encryptOnClient () && strlen ($password) != 40) throw new Exception (__ ('Invalid Password! Verify if JavaScript support is active in your browser.')); $db = Database::singleton (); $sth = $db->prepare ("SELECT _name, _email, _password, _id, _type FROM _user WHERE _login = :login AND _deleted = '0' AND _active = '1'"); $sth->bindValue (':login', $login, PDO::PARAM_STR); $sth->execute (); $obj = $sth->fetch (PDO::FETCH_OBJ); if (!$obj) throw new Exception (__ ('Non-existent, Deleted or Inactive User!')); $name = $obj->_name; $email = $obj->_email; $passwd = $obj->_password; if (Security::singleton ()->getUserType ($obj->_type)->useLdap ()) { $ldap = Security::singleton ()->getUserType ($obj->_type)->getLdap (); $fields = array ('userPassword', 'mail', 'cn'); $ldap->connect (FALSE, FALSE, TRUE); $result = $ldap->load ($login, $fields); $name = $result ['cn']; $email = $result ['mail']; $passwd = $result ['userpassword']; $ldap->close (); } $systemHash = Security::singleton ()->getHash (); $vHash = sha1 ($systemHash . $name . $systemHash . $passwd . $systemHash . $email . $systemHash); if ((strlen ($hash) != 10 && $hash != $vHash) || (strlen ($hash) != 40 && $hash != shortlyHash ($vHash))) throw new Exception (__ ('Invalid Hash! Use the link "Recovery Password" at the login page for receive a valid hash into your e-mail.')); if (Security::singleton ()->getUserType ($obj->_type)->useLdap ()) { $ldap->connect (FALSE, FALSE, TRUE); $fields = $ldap->getEssentialPassword ($login, $password); $ldap->update ($fields, $login); $ldap->close (); } else { if (!Security::singleton ()->encryptOnClient ()) $password = sha1 ($password); $sth = $db->prepare ("UPDATE _user SET _password = :passwd WHERE _id = :id"); $sth->bindValue (':id', $obj->_id, PDO::PARAM_INT); $sth->bindValue (':passwd', $password, PDO::PARAM_STR); if (!$sth->execute ()) throw new Exception (__ ('Unable to change the password.')); } return TRUE; } catch (Exception $e) { $message->addWarning ($e->getMessage ()); } catch (PDOException $e) { $message->addWarning ($e->getMessage ()); } $message->save (); return FALSE; } public function delay () { sleep (1); } public function showMessages () { $message = Message::singleton (); if (!is_object ($message) || !$message->has ()) return FALSE; $str = ''; while ($msg = $message->get ()) $str .= $msg; $msgs = &XOAD_HTML::getElementById ('labelMessage'); $msgs->innerHTML = '