161 lines
5.8 KiB
Plaintext
161 lines
5.8 KiB
Plaintext
<%@language="javascript"%>
|
|
<% /*
|
|
$Revision$
|
|
$Id$
|
|
|
|
File: pchange.asp
|
|
Description: Laat de user het wachtwoord wijzigen
|
|
Context: Modal vanuit bepaalde schermen, submit naar ..?
|
|
|
|
NOTE: Men kan zelf het eigen wachtwoord wijzigen, en
|
|
met WEB_PRSSYS of WEB_FACMGT rechten kan men dat ook
|
|
voor een ander (er wordt geen PRS-scope op FACMGT toegepast!)
|
|
*/ %>
|
|
<%
|
|
var EXPIRED_PASSWORD_OK = true;
|
|
%>
|
|
<!-- #include file="../Shared/common.inc" -->
|
|
<!-- #include file="../Shared/iface.inc" -->
|
|
<!-- #include file="../Shared/save2db.inc" -->
|
|
<!-- #include file="../Shared/login.inc" -->
|
|
<%
|
|
var isExpired = getQParamInt("expired",0) == 1; // Ben ik hier naar toe gestuurd vanwege een expired wachtwoord?
|
|
// Dan redirecten we na afloop naar de voorpagina
|
|
|
|
var theUser = getQParamInt("prs_key", user_key);
|
|
var xfunc = user.func_enabled2("FAC", { prs_key: theUser, isOptional: true } );
|
|
|
|
if (theUser != user_key && !xfunc.canWrite("WEB_PRSSYS")&& !xfunc.canWrite("WEB_FACMGT"))
|
|
abort_with_warning(L("lcl_no_auth"));
|
|
|
|
// Als ik zelf geen PRSSYS heb mag ik niet het wachtwoord veranderen van mensen die dat wel hebben.
|
|
// Anders een ernstig security lek
|
|
if (!xfunc.canWrite("WEB_PRSSYS") && new Perslid(theUser).checkAutorisation("WEB_PRSSYS", true))
|
|
abort_with_warning(L("lcl_no_auth"));
|
|
|
|
var user_info = new Perslid(theUser);
|
|
%>
|
|
<html>
|
|
<head>
|
|
<% FCLTHeader.Generate(); %>
|
|
<script type="text/javascript">
|
|
function pass_submit_callback(json)
|
|
{
|
|
<% if (isExpired) { %>
|
|
window.top.location.href = "<%=safe.jsstring(rooturl + "/")%>";
|
|
<% } else { %>
|
|
FcltMgr.closeDetail();
|
|
<% } %>
|
|
}
|
|
|
|
function logOffCallback(json, textStatus)
|
|
{
|
|
if (json && json.message)
|
|
FcltMgr.alert(json.message);
|
|
else
|
|
parent.location.href="<%=S("logoff_return_url")%>"
|
|
};
|
|
|
|
function logOff()
|
|
{
|
|
var data = {};
|
|
<% protectRequest.dataToken("data"); %>
|
|
$.post("../aut/LogOff.asp",
|
|
data,
|
|
logOffCallback,
|
|
"json");
|
|
}
|
|
|
|
function doOK()
|
|
{
|
|
if (!validateForm("u2"))
|
|
return false;
|
|
|
|
$.post($("form[name=u2]")[0].action, $("[name=u2]").serialize(), FcltCallbackAndThen(pass_submit_callback), "json");
|
|
}
|
|
|
|
function doCancel()
|
|
{
|
|
<% if (isExpired) { %>
|
|
logOff();
|
|
<% } else { %>
|
|
FcltMgr.closeDetail( {cancel: true });
|
|
<% } %>
|
|
}
|
|
|
|
function doClearSessions()
|
|
{
|
|
FcltMgr.confirm(L("lcl_qrc_auth_clear"), function() {
|
|
var data = {};
|
|
<% protectRequest.dataToken("data"); %>
|
|
$.post("prs_perslid_clear_sessions.asp?prs_key=<%=theUser%>", data, FcltCallbackAndThen(pass_submit_callback), "json");
|
|
});
|
|
}
|
|
|
|
function doClearPassword()
|
|
{
|
|
FcltMgr.confirm(L("lcl_clear_password"), function() {
|
|
var data = {
|
|
clear: 1,
|
|
password0: $("#password0").val() || ""
|
|
};
|
|
<% protectRequest.dataToken("data"); %>
|
|
$.post($("form[name=u2]")[0].action, data, FcltCallbackAndThen(pass_submit_callback), "json");
|
|
});
|
|
}
|
|
|
|
$(document).ready(function()
|
|
{
|
|
FcltMgr.resized();
|
|
});
|
|
|
|
</script>
|
|
</head>
|
|
|
|
<body class="modal" id="mod_prs_pwdchange">
|
|
<form action="pchange_save.asp?prs_key=<%=theUser%>&submit=1" method="post" name="u2">
|
|
<% BLOCK_START("prsPwd", L("lcl_password_title") + " " + safe.html(user_info.naam()));
|
|
if (Session("must_reset_password") == 1)
|
|
{
|
|
%><tr><td colspan="2"><%=L("lcl_password_expired_title")%></td></tr><%
|
|
}
|
|
else
|
|
{
|
|
if ( (!xfunc.canWrite("WEB_PRSSYS") && !xfunc.canWrite("WEB_FACMGT"))
|
|
|| (theUser == user_key && user_info.haspw())
|
|
)
|
|
RWFIELDTR("password0", "fldnotresponsive", L("lcl_ch_password_old"), "", { required: true, html: " type=password" });
|
|
}
|
|
RWFIELDTR("password1", "fldnotresponsive", L("lcl_ch_password_new"), "", { required: true, html: " type=password" });
|
|
RWFIELDTR("password2", "fldnotresponsive", L("lcl_ch_password_con"), "", { required: true, html: " type=password" });
|
|
if (theUser != user_key)
|
|
{
|
|
RWCHECKBOXTR("pass_expired", "fldcheck", L("lcl_ch_pass_expired"), false, { boxfirst: true });
|
|
// Een vinkje met 'Stuur bevestiging naar user_info.prs_perslid_email()' klinkt leuk maar dan staat
|
|
// het wachtwoord plain-text in een e-mail wat not done is.
|
|
// Als bovenstaand vinkje aanstaat zouden we wel de volgende aan kunnen zetten? Ooit...
|
|
// if (user_info.prs_perslid_email())
|
|
// RWCHECKBOXTR("pass_mail", "fldcheck", L("lcl_ch_pass_mail"));
|
|
}
|
|
|
|
BLOCK_END();
|
|
IFACE.FORM_END();
|
|
%>
|
|
</form>
|
|
|
|
<%
|
|
var buttons = [];
|
|
if (!isExpired && (theUser == user_key || xfunc.canWrite("WEB_PRSSYS") || xfunc.canWrite("WEB_FACMGT")))
|
|
buttons.push({title: L("lcl_delete_sessions"), icon:"reject.png", action:"doClearSessions()"});
|
|
if (!isExpired && (xfunc.canWrite("WEB_PRSSYS") || xfunc.canWrite("WEB_FACMGT")))
|
|
buttons.push({title: L("lcl_delete_password"), icon:"undo.png", action:"doClearPassword()"});
|
|
|
|
buttons.push({title: L("lcl_submit"), icon:"opslaan.png", action:"doOK()"});
|
|
buttons.push({title: L("lcl_cancel"), icon:"undo.png", action:"doCancel()"});
|
|
|
|
CreateButtons(buttons)
|
|
%>
|
|
</body>
|
|
</html>
|
|
|