File "password.php"
Full Path: /home/analogde/www/RaspBerry/Dev/Raspberry/Serrure/password.php
File size: 3.73 KB
MIME-type: text/x-php
Charset: utf-8
<?php
session_start();
error_reporting(0);
if($_SESSION['logged']== "no")
{
header ('Location: interdiction.php');
}
$message = "";
$tag = "";
$site = $_SERVER["SERVER_NAME"];
if( ($site == "localhost") || ($site == "127.0.0.1") )
{
$db_host = "localhost";
$db_user = "root";
$db_pass = "";
$db_name = "projet";
}
else {
$db_host = "sql2";
$db_user = "analogde";
$db_pass = "rainbow";
$db_name = "analogde";
}
$connexion = mysql_connect($db_host,$db_user,$db_pass);
if(!$connexion)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db($db_name, $connexion);
if( isset($_POST['btn_valider']) && !empty($_POST['btn_valider']) )
{
if ((isset($_POST['pass1']) && !empty($_POST['pass1'])) && (isset($_POST['pass2']) && !empty($_POST['pass2'])))
{
$pass1 = $_POST['pass1'];
$pass2 = $_POST['pass2'];
$chiffres = "/[0-9]/";
if(!preg_match($chiffres, $pass1))
{
$message = "Seulement des chiffres !";
}
else
{
if($pass1 == $pass2)
{
if(strlen($pass1) != 6)
{
$message = "Top court";
}
else {
$message = "Le code a été changé dans la base de donnée.";
$tag = "ok";
/*mysql_query("UPDATE raspberry SET password='$hash'");*/
$query = "UPDATE raspberry SET password='$pass1' WHERE id=0";
mysql_query($query);
mysql_close();
}
}
else { $message = "Ne sont pas identiques";
}
}
}
else
{
$message = 'Au moins un des champs est vide.';
}
}
/*If ($_POST['action'] == "setPassword"){
$password1 = $_POST['password1'];
$password2 = $_POST['password2'];
If ($password1 != $password2){
header('Location: control.php');
}
$password = mysql_real_escape_string($_POST['password1']);
If (strlen($password) > 28){
mysql_close();
header('location: control.php');
}
$resetQuery = "SELECT username, salt FROM users WHERE username = 'admin';";
$resetResult = mysql_query($resetQuery);
If (mysql_num_rows($resetResult) < 1){
mysql_close();
header('location: control.php');
}
$resetData = mysql_fetch_array($resetResult, MYSQL_ASSOC);
$resetHash = hash('sha256', $salt . hash('sha256', $password));
$hash = hash('sha256', $password);
function createSalt(){
$string = md5(uniqid(rand(), true));
return substr($string, 0, 8);
}
$salt = createSalt();
$hash = hash('sha256', $salt . $hash);
mysql_query("UPDATE users SET salt='$salt' WHERE username='admin'");
mysql_query("UPDATE users SET password='$hash' WHERE username='admin'");
mysql_close();
header('location: control.php');*/
// echo '<div id="message_traitement" style="display:block">Votre nouveau password viens d\'être pris en compte par le serveur.</div>';
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="fr" lang="fr" dir="ltr">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>On going ...</title>
</head>
<body>
<form name="changement" method="post" action="password.php">
Nouveau password : <input type="password" name="pass1" maxlength="6" value="" />
Confirmation : <input type="password" name="pass2" maxlength="6" value="" />
<input type="submit" name="btn_valider" value="Valider"/>
</form>
</body>
</html>
<?php
echo '<a href="gestion_systeme.php">Annuler ...</a>';
echo "<br><br>";
if(isset($message) && !empty($message) )
{ echo '<br /><br />',$message;
if($tag == "ok")
{ echo '<br /><br />';
echo '<a href="index.php">Retour ...</a>';
}
}
?>