49 lines
1.5 KiB
PHP
49 lines
1.5 KiB
PHP
<?php require "../top.inc.php"; ?>
|
|
|
|
<p>
|
|
Vous pouvez ici changer le mot de passe permettant d'accéder à votre compte Niver.
|
|
</p>
|
|
|
|
<form method="post">
|
|
<label for="currentPassword">Mot de passe actuel</label><br>
|
|
<input required="" autocomplete="current-password" minlength="8" maxlength="1024" pattern="<?= PASSWORD_REGEX ?>" id="currentPassword" name="currentPassword" type="password" placeholder="************"><br>
|
|
|
|
<label for="newPassword">Nouveau mot de passe</label><br>
|
|
<input required="" autocomplete="new-password" minlength="8" maxlength="1024" pattern="<?= PASSWORD_REGEX ?>" id="newPassword" name="newPassword" type="password" placeholder="************"><br>
|
|
|
|
<input type="submit">
|
|
</form>
|
|
|
|
<?php
|
|
|
|
if (isset($_SESSION['username']) AND isset($_POST['newPassword']) AND isset($_POST['currentPassword'])) {
|
|
|
|
antiCSRF();
|
|
|
|
if (checkPassword($_SESSION['username'], $_POST['currentPassword'])) {
|
|
|
|
if (!checkPasswordFormat($_POST['newPassword']))
|
|
exit("Erreur : Le format du nouveau mot de passe n'est pas bon !");
|
|
|
|
$username = $_SESSION['username'];
|
|
$newPassword = password_hash($_POST['newPassword'], PASSWORD_DEFAULT);
|
|
|
|
$db = new PDO('sqlite:' . DB_PATH);
|
|
|
|
$stmt = $db->prepare("UPDATE users SET password = :password WHERE username = :username");
|
|
|
|
$stmt->bindParam(':username', $username);
|
|
$stmt->bindParam(':password', $newPassword);
|
|
|
|
$stmt->execute();
|
|
|
|
} else {
|
|
echo "<br>Le mot de passe actuel n'est pas bon !";
|
|
}
|
|
|
|
}
|
|
|
|
?>
|
|
|
|
<?php require "../bottom.inc.php"; ?>
|