<%@LANGUAGE="VBSCRIPT"%>
<%
'=====================================================
' change_password.asp
'
' Don't think this is accessible
'=====================================================
%>
<%
Option explicit
' Good idea to set when using redirect
Response.Expires = 0 ' always load the page, dont store
%>
<%
'------------ ACCESS CONTROL ------------------
%>
<%
'------------ Variable Definition -------------
Dim parReturn
Dim parUsername
Dim parPassword
'------------ Constants Declaration -----------
'------------ Variable Init -------------------
parUsername = QStrPar("FRuser")
parPassword = Session("RELEASEMANAGER_logininfo")
parReturn = QStrPar("rfile")
'----------------------------------------------
%>
<%
Function PassRequireChange ( SSusername )
Dim Query_String, rsTemp
Query_String = _
"SELECT * FROM users WHERE user_name='"& SSusername &"'"
Set rsTemp = OraDatabase.DbCreateDynaset( Query_String, cint(0))
If ((NOT rsTemp.BOF) AND (NOT rsTemp.EOF)) Then
If IsNull(rsTemp.Fields("user_password")) Then
PassRequireChange = TRUE
Else
'Password does not Require change
Call Destroy_All_Objects
Response.Redirect("message.asp?msg=400-1")
End If
End If
End Function
Sub Change_Password ( SSusername, SSPassword )
Dim rsTemp, Query_String
Query_String = _
"SELECT user_password FROM users WHERE user_name='"& SSusername &"'"
Set rsTemp = OraDatabase.CreateDynaset( Query_String, cint(0))
'update fields
rsTemp.Edit
rsTemp.Fields("user_password").Value = EnCrypt ( SSPassword )
rsTemp.Update
rsTemp.Close
Set rsTemp = nothing
End Sub
%>
<%
'------------ Process submition -------------------
If CBool(QStrPar("action")) AND (QStrPar("FRchangepass")) Then
'If EnCrypt( Request("FRpassc") ) <> parPassword Then
If Request("FRpassc") <> parPassword Then
' Password confirmation is incorrect
Call Destroy_All_Objects
Response.Redirect("message.asp?msg=401-7")
End If
If PassRequireChange ( parUsername ) Then
Call Change_Password ( parUsername, parPassword )
End If
' Now Login
Call Destroy_All_Objects
Response.Redirect( "login.asp?action=true&FRuser="& parUsername &"&rfile="& QStrPar("rfile") )
End If
%>
Release Manager
