`
			`<form name="CHANGEPWDFORM" onsubmit="return false;">`
			`<tr>`
			`<td style="padding:0px 0px 0px 7px;text-align:left" width="200">Old Password</td>`
			`<td style="padding:0px 0px 0px 7px;text-align:left" width="200"> : <input type="password" name="oldpwd" size="20" style="font-size:10px;font-weight:bold"></td>`
			`</tr>`
			`<tr>`
			`<td style="padding:0px 0px 0px 7px;text-align:left" width="200">New Password</td>`
			`<td style="padding:0px 0px 0px 7px;text-align:left" width="200"> : <input type="password" name="newpwd" size="20" style="font-size:10px;font-weight:bold"><input type="hidden" name="uid" value="<?=strtoupper(trim($_SESSION['KD_USER']))?>"></td>`
			`</tr>`
			`<tr>`
			`<td style="padding:0px 0px 0px 7px;text-align:left">Retype New Password</td>`
			`<td style="padding:0px 0px 0px 7px;text-align:left"> : <input type="password" name="retypenewpwd" size="20" style="font-size:10px;font-weight:bold"></td>`
			`</tr>`
			`<tr style="padding:5px 0 5px 0;">`
			`<td colspan="2" style="text-align:left" width="350">`
			`<INPUT type="button" name="resetBtn" value="Reset" style="font-size:10px;font-weight:bold" onclick="javascript:initChangePwdForm();return false;">`
			`<INPUT type="submit" name="changePwdBtn" value="Change Password" style="font-size:10px;font-weight:bold">`
			`<input type="hidden" id="minLenPassword" name="minLenPassword" readonly>`
			`<input type="hidden" id="masterStatus" name="masterStatus" value="<?php echo $_SESSION['MASTER_STATUS']?>" readonly>`
			`</td>`
			`</tr>`
			`</form>`
			`</TABLE>`
			`<div id="CHANGEPWDRES" style="text-align:center;"></div>`
			`</span>`
			`</div>`
			`<?php include_once("footer.php"); ?>`
			`</div>`
			`<script language="JavaScript" type="text/javascript">`
			`function window.onload(){`
			`AjaxGetLoginParam();`
			`}`
			`</script>`
			`</body>`
			`</html>`
			`<script type="text/javascript" src="/js/gen_validatorv31.js"></script>`
			`<script type="text/javascript">`
			`var ajax = new sack();`
			`initFormValidator();`

			`function initFormValidator(){`
			`var frmvalidator = new Validator("CHANGEPWDFORM");`
			`frmvalidator.setAddnlValidationFunction("changePassword");`

			`frmvalidator.addValidation("newpwd","req","NEW password is required.");`
			`frmvalidator.addValidation("newpwd","alnum","Alphanumeric characters only");`
			`frmvalidator.addValidation("oldpwd","req","OLD password is required.");`
			`frmvalidator.addValidation("oldpwd","alnum","Alphanumeric characters only");`
			`frmvalidator.addValidation("retypenewpwd","req","RETYPE New password is required.");`
			`frmvalidator.addValidation("retypenewpwd","alnum","Alphanumeric characters only");`
			`}`


			`function changePassword(){`
			`document.getElementById("CHANGEPWDRES").innerHTML = "";`
			`if (confirm("Are you sure you want to CHANGE PASSWORD?")) {`
			`var valPwd = validatePwd(CHANGEPWDFORM);`
			`if (valPwd == 0) {`
			`var encpwd = makeHash(CHANGEPWDFORM.uid.value,CHANGEPWDFORM.newpwd.value);`
			`var encoldpwd = makeHash(CHANGEPWDFORM.uid.value,CHANGEPWDFORM.oldpwd.value);`
			`ajaxChangePassword(encpwd,encoldpwd);`
			`} else {`
			`if (valPwd == 1) {`
			`// oldPwd == newPwd`
			`msg = "New Password identical with Old Pasword";`
			`CHANGEPWDFORM.newpwd.focus();`
			`} else if (valPwd == 2) {`
			`// newPwd.length == 0`
			`msg = "New Password has to be filled";`
			`CHANGEPWDFORM.newpwd.focus();`
			`} else if (valPwd == 3) {`
			`// reType.length == 0`
			`msg = "Retype Password has to be filled";`
			`CHANGEPWDFORM.retypenewpwd.focus();`
			`} else if (valPwd == 4) {`
			`// newPwd.length < minLen`
			`msg = "New Password less than required length";`
			`CHANGEPWDFORM.newpwd.focus();`
			`} else if (valPwd == 5) {`
			`// reType == newPwd`
			`msg = "New Password not identical with Retype password field";`
			`CHANGEPWDFORM.retypenewpwd.value = "";`
			`CHANGEPWDFORM.retypenewpwd.focus();`
			`} else if (valPwd == 6) {`
			`// uid.length == 0`
			`msg = "Invalid user";`
			`}`
			`alerter(msg,"ERROR","");`
			`}`
			`} else {`
			`document.getElementById("CHANGEPWDRES").innerHTML = "Changing password cancelled by user.";`
			`}`
			`}`

