<% %> <% if not bValue(Session("UserID")) or IsEqual(Session("UserID"),"") then setArrElement Session,"MyURL",(CSmartStr(GetRequestValue(Request.ServerVariables,"SCRIPT_NAME")) & "?") & CSmartStr(GetRequestValue(Request.ServerVariables,"QUERY_STRING")) asp_header "Location: login.asp?message=expired" response.end end if message = "" go = 1 asp_include "include/xtempl.asp",false asp_include "classes/runnerpage.asp",false Set xt = (CreateClass("Xtempl",0,Empty,Empty,Empty,Empty,Empty,Empty,Empty)) doAssignment id,IIF(not IsEqual(postvalue("id"),""),postvalue("id"),1) Set params = (CreateDictionary2("pageType",PAGE_CHANGEPASS,"id",id)) setArrElementByRef params,"xt",xt setArrElement params,"tName","global" setArrElement params,"needSearchClauseObj",false Set pageObject = (CreateClass("RunnerPage",1,params,Empty,Empty,Empty,Empty,Empty,Empty)) doAssignmentByRef auditObj,GetAuditObject("") if bValue(globalEvents.exists_p1("BeforeProcessChangePwd")) then globalEvents.BeforeProcessChangePwd_p1 conn end if if IsEqual(GetRequestValue(RequestForm(),"btnSubmit"),"Submit") then go = CSmartDbl(postvalue("go"))+1 xt.assign_p2 "backlink_attrs",("href=""javascript:history.go(-" & CSmartStr(go)) & ")""" doAssignmentByRef opass,postvalue("opass") doAssignmentByRef newpass,postvalue("newpass") doAssignment newpassraw,newpass doAssignment value,Session("UserID") if bValue(NeedQuotes(cUserNameFieldType)) then value = ("'" & CSmartStr(db_addslashes(value))) & "'" else value = 0+CSmartDbl(value) end if doAssignment passvalue,newpass if bValue(NeedQuotes(cPasswordFieldType)) then passvalue = ("'" & CSmartStr(db_addslashes(passvalue))) & "'" else passvalue = 0+CSmartDbl(passvalue) end if sWhere = ((" where " & CSmartStr(AddFieldWrappers(cUserNameField))) & "=") & CSmartStr(value) strSQL = ("select * from " & CSmartStr(AddTableWrappers(cLoginTable))) & CSmartStr(sWhere) doAssignmentByRef rstemp,db_query(strSQL,conn) if bValue(doAssignmentByRef(row,db_fetch_array(rstemp))) then if IsEqual(opass,ArrayElement(row,cPasswordField)) then if not bValue(checkpassword(newpassraw)) then fmt = "Password must be at least %% characters length." doAssignmentByRef fmt,asp_str_replace("%%","8",fmt) message = CSmartStr(message) & ("
" & CSmartStr(fmt)) fmt = "Password must contain %% unique characters." doAssignmentByRef fmt,asp_str_replace("%%","4",fmt) message = CSmartStr(message) & ("
" & CSmartStr(fmt)) fmt = "Password must contain %% digits or symbols." doAssignmentByRef fmt,asp_str_replace("%%","2",fmt) message = CSmartStr(message) & ("
" & CSmartStr(fmt)) else retval = true if bValue(globalEvents.exists_p1("BeforeChangePassword")) then doAssignmentByRef retval,globalEvents.BeforeChangePassword_p2(postvalue("opass"),postvalue("newpass")) end if if bValue(retval) then strSQL = ((((("update " & CSmartStr(AddTableWrappers(cLoginTable))) & " set ") & CSmartStr(AddFieldWrappers(cPasswordField))) & "=") & CSmartStr(passvalue)) & CSmartStr(sWhere) db_exec strSQL,conn if bValue(auditObj) then auditObj.LogChPassword end if if bValue(globalEvents.exists_p1("AfterChangePassword")) then globalEvents.AfterChangePassword_p2 postvalue("opass"),postvalue("newpass") end if xt.assign_p2 "body",true xt.display_p1 "changepwd_success.htm" response.end end if end if else message = "Invalid password" end if end if else xt.assign_p2 "backlink_attrs","href=""javascript:history.go(-1)""" end if if bValue(message) then xt.assign_p2 "message",message xt.assign_p2 "message_block",true end if includes = "" includes = CSmartStr(includes) & "" & vbcrlf includes = CSmartStr(includes) & "" & vbcrlf if IsIdentical(pageObject.debugJSMode,true) then includes = CSmartStr(includes) & "" & vbcrlf else includes = CSmartStr(includes) & "" & vbcrlf end if setArrElement pageObject.body,"begin",CSmartStr(ArrayElement(pageObject.body,"begin")) & (((((CSmartStr(includes) & "" & vbcrlf & _ "

" & vbcrlf & _ "" & vbcrlf & _ "") setArrElement pageObject.body,"end",CSmartStr(ArrayElement(pageObject.body,"end")) & "

" pageObject.addCommonJs pageObject.fillSetCntrlMaps setArrElement pageObject.body,"end",CSmartStr(ArrayElement(pageObject.body,"end")) & "") pageObject.addButtonHandlers xt.assignbyref_p2 "body",pageObject.body templatefile = "changepwd.htm" if bValue(globalEvents.exists_p1("BeforeShowChangePwd")) then globalEvents.BeforeShowChangePwd_p2 xt,templatefile end if xt.display_p1 templatefile %>