1
0
Fork 0
Manager/pages/password.php

66 lines
2.7 KiB
PHP
Raw Normal View History

2020-08-02 02:44:32 +00:00
<?php
if($_SERVER['REQUEST_METHOD'] == 'POST') {
if(!isset($_SESSION['LOGIN']) || !isset($_SESSION['UUID'])) {
header('Location: index.php');
die();
}
2020-08-02 02:44:32 +00:00
include 'app/FormValidator.php';
$validator = new FormValidator(array(
2023-08-23 16:16:35 +00:00
'oldPassword' => array('required' => true, 'regex' => '/.{1,1000}/'),
'newPassword' => array('required' => true, 'regex' => '/.{1,1000}/'),
'newPasswordRepeat' => array('required' => true, 'regex' => '/.{1,1000}/')
));
2023-08-23 16:16:34 +00:00
if($validator->isValid($_POST)) {
if($_POST['newPasswordRepeat'] == $_POST['newPassword']) {
if(password_verify($_POST['oldPassword'], $_SESSION['PASSWORD'])) {
$hash = password_hash($NewPassword, PASSWORD_ARGON2ID);
$statement = $RUNTIME['PDO']->prepare('UPDATE auth SET passwordHash = :PasswordHash WHERE UUID = :PrincipalID');
$statement->execute(['PasswordHash' => $hash, 'PrincipalID' => $_SESSION['UUID']]);
$_SESSION['PASSWORD'] = $hash;
$_SESSION['pw_info'] = 'Neues Passwort gespeichert.';
}
else {
$_SESION['pw_info'] = 'Das alte Passwort ist nicht richtig!';
2020-08-02 02:44:32 +00:00
}
}
else {
$_SESSION['pw_info'] = 'Die neuen Passwörter stimmen nicht überein!';
}
}
else {
$_SESSION['pw_info'] = 'Bitte fülle das Formular vollständig aus.';
2020-08-02 02:44:32 +00:00
}
header('Location: index.php?page=password');
die();
2020-08-02 02:44:32 +00:00
}
$HTML->setHTMLTitle("Passwort ändern");
$HTML->importSeitenInhalt("profile.html");
2023-08-23 16:16:35 +00:00
include 'app/OpenSim.php';
$opensim = new OpenSim();
2020-08-04 10:08:41 +00:00
$PartnerName = "";
$PartnerUUID = $opensim->getPartner($_SESSION['UUID']);
if($PartnerUUID != null)$PartnerName = $opensim->getUserName($PartnerUUID);
2020-08-04 10:08:41 +00:00
$HTML->ReplaceSeitenInhalt("%%offlineIMSTATE%%", ' ');
$HTML->ReplaceSeitenInhalt("%%firstname%%", htmlspecialchars($_SESSION['FIRSTNAME']));
$HTML->ReplaceSeitenInhalt("%%lastname%%", htmlspecialchars($_SESSION['LASTNAME']));
$HTML->ReplaceSeitenInhalt("%%partner%%", htmlspecialchars($PartnerName));
$HTML->ReplaceSeitenInhalt("%%email%%", htmlspecialchars($opensim->getUserMail($_SESSION['UUID'])));
2023-08-23 16:16:34 +00:00
$HTML->ReplaceSeitenInhalt("%%listAllResidentsAsJSArray%%", "");
$pwInfo = '';
if(isset($_SESSION['pw_info'])) {
$pwInfo = $_SESSION['pw_info'];
unset($_SESSION['pw_info']);
2023-08-23 16:16:34 +00:00
}
$HTML->ReplaceSeitenInhalt("%%INFOMESSAGE%%", $pwInfo);
2020-08-02 02:44:32 +00:00
$HTML->build();
echo $HTML->ausgabe();
?>