1 files changed, 18 insertions, 2 deletions
diff --git a/index.php b/index.php
index 829d5513..0a778d08 100644
--- a/index.php
+++ b/index.php
@@ -25,9 +25,9 @@ $ref = empty($_SERVER['HTTP_REFERER']) ? '' : $_SERVER['HTTP_REFERER'];
 if (isset($_GET['login'])) {
    // Login
    if (!empty($_POST['login']) && !empty($_POST['password'])) {
-        if (Session::login('poche', 'poche', $_POST['login'], $_POST['password'])) {
+        if (Session::login($_SESSION['login'], $_SESSION['pass'], $_POST['login'], encode_string($_POST['password'] . $_POST['login']))) {
            logm('login successful');
-            $msg->add('s', 'welcome in your pocket!');
+            $msg->add('s', 'welcome in your poche!');
            if (!empty($_POST['longlastingsession'])) {
                $_SESSION['longlastingsession'] = 31536000;
                $_SESSION['expires_on'] = time() + $_SESSION['longlastingsession'];
@@ -50,6 +50,22 @@ elseif (isset($_GET['logout'])) {
    Session::logout();
    MyTool::redirect();
 }
+elseif  (isset($_GET['config'])) {
+    if (isset($_POST['password']) && isset($_POST['password_repeat'])) {
+        if ($_POST['password'] == $_POST['password_repeat'] && $_POST['password'] != "") {
+            logm('password updated');
+            if (!DEMO) {
+                $store->updatePassword(encode_string($_POST['password'] . $_SESSION['login']));
+                $msg->add('s', 'your password has been updated');
+            }
+            else {
+                $msg->add('i', 'in demo mode, you can\'t update password');
+            }
+        }
+        else
+            $msg->add('e', 'your password can\'t be empty and you have to repeat it in the second field');
+    }
+}
 # Traitement des paramètres et déclenchement des actions
 $view               = (isset ($_REQUEST['view'])) ? htmlentities($_REQUEST['view']) : 'index';

diff --git a/index.php b/index.php index 829d5513..0a778d08 100644 --- a/index.php +++ b/index.php
@@ -25,9 +25,9 @@ $ref = empty($_SERVER['HTTP_REFERER']) ? '' : $_SERVER['HTTP_REFERER'];
25	if (isset($_GET['login'])) {	25	if (isset($_GET['login'])) {
26	// Login	26	// Login
27	if (!empty($_POST['login']) && !empty($_POST['password'])) {	27	if (!empty($_POST['login']) && !empty($_POST['password'])) {
28	if (Session::login('poche', 'poche', $_POST['login'], $_POST['password'])) {	28	if (Session::login($_SESSION['login'], $_SESSION['pass'], $_POST['login'], encode_string($_POST['password'] . $_POST['login']))) {
29	logm('login successful');	29	logm('login successful');
30	$msg->add('s', 'welcome in your pocket!');	30	$msg->add('s', 'welcome in your poche!');
31	if (!empty($_POST['longlastingsession'])) {	31	if (!empty($_POST['longlastingsession'])) {
32	$_SESSION['longlastingsession'] = 31536000;	32	$_SESSION['longlastingsession'] = 31536000;
33	$_SESSION['expires_on'] = time() + $_SESSION['longlastingsession'];	33	$_SESSION['expires_on'] = time() + $_SESSION['longlastingsession'];
@@ -50,6 +50,22 @@ elseif (isset($_GET['logout'])) {
50	Session::logout();	50	Session::logout();
51	MyTool::redirect();	51	MyTool::redirect();
52	}	52	}
		53	elseif (isset($_GET['config'])) {
		54	if (isset($_POST['password']) && isset($_POST['password_repeat'])) {
		55	if ($_POST['password'] == $_POST['password_repeat'] && $_POST['password'] != "") {
		56	logm('password updated');
		57	if (!DEMO) {
		58	$store->updatePassword(encode_string($_POST['password'] . $_SESSION['login']));
		59	$msg->add('s', 'your password has been updated');
		60	}
		61	else {
		62	$msg->add('i', 'in demo mode, you can\'t update password');
		63	}
		64	}
		65	else
		66	$msg->add('e', 'your password can\'t be empty and you have to repeat it in the second field');
		67	}
		68	}
53		69
54	# Traitement des paramètres et déclenchement des actions	70	# Traitement des paramètres et déclenchement des actions
55	$view = (isset ($_REQUEST['view'])) ? htmlentities($_REQUEST['view']) : 'index';	71	$view = (isset ($_REQUEST['view'])) ? htmlentities($_REQUEST['view']) : 'index';