253 lines
8.4 KiB
PHP
253 lines
8.4 KiB
PHP
<?PHP
|
|
include_once("session_checker.php");
|
|
include_once 'class/ORAConnectionClass.php';
|
|
include_once 'init/initialisation_parameter.php';
|
|
?>
|
|
|
|
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
|
<html xmlns="http://www.w3.org/1999/xhtml">
|
|
<head>
|
|
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
|
|
<link rel="stylesheet" href="/css/style.css" type="text/css" />
|
|
<script language="javascript" type="text/JavaScript" src="/js/script_incl_js.js"></script>
|
|
<script language="VBScript" type="text/vbscript" src="js/script_incl_vb.js"></script>
|
|
<script language="javascript" type="text/JavaScript" src="/js/md5.js"></script>
|
|
<script language="javascript" type="text/JavaScript" src="/js/ajax.js"></script>
|
|
<title>Data Warehouse</title>
|
|
</head>
|
|
<body>
|
|
<div id="page" align="center">
|
|
<?php include_once("header.php"); ?>
|
|
<div id="content" align="center">
|
|
<?php include_once("navigation.php"); ?>
|
|
<div id="contenttext">
|
|
<?php include_once("group_header.php"); ?>
|
|
|
|
<div class="bodytext" style="padding:12px;" align="justify">
|
|
<h1>Change Password</h1>
|
|
<span>
|
|
<TABLE width="400" cellpadding="0" cellspacing="0" border="0" style="background-color:white;table-layout:fixed;">
|
|
<form name="CHANGEPWDFORM" onsubmit="return false;">
|
|
<tr>
|
|
<td style="padding:0px 0px 0px 7px;text-align:left" width="200">Old Password</td>
|
|
<td style="padding:0px 0px 0px 7px;text-align:left" width="200"> : <input type="password" name="oldpwd" size="20" style="font-size:10px;font-weight:bold"></td>
|
|
</tr>
|
|
<tr>
|
|
<td style="padding:0px 0px 0px 7px;text-align:left" width="200">New Password</td>
|
|
<td style="padding:0px 0px 0px 7px;text-align:left" width="200"> : <input type="password" name="newpwd" size="20" style="font-size:10px;font-weight:bold"><input type="hidden" name="uid" value="<?=strtoupper(trim($_SESSION['KD_USER']))?>"></td>
|
|
</tr>
|
|
<tr>
|
|
<td style="padding:0px 0px 0px 7px;text-align:left">Retype New Password</td>
|
|
<td style="padding:0px 0px 0px 7px;text-align:left"> : <input type="password" name="retypenewpwd" size="20" style="font-size:10px;font-weight:bold"></td>
|
|
</tr>
|
|
<tr style="padding:5px 0 5px 0;">
|
|
<td colspan="2" style="text-align:left" width="350">
|
|
<INPUT type="button" name="resetBtn" value="Reset" style="font-size:10px;font-weight:bold" onclick="javascript:initChangePwdForm();return false;">
|
|
<INPUT type="submit" name="changePwdBtn" value="Change Password" style="font-size:10px;font-weight:bold">
|
|
<input type="hidden" id="minLenPassword" name="minLenPassword" readonly>
|
|
<input type="hidden" id="masterStatus" name="masterStatus" value="<?php echo $_SESSION['MASTER_STATUS']?>" readonly>
|
|
</td>
|
|
</tr>
|
|
</form>
|
|
</TABLE>
|
|
<div id="CHANGEPWDRES" style="text-align:center;"></div>
|
|
</span>
|
|
</div>
|
|
<?php include_once("footer.php"); ?>
