2 files changed, 32 insertions, 5 deletions

diff --git a/index.php b/index.php
index 1522a2ec..91d0b304 100644
--- a/index.php
+++ b/index.php
@@ -25,11 +25,6 @@ $ref = empty($_SERVER['HTTP_REFERER']) ? '' : $_SERVER['HTTP_REFERER'];
 if (isset($_GET['login'])) {
     // Login
     if (!empty($_POST['login']) && !empty($_POST['password'])) {
-// echo $_SESSION['login']."<br>";
-// echo $_SESSION['pass']."<br>";
-// echo $_POST['login']."<br>";
-// echo encode_string($_POST['password'] . $_POST['login']);
-//         die;
         if (Session::login($_SESSION['login'], $_SESSION['pass'], $_POST['login'], encode_string($_POST['password'] . $_POST['login']))) {
             logm('login successful');
             $msg->add('s', 'welcome in your poche!');
@@ -55,6 +50,19 @@ elseif (isset($_GET['logout'])) {
     Session::logout();
     MyTool::redirect();
 }
+elseif  (isset($_GET['config'])) {
+    if (isset($_POST['password']) && isset($_POST['password_repeat'])) {
+        if ($_POST['password'] == $_POST['password_repeat'] && $_POST['password'] != "") {
+            logm('password updated');
+            $store->updatePassword(encode_string($_POST['password'] . $_SESSION['login']));
+            $msg->add('s', 'your password has been updated');
+        }
+        else
+            $msg->add('e', 'your password can\'t be empty and you have to repeat it in the second field');
+    }
+    else
+        $msg->add('e', 'error in your password update');
+}
 
 # Traitement des paramètres et déclenchement des actions
 $view               = (isset ($_REQUEST['view'])) ? htmlentities($_REQUEST['view']) : 'index';
diff --git a/tpl/config.html b/tpl/config.html
index 7d1c6afe..1100d455 100644
--- a/tpl/config.html
+++ b/tpl/config.html
@@ -3,6 +3,25 @@
                 <p>Thanks to the bookmarklet, you will be able to easily add a link to your poche. If you don't know how use a bookmarklet, <a href="http://support.mozilla.org/en-US/kb/bookmarklets-perform-common-web-page-tasks">have a look here</a>.</p>
                 <p>Drag & drop this link to your bookmarks bar and have fun with poche.</p>
                 <p><a style="cursor: move; border: 1px dashed grey; background: white;" title="i am a bookmarklet, use me !" href="javascript:(function(){var%20url%20=%20location.href%20||%20url;window.open('{$poche_url}?action=add&url='%20+%20encodeURIComponent(url),'_self');})();">poche it !</a></p>
+
+                <h2>Password</h2>
+                    <form method="post" action="?config" name="loginform">
+                        <fieldset class="w500p">
+                            <div class="row">
+                                <label class="col w150p" for="password">New password</label>
+                                <input class="col" type="password" id="password" name="password" placeholder="Password" tabindex="2">
+                            </div>
+                            <div class="row">
+                                <label class="col w150p" for="password_repeat">Repeat your new password</label>
+                                <input class="col" type="password" id="password_repeat" name="password_repeat" placeholder="Password" tabindex="3">
+                            </div>
+                            <div class="row mts txtcenter">
+                                <button class="bouton" type="submit" tabindex="4">Update</button>
+                            </div>
+                        </fieldset>
+                        <input type="hidden" name="returnurl" value="<?php echo htmlspecialchars($referer);?>">
+                        <input type="hidden" name="token" value="<?php echo Session::getToken(); ?>">
+                    </form>
                 <h2>Export</h2>
                 <p><a href="?view=export" target="_blank">Click here</a> to export your poche datas.</p>
             </div>
\ No newline at end of file