92 lines
2.9 KiB
PHP
Executable File
92 lines
2.9 KiB
PHP
Executable File
<?php
|
|
header("Expires: Mon, 12 Jul 1995 05:00:00 GMT");
|
|
header("Last-Modified: " . gmdate("D, d M Y H.i:s") . " GMT");
|
|
header("Cache-Control: no-store, no-cache, must-revalidate");
|
|
header("Cache-Control: post-check=0, pre-check=0", false);
|
|
header("Pragma: no-cache");
|
|
$verz = "upload/"; // relatives Uploadverzeichnis (relativ zum 'Spassworddort' dieser Datei, wohin die Dateien kopiert werden sollen
|
|
|
|
## INDEX gegen DB
|
|
if(!isset($_SESSION)) { session_start(); }
|
|
|
|
include_once '../classes/TestProjektSmarty.class_subdir.php';
|
|
require_once("../config.inc.php");
|
|
require_once("../config/datenbankanbindung.php");
|
|
require_once("../func_get_parameter.php");
|
|
require_once("../config/func_cryption.php");
|
|
$smarty = new SmartyAdmin();
|
|
$templatename = substr(basename($_SERVER['PHP_SELF']), 0, -3) . "html";
|
|
require_once "../language/german.inc.php";
|
|
|
|
|
|
$action = $_GET['action'];
|
|
if ($action == '') {
|
|
$mail = cryption($_GET["confirmationCode"], 'd');
|
|
|
|
#Code prüfen
|
|
$result = $db->query("SELECT count(*) Anz
|
|
FROM bpm_dienststellen
|
|
WHERE mail = '$mail'
|
|
AND mail_reset > DATE_SUB(now(), INTERVAL 24 HOUR)
|
|
AND mail_reset != '0000-00-00 00:00:00'
|
|
");
|
|
$row = $result->fetch_array();
|
|
|
|
if ($row['Anz'] == 0) {
|
|
$smarty->assign('index_error', 1);
|
|
$smarty->assign('index_error_text', "Der Link ist ungültig");
|
|
}
|
|
$_SESSION["reset_mail"] = $mail;
|
|
$_SESSION["reset_cfCode"] = $_GET["confirmationCode"];
|
|
|
|
if (isset($_GET['error'])) {
|
|
|
|
$errorno = $_GET['error'];
|
|
|
|
$smarty->assign('index_error', 1);
|
|
|
|
|
|
if ($errorno == 1) {
|
|
# ungültiges Datum
|
|
$smarty->assign('index_error_text', "Es müssen alle Felder ausgefüllt werden!");
|
|
}
|
|
if ($errorno == 2) {
|
|
# ungültiges Datum
|
|
$smarty->assign('index_error_text', "Das eingegebene Passwort stimmt nicht mit der Passwortwiederholung überein!");
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if ($action == 'pwback') {
|
|
$pwd = $_POST['resetpwd'];
|
|
$pwd_wied = $_POST['resetpwd_wied'];
|
|
$mail = $_SESSION["reset_mail"];
|
|
$cfCode = urlencode($_SESSION["reset_cfCode"]);
|
|
|
|
if($pwd == '' or $pwd_wied == ''){
|
|
echo "<meta http-equiv=\"refresh\" content=\"0; URL=" . $_SERVER['PHP_SELF'] . "?&error=1&confirmationCode=$cfCode\">";
|
|
exit;
|
|
}
|
|
|
|
|
|
if($pwd != $pwd_wied){
|
|
echo "<meta http-equiv=\"refresh\" content=\"0; URL=" . $_SERVER['PHP_SELF'] . "?error=2confirmationCode=$cfCode\">";
|
|
exit;
|
|
}
|
|
|
|
$pwd_md5 = md5($pwd);
|
|
$result = $db->query("UPDATE bpm_dienststellen
|
|
SET pwd = '$pwd_md5'
|
|
,mail_reset = '0000-00-00 00:00:00'
|
|
WHERE mail = '$mail'
|
|
");
|
|
}
|
|
|
|
|
|
|
|
$smarty->assign('action', "$action");
|
|
$smarty->display("$template/praxisstelle/$templatename");
|
|
?>
|