104 lines
3.3 KiB
Plaintext
104 lines
3.3 KiB
Plaintext
<!--- v0.03 2023-01-07 Argon2 *** Lucee only --->
|
||
<cfsilent>
|
||
<cfimport prefix="m" taglib="lib"/>
|
||
<cfimport prefix="m" taglib="lib/bean"/>
|
||
<cfimport prefix="layout" taglib="layout"/>
|
||
|
||
<m:prepare_form pageInfoOut="pageInfo" trackOut="tr"/>
|
||
<!--- *** Проверки на допустимость пароля не совпадают --->
|
||
<cfif request.usr_id EQ request.ANONYMOUS_USR_ID><cfabort></cfif>
|
||
|
||
<cfparam name="old_password" default="">
|
||
<cfparam name="new_password" default="">
|
||
<cfparam name="new_password2" default="">
|
||
|
||
<cfset msg="">
|
||
|
||
<cfset structDelete(session,"settings")>
|
||
|
||
<cfif isDefined("act")>
|
||
<cfquery name="qCheckCredentials" datasource="#request.DS#">
|
||
select usr_id, password as pwdhash from usr
|
||
where usr_id='#request.usr_id#'
|
||
limit 1
|
||
/* AND pwdcompare('#old_password#',password,0) >0 */
|
||
</cfquery>
|
||
|
||
<!--- check credentials --->
|
||
<cfset checkHash=request.passwordHashCheck('#old_password#', qCheckCredentials.pwdhash, 'argon2id')/>
|
||
<cfset msg = loginPasswordPolicyCheck(request.usr_id, "", new_password, new_password2)/>
|
||
<cfif NOT checkHash>
|
||
<cfset msg="Старый пароль введен неверно"/>
|
||
</cfif>
|
||
|
||
<cfif msg EQ "" AND (qCheckCredentials.RecordCount GT 0) AND (new_password EQ new_password2)>
|
||
<cfset newHash=request.passwordHashCreate('#new_password#')/>
|
||
<cfquery name="qChange" datasource="#request.DS#">
|
||
update usr set password='#newHash#'
|
||
where usr_id='#request.usr_id#'
|
||
</cfquery>
|
||
<cflocation url="index.cfm" addtoken="No">
|
||
</cfif>
|
||
</cfif>
|
||
|
||
<cfif isDefined("cancel")>
|
||
<cflocation url="index.cfm" addtoken="No">
|
||
</cfif>
|
||
|
||
</cfsilent><!--- ----------------------------------------------------------------------------
|
||
---------------------------------------------------------------------------------------------
|
||
---------------------------------------------------------------------------------------------
|
||
---><layout:page section="header" pageInfo=#pageInfo# form="1">
|
||
<layout:attribute name="title">
|
||
<b>Смена пароля</b>
|
||
</layout:attribute>
|
||
</layout:page>
|
||
|
||
<style>
|
||
.tr {line-height:3em;}
|
||
.td {vertical-align: baseline;}
|
||
</style>
|
||
|
||
<!---<cfdump var=#request#/>--->
|
||
|
||
<cfoutput>
|
||
|
||
Смена пароля в локальной базе данных.
|
||
|
||
<div style="display:table; width:100%; height:100%;">
|
||
<div style="display:table-cell; text-align:center; vertical-align:middle;">
|
||
<div style="display:inline-block;">
|
||
<div class="table">
|
||
<div class="tr">
|
||
<div class="td">Старый пароль</div>
|
||
<div class="td"><input type="password" name="old_password"></div>
|
||
</div>
|
||
|
||
<div class="tr">
|
||
<div class="td">Новый пароль</div>
|
||
<div class="td"><input type="password" name="new_password"></div>
|
||
</div>
|
||
|
||
<div class="tr">
|
||
<div class="td">Подтверждение</div>
|
||
<div class="td"><input type="password" name="new_password2"></div>
|
||
</div>
|
||
|
||
<div class="tr">
|
||
<div class="td r"><button type="submit" class="maincontrol" name="act"> ОК </button></div>
|
||
<div class="td l"><button type="submit" class="maincontrol" name="cancel">Отмена</button></div>
|
||
</div>
|
||
</div>
|
||
</div>
|
||
|
||
<br/><br/>
|
||
<div class="c warn">#msg# </div>
|
||
<br/><br/><br/><br/><br/><br/><br/><br/><br/><br/><br/><br/>
|
||
|
||
</div>
|
||
</div>
|
||
|
||
|
||
|
||
</cfoutput>
|
||
<layout:page section="footer" closeForm="Yes"/> |