more security to allow a user to change his password
procedure setAccount();
var
a: Paccount;
s: string;
begin
result:='';
if p > '' then
a:=getAccount(p, TRUE)
else
a:=md.cd.account;
if a = NIL then exit;
spaceIf(TRUE);
try //mod by mars
s:='';
if a.pwd<>'' then s:=parEx('oldpass');
if (a.pwd=s) and validUsername(s, TRUE) then
try
s:=parEx('password');
if validUsername(s, TRUE) then
a.pwd:=s;
except end;
except end;
usage: {.set account|%user%|password=NEWPASSWORD|oldpass=OLDPASSORD.}
procedure getterAccount();
var
a: Paccount;
s: string;
begin
result:='';
if p > '' then
a:=getAccount(p, TRUE)
else
a:=md.cd.account;
if a = NIL then exit;
s:=lowercase(par(1));
if s = 'redirect' then result:=a.redir
else if s = 'has password' then trueIf((a.pwd=par(2)) or (a.pwd=pars[2])) //add by mars
else if s = 'no limits' then trueIf(a.nolimits)
else if s = 'enabled' then trueIf(a.enabled)
else if s = 'is group' then trueIf(a.group)
else if s = 'member of' then result:=join(';',a.link)
else if s = 'notes' then result:=a.notes;
try result:=getKeyFromString(a.notes, parEx('notes key')) except end;
end; // getterAccount
usage: {.get account|%user%|has password|PASSWORD.}
Example of application :
<form method=post action="/~selfpasschange>
<table>
<tr><td align=left>{.!Username.}<td><INPUT READONLY NAME="name" value="%user%">
<tr><td align=left>{.!Current Password.}<td><input type="password" name="oldpass">
<tr><td align=left>{.!New Password.}<td><input type="password" name="newpass">
<tr><td align=left>{.!Confirm Password.}<td><input type="password" name="confirmpass">
<tr><td align=left><td align=center><input type=submit value="{.!Change.}">
</tr></table
[selfpasschange]
{.if|{.and|%user%|{.{.postvar|newpass.}={.postvar|confirmpass.}.}/and.}|
{:{.set account|%user%|oldpass={.postvar|oldpass.}|password={.postvar|newpass.}.}:}
/if.}
{.if|{.get account|%user%|has password|{.postvar|newpass.}.}
|{:<b>{.!The new password is.} : <INPUT READONLY NAME="name" value="{.postvar|newpass.}"></b>:}
|<b><font color=firebrick>{.!Error during change password !.}</b>
/if.}