|
|
</div>
|
|
<script language="JavaScript" type="text/javascript">
|
|
function window.onload(){
|
|
AjaxGetLoginParam();
|
|
}
|
|
</script>
|
|
</body>
|
|
</html>
|
|
<script type="text/javascript" src="/js/gen_validatorv31.js"></script>
|
|
<script type="text/javascript">
|
|
var ajax = new sack();
|
|
initFormValidator();
|
|
|
|
function initFormValidator(){
|
|
var frmvalidator = new Validator("CHANGEPWDFORM");
|
|
frmvalidator.setAddnlValidationFunction("changePassword");
|
|
|
|
frmvalidator.addValidation("newpwd","req","NEW password is required.");
|
|
frmvalidator.addValidation("newpwd","alnum","Alphanumeric characters only");
|
|
frmvalidator.addValidation("oldpwd","req","OLD password is required.");
|
|
frmvalidator.addValidation("oldpwd","alnum","Alphanumeric characters only");
|
|
frmvalidator.addValidation("retypenewpwd","req","RETYPE New password is required.");
|
|
frmvalidator.addValidation("retypenewpwd","alnum","Alphanumeric characters only");
|
|
}
|
|
|
|
|
|
function changePassword(){
|
|
document.getElementById("CHANGEPWDRES").innerHTML = "";
|
|
if (confirm("Are you sure you want to CHANGE PASSWORD?")) {
|
|
var valPwd = validatePwd(CHANGEPWDFORM);
|
|
if (valPwd == 0) {
|
|
var encpwd = makeHash(CHANGEPWDFORM.uid.value,CHANGEPWDFORM.newpwd.value);
|
|
var encoldpwd = makeHash(CHANGEPWDFORM.uid.value,CHANGEPWDFORM.oldpwd.value);
|
|
ajaxChangePassword(encpwd,encoldpwd);
|
|
} else {
|
|
if (valPwd == 1) {
|
|
// oldPwd == newPwd
|
|
msg = "New Password identical with Old Pasword";
|
|
CHANGEPWDFORM.newpwd.focus();
|
|
} else if (valPwd == 2) {
|
|
// newPwd.length == 0
|
|
msg = "New Password has to be filled";
|
|
CHANGEPWDFORM.newpwd.focus();
|
|
} else if (valPwd == 3) {
|
|
// reType.length == 0
|
|
msg = "Retype Password has to be filled";
|
|
CHANGEPWDFORM.retypenewpwd.focus();
|
|
} else if (valPwd == 4) {
|
|
// newPwd.length < minLen
|
|
msg = "New Password less than required length";
|
|
CHANGEPWDFORM.newpwd.focus();
|
|
} else if (valPwd == 5) {
|
|
// reType == newPwd
|
|
msg = "New Password not identical with Retype password field";
|
|
CHANGEPWDFORM.retypenewpwd.value = "";
|
|
CHANGEPWDFORM.retypenewpwd.focus();
|
|
} else if (valPwd == 6) {
|
|
// uid.length == 0
|
|
msg = "Invalid user";
|
|
}
|
|
alerter(msg,"ERROR","");
|
|
}
|
|
} else {
|
|
document.getElementById("CHANGEPWDRES").innerHTML = "Changing password cancelled by user.";
|
|
}
|
|
}
|
|
|
|
function validatePwd( frm ) {
|
|
var oldPwd = frm.oldpwd.value;
|
|
var newPwd = frm.newpwd.value;
|
|
var reType = frm.retypenewpwd.value;
|
|
var minLen = frm.minLenPassword.value;
|
|
var uid = frm.uid.value;
|
|
var retVal = 0;
|
|
var chkPwd = true;
|
|
|
|
while (chkPwd) {
|
|
if (oldPwd === newPwd) {
|
|
retVal = 1;
|
|
break;
|
|
}
|
|
if (newPwd.length == 0) {
|
|
retVal = 2;
|
|
break;
|
|
}
|
|
if (reType.length == 0) {
|
|
retVal = 3;
|
|
break;
|
|
}
|
|
if (newPwd.length < minLen) {
|
|
