2016-05-29 17:38:43 +02:00
|
|
|
<?php
|
|
|
|
|
|
|
|
|
|
function Status($message, $level='success', $dismissable=true) {
|
|
|
|
|
$status = '<div class="alert alert-'.$level;
|
|
|
|
|
if ($dismissable) $status .= ' alert-dismissable';
|
|
|
|
|
$status .= '">'.$message;
|
|
|
|
|
if ($dismissable) $status .= '<button type="button" class="close" data-dismiss="alert" aria-hidden="true">x</button>';
|
|
|
|
|
$status .= '</div>';
|
|
|
|
|
|
|
|
|
|
return $status;
|
|
|
|
|
}
|
|
|
|
|
|
2016-06-14 13:05:39 +02:00
|
|
|
function DisplayAuthConfig($username, $password){
|
2016-06-26 18:25:59 +02:00
|
|
|
$status = '';
|
|
|
|
|
if (isset($_POST['UpdateAdminPassword'])) {
|
|
|
|
|
if (CSRFValidate()) {
|
|
|
|
|
if (password_verify($_POST['oldpass'], $password)) {
|
2016-06-24 23:39:39 +02:00
|
|
|
$new_username=trim($_POST['username']);
|
|
|
|
|
if ($_POST['newpass'] != $_POST['newpassagain']) {
|
|
|
|
|
$status = Status('New passwords do not match', 'danger');
|
|
|
|
|
} else if ($new_username == '') {
|
|
|
|
|
$status = Status('Username must not be empty', 'danger');
|
2016-05-29 17:38:43 +02:00
|
|
|
} else {
|
2016-06-24 23:39:39 +02:00
|
|
|
if ($auth_file = fopen(RASPI_ADMIN_DETAILS, 'w')) {
|
|
|
|
|
fwrite($auth_file, $new_username.PHP_EOL);
|
|
|
|
|
fwrite($auth_file, password_hash($_POST['newpass'], PASSWORD_BCRYPT).PHP_EOL);
|
|
|
|
|
fclose($auth_file);
|
|
|
|
|
$username = $new_username;
|
|
|
|
|
$status = Status('Admin password updated');
|
|
|
|
|
} else {
|
|
|
|
|
$status = Status('Failed to update admin password', 'danger');
|
|
|
|
|
}
|
2016-05-29 17:38:43 +02:00
|
|
|
}
|
2016-06-24 23:39:39 +02:00
|
|
|
} else {
|
|
|
|
|
$status = Status('Old password does not match', 'danger');
|
2016-05-29 17:38:43 +02:00
|
|
|
}
|
2016-06-24 23:39:39 +02:00
|
|
|
} else {
|
2016-06-26 18:25:59 +02:00
|
|
|
error_log('CSRF violation');
|
2016-06-24 23:39:39 +02:00
|
|
|
}
|
2016-05-29 17:38:43 +02:00
|
|
|
}
|
|
|
|
|
?>
|
|
|
|
|
<div class="row">
|
|
|
|
|
<div class="col-lg-12">
|
|
|
|
|
<div class="panel panel-primary">
|
2016-06-14 13:05:39 +02:00
|
|
|
<div class="panel-heading"><i class="fa fa-lock fa-fw"></i>Configure Auth</div>
|
2016-05-29 17:38:43 +02:00
|
|
|
<div class="panel-body">
|
|
|
|
|
<p><?php echo $status; ?></p>
|
2016-06-26 18:25:59 +02:00
|
|
|
<form role="form" action="/?page=auth_conf" method="POST">
|
|
|
|
|
<?php CSRFToken() ?>
|
2016-05-29 17:38:43 +02:00
|
|
|
<div class="row">
|
|
|
|
|
<div class="form-group col-md-4">
|
|
|
|
|
<label for="username">Username</label>
|
|
|
|
|
<input type="text" class="form-control" name="username" value="<?php echo $username; ?>"/>
|
|
|
|
|
</div>
|
|
|
|
|
</div>
|
|
|
|
|
<div class="row">
|
|
|
|
|
<div class="form-group col-md-4">
|
|
|
|
|
<label for="password">Old password</label>
|
|
|
|
|
<input type="password" class="form-control" name="oldpass"/>
|
|
|
|
|
</div>
|
|
|
|
|
</div>
|
|
|
|
|
<div class="row">
|
|
|
|
|
<div class="form-group col-md-4">
|
|
|
|
|
<label for="password">New password</label>
|
|
|
|
|
<input type="password" class="form-control" name="newpass"/>
|
|
|
|
|
</div>
|
|
|
|
|
</div>
|
|
|
|
|
<div class="row">
|
|
|
|
|
<div class="form-group col-md-4">
|
|
|
|
|
<label for="password">Repeat new password</label>
|
|
|
|
|
<input type="password" class="form-control" name="newpassagain"/>
|
|
|
|
|
</div>
|
|
|
|
|
</div>
|
|
|
|
|
<input type="submit" class="btn btn-outline btn-primary" name="UpdateAdminPassword" value="Save settings" />
|
|
|
|
|
</form>
|
|
|
|
|
</div><!-- /.panel-body -->
|
|
|
|
|
</div><!-- /.panel-default -->
|
|
|
|
|
</div><!-- /.col-lg-12 -->
|
|
|
|
|
</div><!-- /.row -->
|
|
|
|
|
<?php
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
?>
|
