source: trunk/admin/modules/Elezioni/ele_pwd.php@ 302

Last change on this file since 302 was 257, checked in by roby, 6 years ago
File size: 3.7 KB
Line 
1<?php
2
3/************************************************************************/
4/* Eleonline - Raccolta e diffusione dei dati elettorali */
5/* by Roberto Gigli & Luciano Apolito */
6/* http://www.eleonline.it */
7/* info@eleonline.it luciano@aniene.net rgigli@libero.it */
8/************************************************************************/
9/* Modulo cambio password amministrazione */
10/* Amministrazione */
11/************************************************************************/
12
13
14if (!defined('ADMIN_FILE')) {
15 die ("You can't access this file directly...");
16}
17global $dbi;
18$aid=$_SESSION['aid'];
19$prefix=$_SESSION['prefix'];
20$currentlang=$_SESSION['lang'];
21$id_comune=$_SESSION['id_comune'];
22$param=strtolower($_SERVER['REQUEST_METHOD']) == 'get' ? $_GET : $_POST;
23$id_cons_gen=$param['id_cons_gen'];
24$perms=ChiSei($id_cons_gen);
25
26
27if (isset($param['pwd1'])) get_magic_quotes_gpc() ? $pwd1=$param['pwd1']:$pwd1=addslashes($param['pwd1']); else $pwd1='';
28if (isset($param['pwd2'])) get_magic_quotes_gpc() ? $pwd2=$param['pwd2']:$pwd2=addslashes($param['pwd2']); else $pwd2='';
29if (isset($param['oldpwd'])) get_magic_quotes_gpc() ? $oldpwd=$param['oldpwd']:$oldpwd=addslashes($param['oldpwd']); else $oldpwd='';
30if (isset($param['op'])) get_magic_quotes_gpc() ? $op=$param['op']:$op=addslashes($param['op']); else $op='cambiopwd';
31if (isset($param['mex'])) $mex=intval($param['mex']); else $mex='';
32
33/*********************************************************/
34/* cambiopwd Functions */
35/*********************************************************/
36
37include("modules/Elezioni/ele.php");
38
39function cambiopwd() {
40 global $admin, $bgcolor1, $bgcolor2, $prefix, $dbi, $id_cons_gen, $op, $mex;
41 if ($mex==1)
42 echo "<center><font class=\"title\"><b>"._ERRPWD."</b></font></center><br>";
43 else
44 echo "<center><font class=\"title\"><b>"._CHGPWD."</b></font></center><br>";
45 echo "<br><br><table border=\"0\" width=\"100%\" ><tr>"
46 ."<td bgcolor=\"$bgcolor1\" align=\"center\"><b>"._OLDPWD."</b></td>"
47 ."<td bgcolor=\"$bgcolor1\" align=\"center\"><b>"._NEWPWD1."</b></td>"
48 ."<td bgcolor=\"$bgcolor1\" align=\"center\"><b>"._NEWPWD2."</b></td><td>&nbsp;</td></tr>";
49 echo "<form name=\"cngpwd\" action=\"admin.php\" method=\"post\" >";
50 echo "<tr>"
51 ."<td align=\"center\"> <input type=\"password\" name=\"oldpwd\" value=\"\"></td>"
52 ."<td align=\"center\"> <input type=\"password\" name=\"pwd1\" value=\"\"></td>"
53 ."<td align=\"center\"> <input type=\"password\" name=\"pwd2\" value=\"\"></td>";
54 echo "<input type=\"hidden\" name=\"id_cons_gen\" value=\"$id_cons_gen\">"
55 ."<input type=\"hidden\" name=\"op\" value=\"$op\">";
56 echo "<td align=\"center\"> <input type=\"submit\" value=\""._OK."\"></td>";
57 echo "</form>";
58
59 echo "</tr></table></center><br>";
60}
61
62function savepwd($oldpwd,$pwd1,$pwd2) {
63 global $prefix, $dbi,$id_cons_gen,$op;
64 $aid=$_SESSION['aid'];
65 if ($pwd1==$pwd2 and md5($oldpwd)==$_SESSION['pwd']) {
66 $sql="update ".$prefix."_authors set pwd='".md5($pwd1)."' WHERE aid='$aid' and pwd='".md5($oldpwd)."'";
67 $sth = $dbi->prepare("$sql");
68 $sth->execute();
69 $_SESSION['pwd']=md5($pwd1);
70 }else{
71 Header("Location: admin.php?op=$op&id_cons_gen=$id_cons_gen&mex=1");die();
72 }
73 Header("Location: admin.php?id_cons_gen=$id_cons_gen");
74}
75
76
77
78
79if ($oldpwd!='' and $pwd1!='') {
80 savepwd($oldpwd,$pwd1,$pwd2);
81} else {//die($pwdold."!=\'\' and ".$pwd1."!=\'\'");
82 ele();
83 cambiopwd();
84}
85echo"</td></tr></table>";
86include("footer.php");
87
88?>
Note: See TracBrowser for help on using the repository browser.