retVal = 4;
|
|
break;
|
|
}
|
|
if (reType != newPwd) {
|
|
retVal = 5;
|
|
break;
|
|
}
|
|
if (uid.length == 0) {
|
|
retVal = 6;
|
|
break;
|
|
}
|
|
chkPwd = false;
|
|
}
|
|
return retVal;
|
|
}
|
|
|
|
/*init form function*/
|
|
|
|
function initChangePwdForm(){
|
|
CHANGEPWDFORM.newpwd.value = "";
|
|
CHANGEPWDFORM.oldpwd.value = "";
|
|
CHANGEPWDFORM.retypenewpwd.value = "";
|
|
}
|
|
/*end init form function*/
|
|
/*ajax function*/
|
|
function ajaxChangePassword(encpwd,encoldpwd){
|
|
document.getElementById("CHANGEPWDRES").innerHTML = "Changing Password... please wait";
|
|
var data="action=changePwd";
|
|
data=data+"&encPwd="+encpwd;
|
|
data=data+"&encOldPwd="+encoldpwd;
|
|
data=data+"&sid="+Math.random();
|
|
ajax.requestFile = '/change_password_ajax.php?'+data;
|
|
ajax.onCompletion = chgPwdChanged;
|
|
ajax.runAJAX();
|
|
}
|
|
|
|
function chgPwdChanged(){
|
|
var msg;
|
|
if (ajax.response == 1) {
|
|
ajax.reset();
|
|
if (document.getElementById("masterStatus").value == 'P') {
|
|
msg = "Password has been save successfully changed, log out now";
|
|
alerter(msg,"INFORMATION",64);
|
|
doLogout();
|
|
} else {
|
|
msg = "Password has been save successfully changed.";
|
|
alerter(msg,"INFORMATION",64);
|
|
document.getElementById("CHANGEPWDRES").innerHTML = msg;
|
|
initChangePwdForm();
|
|
}
|
|
} else {
|
|
if (ajax.response == -1){
|
|
msg = "Unable to change password.";
|
|
} else if (ajax.response == -2){
|
|
msg = "Unable to change password because data waiting for authorisation.";
|
|
} else if (ajax.response == -3){
|
|
msg = "Unable to change password neither user nor application is not authorised to change the password for this user";
|
|
} else if (ajax.response == -4){
|
|
msg = "Old password is wrong.";
|
|
CHANGEPWDFORM.oldpwd.value = "";
|
|
CHANGEPWDFORM.oldpwd.focus();
|
|
document.getElementById("CHANGEPWDRES").innerHTML = msg;
|
|
} else {
|
|
msg = ajax.response;
|
|
}
|
|
alerter(msg,"ERROR","");
|
|
ajax.reset();
|
|
}
|
|
}
|
|
|
|
function AjaxGetLoginParam() {
|
|
document.getElementById("CHANGEPWDRES").innerHTML = "Get Parameter... please wait";
|
|
var data="action=getParam";
|
|
data=data+"¶mid=MIN_LEN_PASSWORD";
|
|
data=data+"&sid="+Math.random();
|
|
ajax.requestFile = '/change_password_ajax.php?'+data;
|
|
ajax.onCompletion = paramChanged;
|
|
ajax.runAJAX();
|
|
}
|
|
|
|
function paramChanged(){
|
|
CHANGEPWDFORM.minLenPassword.value = ajax.response;
|
|
document.getElementById("CHANGEPWDRES").innerHTML = "";
|
|
ajax.reset();
|
|
}
|
|
|
|
function doLogout() {
|
|
var data="action=logout";
|
|
data=data+"&sid="+Math.random();
|
|
ajax.requestFile = '/ajax_login.php?'+data;
|
|
ajax.onCompletion = logChanged;
|
|
ajax.runAJAX();
|
|
}
|
|
|
|
function logChanged(){
|
|
if (ajax.response == 1) {
|
|
ajax.reset();
|
|
location.href="/index.php";
|
|
} else {
|
|
ajax.reset();
|
|
alert("ERROR: Could not log you out at this time.");
|
|
}
|
|
}
|
|
|
|
</SCRIPT>
|
|
|