#!/usr/bin/perl #use utf8; use strict; use CGI; use Opals::Context; use Opals::Template qw( tmpl_read tmpl_write tmpl_redirect ); use Opals::Locale qw( loc_getMsgFile loc_write ); use Digest::SHA qw( sha1_base64 sha1_hex ); my $dbh = Opals::Context->dbh(); END { $dbh->disconnect(); } my $cgi = CGI->new; my $input = $cgi->Vars(); my ($permission, $cookie, $template) = tmpl_read( { dbh => $dbh, cgi => $cgi, tmplFile => 'user/changePassword.tmpl', } ); my $uid = $template->param('curUserId'); my ($changeCompleted,$changeError)=(0,0); my $password_old = $input->{'pwd_cur'}; my $password_new = $input->{'pwd_new'}; if(defined $password_old && $password_old ne '' && defined $password_new && $password_new ne ''){ if(validateOldPassword($dbh,$password_old,$uid)){ updatePassword($dbh,$password_new,$uid); $changeCompleted=1; } else{ $changeError=1; } } $template->param( changeCompleted => $changeCompleted, changeError =>$changeError ); my $msgValMap ={}; my $stdMsgMap =loc_getMsgFile('user/changePassword.msg'); loc_write($template,$stdMsgMap); tmpl_write($dbh, $cgi, $cookie, $template); #============================================== # sub validateOldPassword{ my ($dbh,$password,$uid) = @_; my $ret=0; $password = sha1_base64($password); my $sth = $dbh->prepare(<<_STH_); select uid from opl_user where password = ? && uid = ? _STH_ $sth->execute($password,$uid)|| return 0; if(my $r =$sth->fetchrow_hashref){ $ret=$r->{'uid'}; } $sth->finish; return $ret; } #============================================== # sub updatePassword{ my ($dbh,$password,$uid) = @_; $password = sha1_base64($password); my $sth = $dbh->prepare(<<_STH_); update opl_user set password = ? where uid = ? _STH_ $sth->execute($password,$uid)|| return; $sth->finish; return $uid; } #==============================================