Initial commit
This commit is contained in:
101
passwort_switch.php
Normal file
101
passwort_switch.php
Normal file
@ -0,0 +1,101 @@
|
||||
<?php
|
||||
/*
|
||||
# Fuer debugging
|
||||
error_reporting(E_ALL);
|
||||
ini_set('display_errors', 1);
|
||||
#echo __LINE__."<br>";
|
||||
*/
|
||||
|
||||
include_once 'classes/lg-on_Smarty.class.php';
|
||||
$smarty = new lgon_Smarty();
|
||||
require_once("config.inc.php");
|
||||
$templatename = substr(basename($_SERVER['PHP_SELF']),0,-3)."html";
|
||||
require_once "language/german.inc.php";
|
||||
|
||||
if(isset($_GET['action'])){
|
||||
$action = $_GET['action'];
|
||||
}else{
|
||||
$action = '';
|
||||
}
|
||||
if($action == ''){
|
||||
$db = dbconnect();
|
||||
$result = $db->query("SELECT nachname, vorname FROM admin where user=\"$user_admin\"");
|
||||
$row = $result->fetch_array();
|
||||
$name = "$row[vorname] $row[nachname]";
|
||||
$smarty->assign('pass_switch_name', "$name");
|
||||
|
||||
}
|
||||
|
||||
if($action == 'wechsel'){
|
||||
|
||||
$db = dbconnect();
|
||||
$result = $db->query("SELECT passwort FROM admin where user=\"$user_admin\"");
|
||||
$row = $result->fetch_array();
|
||||
|
||||
if (empty($_POST['pw_alt']) or empty($_POST['pw_neu']) or empty($_POST['pw_wied']))
|
||||
{
|
||||
$smarty->assign('pass_switch_noinput', "1");
|
||||
}else{
|
||||
// Eingaben überpfüfen <script usw darf nicht drin stehen...
|
||||
$pw_alt=$_POST['pw_alt'];
|
||||
$pw_neu=$_POST['pw_neu'];
|
||||
$pw_wied=$_POST['pw_wied'];
|
||||
}
|
||||
|
||||
dbconnect ();
|
||||
|
||||
$pw_md5_neu = md5($pw_neu); // passwort md-5 codieren
|
||||
$result2 = $db->query("SELECT 1
|
||||
FROM passwd_log
|
||||
WHERE USER = '$user_admin'
|
||||
AND passwort = '$pw_md5_neu'
|
||||
ORDER BY datum DESC
|
||||
LIMIT 0 , 7
|
||||
");
|
||||
$row2 = $result2->fetch_array();
|
||||
|
||||
if (md5($pw_alt) != $row['passwort']){
|
||||
$smarty->assign('pass_switch_invalid', "1");
|
||||
}
|
||||
elseif ($pw_neu != $pw_wied){
|
||||
$smarty->assign('pass_switch_uneven', "1");
|
||||
}
|
||||
elseif (strlen($pw_neu) < 6){
|
||||
$smarty->assign('pass_switch_strlen', "1");
|
||||
}
|
||||
elseif ($pw_neu == $user_admin){
|
||||
$smarty->assign('pass_switch_evenusername', "1");
|
||||
}
|
||||
elseif ($row2[0] == 1 or $pw_neu == $row['passwort'] or $pw_neu == $pw_alt){
|
||||
$smarty->assign('pass_switch_repeat', "1");
|
||||
}else{
|
||||
|
||||
$datum=date("Y-m-d H:i:s");
|
||||
$sql = $db->query( "INSERT INTO passwd_log (user, passwort, datum) VALUES ('$user_admin', '$row[passwort]', '$datum') " );
|
||||
|
||||
$result1 = $db->query("SELECT pwid
|
||||
FROM passwd_log
|
||||
WHERE USER = '$user_admin'
|
||||
ORDER BY datum DESC
|
||||
LIMIT 7 , 100
|
||||
");
|
||||
#Nicht mehr als 7 in passwd_log vorhalten
|
||||
while ($row1 = $result1->fetch_array()){
|
||||
$sql1 = $db->query( "DELETE FROM passwd_log WHERE user = '$user_admin' AND pwid='$row1[pwid]'" );
|
||||
}
|
||||
|
||||
$result = $db->query("SELECT distinct DATE_ADD(NOW(), INTERVAL 1 MONTH) exp_date
|
||||
FROM admin
|
||||
WHERE user ='$user_admin'
|
||||
");
|
||||
$row = $result->fetch_array();
|
||||
|
||||
$sql = $db->query( "UPDATE admin SET passwort='$pw_md5_neu', pw_expire='$row[exp_date]' WHERE user='$user_admin'" );
|
||||
$smarty->assign('pass_switch_login', "1");
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
$smarty->assign('action', "$action");
|
||||
$smarty->display("$template/$templatename");
|
||||
?>
|
||||
Reference in New Issue
Block a user