1 | <?php
|
---|
2 |
|
---|
3 | /************************************************************************/
|
---|
4 | /* Eleonline - Raccolta e diffusione dei dati elettorali */
|
---|
5 | /* by Roberto Gigli & Luciano Apolito */
|
---|
6 | /* http://www.eleonline.it */
|
---|
7 | /* info@eleonline.it luciano@aniene.net rgigli@libero.it */
|
---|
8 | /************************************************************************/
|
---|
9 | /* Modulo cambio password amministrazione */
|
---|
10 | /* Amministrazione */
|
---|
11 | /************************************************************************/
|
---|
12 |
|
---|
13 |
|
---|
14 | if (!defined('ADMIN_FILE')) {
|
---|
15 | die ("You can't access this file directly...");
|
---|
16 | }
|
---|
17 | global $dbi;
|
---|
18 | $aid=$_SESSION['aid'];
|
---|
19 | $prefix=$_SESSION['prefix'];
|
---|
20 | $currentlang=$_SESSION['lang'];
|
---|
21 | $id_comune=$_SESSION['id_comune'];
|
---|
22 | $param=strtolower($_SERVER['REQUEST_METHOD']) == 'get' ? $_GET : $_POST;
|
---|
23 | $id_cons_gen=$param['id_cons_gen'];
|
---|
24 | $perms=ChiSei($id_cons_gen);
|
---|
25 |
|
---|
26 |
|
---|
27 | if (isset($param['pwd1'])) get_magic_quotes_gpc() ? $pwd1=$param['pwd1']:$pwd1=addslashes($param['pwd1']); else $pwd1='';
|
---|
28 | if (isset($param['pwd2'])) get_magic_quotes_gpc() ? $pwd2=$param['pwd2']:$pwd2=addslashes($param['pwd2']); else $pwd2='';
|
---|
29 | if (isset($param['oldpwd'])) get_magic_quotes_gpc() ? $oldpwd=$param['oldpwd']:$oldpwd=addslashes($param['oldpwd']); else $oldpwd='';
|
---|
30 | if (isset($param['op'])) get_magic_quotes_gpc() ? $op=$param['op']:$op=addslashes($param['op']); else $op='cambiopwd';
|
---|
31 | if (isset($param['mex'])) $mex=intval($param['mex']); else $mex='';
|
---|
32 |
|
---|
33 | /*********************************************************/
|
---|
34 | /* cambiopwd Functions */
|
---|
35 | /*********************************************************/
|
---|
36 |
|
---|
37 | include("modules/Elezioni/ele.php");
|
---|
38 |
|
---|
39 | function cambiopwd() {
|
---|
40 | global $admin, $bgcolor1, $bgcolor2, $prefix, $dbi, $id_cons_gen, $op, $mex;
|
---|
41 | if ($mex==1)
|
---|
42 | echo "<center><font class=\"title\"><b>"._ERRPWD."</b></font></center><br>";
|
---|
43 | else
|
---|
44 | echo "<center><font class=\"title\"><b>"._CHGPWD."</b></font></center><br>";
|
---|
45 | echo "<br><br><table border=\"0\" width=\"100%\" ><tr>"
|
---|
46 | ."<td bgcolor=\"$bgcolor1\" align=\"center\"><b>"._OLDPWD."</b></td>"
|
---|
47 | ."<td bgcolor=\"$bgcolor1\" align=\"center\"><b>"._NEWPWD1."</b></td>"
|
---|
48 | ."<td bgcolor=\"$bgcolor1\" align=\"center\"><b>"._NEWPWD2."</b></td><td> </td></tr>";
|
---|
49 | echo "<form name=\"cngpwd\" action=\"admin.php\" method=\"post\" >";
|
---|
50 | echo "<tr>"
|
---|
51 | ."<td align=\"center\"> <input type=\"password\" name=\"oldpwd\" value=\"\"></td>"
|
---|
52 | ."<td align=\"center\"> <input type=\"password\" name=\"pwd1\" value=\"\"></td>"
|
---|
53 | ."<td align=\"center\"> <input type=\"password\" name=\"pwd2\" value=\"\"></td>";
|
---|
54 | echo "<input type=\"hidden\" name=\"id_cons_gen\" value=\"$id_cons_gen\">"
|
---|
55 | ."<input type=\"hidden\" name=\"op\" value=\"$op\">";
|
---|
56 | echo "<td align=\"center\"> <input type=\"submit\" value=\""._OK."\"></td>";
|
---|
57 | echo "</form>";
|
---|
58 |
|
---|
59 | echo "</tr></table></center><br>";
|
---|
60 | }
|
---|
61 |
|
---|
62 | function savepwd($oldpwd,$pwd1,$pwd2) {
|
---|
63 | global $prefix, $dbi,$id_cons_gen,$op;
|
---|
64 | $aid=$_SESSION['aid'];
|
---|
65 | if ($pwd1==$pwd2 and md5($oldpwd)==$_SESSION['pwd']) {
|
---|
66 | $sql="update ".$prefix."_authors set pwd='".md5($pwd1)."' WHERE aid='$aid' and pwd='".md5($oldpwd)."'";
|
---|
67 | $sth = $dbi->prepare("$sql");
|
---|
68 | $sth->execute();
|
---|
69 | $_SESSION['pwd']=md5($pwd1);
|
---|
70 | }else{
|
---|
71 | Header("Location: admin.php?op=$op&id_cons_gen=$id_cons_gen&mex=1");die();
|
---|
72 | }
|
---|
73 | Header("Location: admin.php?id_cons_gen=$id_cons_gen");
|
---|
74 | }
|
---|
75 |
|
---|
76 |
|
---|
77 |
|
---|
78 |
|
---|
79 | if ($oldpwd!='' and $pwd1!='') {
|
---|
80 | savepwd($oldpwd,$pwd1,$pwd2);
|
---|
81 | } else {//die($pwdold."!=\'\' and ".$pwd1."!=\'\'");
|
---|
82 | ele();
|
---|
83 | cambiopwd();
|
---|
84 | }
|
---|
85 | echo"</td></tr></table>";
|
---|
86 | include("footer.php");
|
---|
87 |
|
---|
88 | ?>
|
---|