			`function validatePwd( frm ) {`
			`var oldPwd = frm.oldpwd.value;`
			`var newPwd = frm.newpwd.value;`
			`var reType = frm.retypenewpwd.value;`
			`var minLen = frm.minLenPassword.value;`
			`var uid = frm.uid.value;`
			`var retVal = 0;`
			`var chkPwd = true;`

			`while (chkPwd) {`
			`if (oldPwd === newPwd) {`
			`retVal = 1;`
			`break;`
			`}`
			`if (newPwd.length == 0) {`
			`retVal = 2;`
			`break;`
			`}`
			`if (reType.length == 0) {`
			`retVal = 3;`
			`break;`
			`}`
			`if (newPwd.length < minLen) {`
			`retVal = 4;`
			`break;`
			`}`
			`if (reType != newPwd) {`
			`retVal = 5;`
			`break;`
			`}`
			`if (uid.length == 0) {`
			`retVal = 6;`
			`break;`
			`}`
			`chkPwd = false;`
			`}`
			`return retVal;`
			`}`

			`/init form function/`

			`function initChangePwdForm(){`
			`CHANGEPWDFORM.newpwd.value = "";`
			`CHANGEPWDFORM.oldpwd.value = "";`
			`CHANGEPWDFORM.retypenewpwd.value = "";`
			`}`
			`/end init form function/`
			`/ajax function/`
			`function ajaxChangePassword(encpwd,encoldpwd){`
			`document.getElementById("CHANGEPWDRES").innerHTML = "Changing Password... please wait";`
			`var data="action=changePwd";`
			`data=data+"&encPwd="+encpwd;`
			`data=data+"&encOldPwd="+encoldpwd;`
			`data=data+"&sid="+Math.random();`
			`ajax.requestFile = '/change_password_ajax.php?'+data;`
			`ajax.onCompletion = chgPwdChanged;`
			`ajax.runAJAX();`
			`}`

			`function chgPwdChanged(){`
			`var msg;`
			`if (ajax.response == 1) {`
			`ajax.reset();`
			`if (document.getElementById("masterStatus").value == 'P') {`
			`msg = "Password has been save successfully changed, log out now";`
			`alerter(msg,"INFORMATION",64);`
			`doLogout();`
			`} else {`
			`msg = "Password has been save successfully changed.";`
			`alerter(msg,"INFORMATION",64);`
			`document.getElementById("CHANGEPWDRES").innerHTML = msg;`
			`initChangePwdForm();`
			`}`
			`} else {`
			`if (ajax.response == -1){`
			`msg = "Unable to change password.";`
			`} else if (ajax.response == -2){`
			`msg = "Unable to change password because data waiting for authorisation.";`
			`} else if (ajax.response == -3){`
			`msg = "Unable to change password neither user nor application is not authorised to change the password for this user";`
			`} else if (ajax.response == -4){`
			`msg = "Old password is wrong.";`
			`CHANGEPWDFORM.oldpwd.value = "";`
			`CHANGEPWDFORM.oldpwd.focus();`
			`document.getElementById("CHANGEPWDRES").innerHTML = msg;`
			`} else {`
			`msg = ajax.response;`
			`}`
			`alerter(msg,"ERROR","");`
			`ajax.reset();`
			`}`
			`}`

			`function AjaxGetLoginParam() {`
			`document.getElementById("CHANGEPWDRES").innerHTML = "Get Parameter... please wait";`
			`var data="action=getParam";`
			`data=data+"&paramid=MIN_LEN_PASSWORD";`
			`data=data+"&sid="+Math.random();`
			`ajax.requestFile = '/change_password_ajax.php?'+data;`
			`ajax.onCompletion = paramChanged;`
			`ajax.runAJAX();`
			`}`

			`function paramChanged(){`
			`CHANGEPWDFORM.minLenPassword.value = ajax.response;`
			`document.getElementById("CHANGEPWDRES").innerHTML = "";`
			`ajax.reset();`
			`}`

			`function doLogout() {`
			`var data="action=logout";`
			`data=data+"&sid="+Math.random();`
			`ajax.requestFile = '/ajax_login.php?'+data;`
			`ajax.onCompletion = logChanged;`
			`ajax.runAJAX();`
			`}`

			`function logChanged(){`
			`if (ajax.response == 1) {`
			`ajax.reset();`
			`location.href="/index.php";`
			`} else {`
			`ajax.reset();`
			`alert("ERROR: Could not log you out at this time.");`
			`}`
			`}`

			`</SCRIPT>`