40 lines
1.3 KiB
PHP
40 lines
1.3 KiB
PHP
<?php require "../../common/html.php"; ?>
|
|
|
|
<p>
|
|
Vous pouvez ici changer le mot de passe permettant d'accéder à votre compte Niver.
|
|
</p>
|
|
|
|
<form method="post">
|
|
<label for="currentPassword">Mot de passe actuel</label><br>
|
|
<input required="" autocomplete="current-password" minlength="8" maxlength="1024" pattern="<?= PASSWORD_REGEX ?>" id="currentPassword" name="currentPassword" type="password" placeholder="************"><br>
|
|
|
|
<label for="newPassword">Nouveau mot de passe</label><br>
|
|
<input required="" autocomplete="new-password" minlength="8" maxlength="1024" pattern="<?= PASSWORD_REGEX ?>" id="newPassword" name="newPassword" type="password" placeholder="************"><br>
|
|
|
|
<input type="submit">
|
|
</form>
|
|
|
|
<?php
|
|
|
|
if (isset($_SESSION['username']) AND isset($_POST['newPassword']) AND isset($_POST['currentPassword'])) {
|
|
|
|
checkPasswordFormat($_POST['newPassword']);
|
|
|
|
if (checkPassword($_SESSION['username'], $_POST['currentPassword']) !== true)
|
|
userError("Changement impossible : clé de passe invalide.");
|
|
|
|
$newPassword = hashPassword($_POST['newPassword']);
|
|
|
|
$db = new PDO('sqlite:' . DB_PATH);
|
|
|
|
$stmt = $db->prepare("UPDATE users SET password = :password WHERE username = :username");
|
|
|
|
$stmt->bindParam(':username', $_SESSION['username']);
|
|
$stmt->bindParam(':password', $newPassword);
|
|
|
|
$stmt->execute();
|
|
}
|
|
|
|
?>
|
|
|
|
<?php closeHTML(); ?>
|