[platal.git] / htdocs / motdepasse.php

<?php
/***************************************************************************
 *  Copyright (C) 2003-2006 Polytechnique.org                              *
 *  http://opensource.polytechnique.org/                                   *
 *                                                                         *
 *  This program is free software; you can redistribute it and/or modify   *
 *  it under the terms of the GNU General Public License as published by   *
 *  the Free Software Foundation; either version 2 of the License, or      *
 *  (at your option) any later version.                                    *
 *                                                                         *
 *  This program is distributed in the hope that it will be useful,        *
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of         *
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the          *
 *  GNU General Public License for more details.                           *
 *                                                                         *
 *  You should have received a copy of the GNU General Public License      *
 *  along with this program; if not, write to the Free Software            *
 *  Foundation, Inc.,                                                      *
 *  59 Temple Place, Suite 330, Boston, MA  02111-1307  USA                *
 ***************************************************************************/

require_once('xorg.inc.php');

if (Post::has('response2'))  {
    require_once('secure_hash.inc.php');
    if (hash_encrypt($_SESSION['password'].":".$_SESSION['session']->challenge) != Post::get('response')) {
        new_skinned_page('motdepasse.tpl', AUTH_MDP);
        $page->addJsLink('javascript/motdepasse.js');
        $page->assign('xorg_title','Polytechnique.org - Mon mot de passe');
        $page->trig('Ancien mot de passe erronn�');
        $page->run();
    }
    $password = hash_xor(Post::get('response2'), $_SESSION['password']);
    $_SESSION['password'] = $password;
    
    $globals->xdb->execute('UPDATE auth_user_md5 SET password={?} WHERE user_id={?}', $password, Session::getInt('uid'));
    
    $log =& Session::getMixed('log');
    $log->log('passwd', '');

    if (Cookie::get('ORGaccess')) {
        setcookie('ORGaccess', hash_encrypt($password), (time()+25920000), '/', '' ,0);
    }

    new_skinned_page('motdepasse.success.tpl', AUTH_MDP);
    $page->run();
}

new_skinned_page('motdepasse.tpl', AUTH_MDP);
$page->addJsLink('javascript/motdepasse.js');
$page->assign('xorg_title','Polytechnique.org - Mon mot de passe');
$page->run();
?>
Commit	Line	Data
0337d704	1	<?php
0337d704	2	/***************************************************************************
50a40a33	3	* Copyright (C) 2003-2006 Polytechnique.org *
0337d704	4	* http://opensource.polytechnique.org/ *
	5	* *
	6	* This program is free software; you can redistribute it and/or modify *
	7	* it under the terms of the GNU General Public License as published by *
	8	* the Free Software Foundation; either version 2 of the License, or *
	9	* (at your option) any later version. *
	10	* *
	11	* This program is distributed in the hope that it will be useful, *
	12	* but WITHOUT ANY WARRANTY; without even the implied warranty of *
	13	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
	14	* GNU General Public License for more details. *
	15	* *
	16	* You should have received a copy of the GNU General Public License *
	17	* along with this program; if not, write to the Free Software *
	18	* Foundation, Inc., *
	19	* 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *
	20	***************************************************************************/
	21
	22	require_once('xorg.inc.php');
	23
9deb52b6	24	if (Post::has('response2')) {
46bde4d1	25	require_once('secure_hash.inc.php');
9deb52b6	26	if (hash_encrypt($_SESSION['password'].":".$_SESSION['session']->challenge) != Post::get('response')) {
	27	new_skinned_page('motdepasse.tpl', AUTH_MDP);
	28	$page->addJsLink('javascript/motdepasse.js');
	29	$page->assign('xorg_title','Polytechnique.org - Mon mot de passe');
	30	$page->trig('Ancien mot de passe erronn�');
	31	$page->run();
	32	}
	33	$password = hash_xor(Post::get('response2'), $_SESSION['password']);
	34	$_SESSION['password'] = $password;
0337d704	35
	36	$globals->xdb->execute('UPDATE auth_user_md5 SET password={?} WHERE user_id={?}', $password, Session::getInt('uid'));
	37
	38	$log =& Session::getMixed('log');
	39	$log->log('passwd', '');
	40
	41	if (Cookie::get('ORGaccess')) {
46bde4d1	42	setcookie('ORGaccess', hash_encrypt($password), (time()+25920000), '/', '' ,0);
0337d704	43	}
0337d704	44
46bde4d1	45	new_skinned_page('motdepasse.success.tpl', AUTH_MDP);
0337d704	46	$page->run();
	47	}
	48
46bde4d1	49	new_skinned_page('motdepasse.tpl', AUTH_MDP);
46bde4d1	50	$page->addJsLink('javascript/motdepasse.js');
d9a33f98	51	$page->assign('xorg_title','Polytechnique.org - Mon mot de passe');
0337d704	52	$page->run();
0337d704	53	?>