mirror of
https://github.com/billz/raspap-webgui.git
synced 2023-10-10 13:37:24 +02:00
Fix tabbing
This commit is contained in:
parent
5c2492e785
commit
d92b01e8f2
@ -11,10 +11,10 @@ function Status($message, $level='success', $dismissable=true) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
function DisplayAuthConfig($username, $password){
|
function DisplayAuthConfig($username, $password){
|
||||||
$status = '';
|
$status = '';
|
||||||
if (isset($_POST['UpdateAdminPassword'])) {
|
if (isset($_POST['UpdateAdminPassword'])) {
|
||||||
if (CSRFValidate()) {
|
if (CSRFValidate()) {
|
||||||
if (password_verify($_POST['oldpass'], $password)) {
|
if (password_verify($_POST['oldpass'], $password)) {
|
||||||
$new_username=trim($_POST['username']);
|
$new_username=trim($_POST['username']);
|
||||||
if ($_POST['newpass'] != $_POST['newpassagain']) {
|
if ($_POST['newpass'] != $_POST['newpassagain']) {
|
||||||
$status = Status('New passwords do not match', 'danger');
|
$status = Status('New passwords do not match', 'danger');
|
||||||
@ -35,7 +35,7 @@ function DisplayAuthConfig($username, $password){
|
|||||||
$status = Status('Old password does not match', 'danger');
|
$status = Status('Old password does not match', 'danger');
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
// Log something
|
error_log('CSRF violation');
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
?>
|
?>
|
||||||
@ -45,8 +45,8 @@ function DisplayAuthConfig($username, $password){
|
|||||||
<div class="panel-heading"><i class="fa fa-lock fa-fw"></i>Configure Auth</div>
|
<div class="panel-heading"><i class="fa fa-lock fa-fw"></i>Configure Auth</div>
|
||||||
<div class="panel-body">
|
<div class="panel-body">
|
||||||
<p><?php echo $status; ?></p>
|
<p><?php echo $status; ?></p>
|
||||||
<form role="form" action="/?page=admin_conf" method="POST">
|
<form role="form" action="/?page=auth_conf" method="POST">
|
||||||
<?php CSRFToken() ?>
|
<?php CSRFToken() ?>
|
||||||
<div class="row">
|
<div class="row">
|
||||||
<div class="form-group col-md-4">
|
<div class="form-group col-md-4">
|
||||||
<label for="username">Username</label>
|
<label for="username">Username</label>
|
||||||
|
@ -7,7 +7,7 @@
|
|||||||
*/
|
*/
|
||||||
function CSRFToken() {
|
function CSRFToken() {
|
||||||
?>
|
?>
|
||||||
<input type="hidden" name="csrf_token" value="<?php echo $csrf_token; ?>" />
|
<input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token']; ?>" />
|
||||||
<?php
|
<?php
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user