1
0
mirror of https://github.com/billz/raspap-webgui.git synced 2023-10-10 13:37:24 +02:00

Fix tabbing

This commit is contained in:
Joseph Haig 2016-06-26 17:25:59 +01:00
parent 5c2492e785
commit d92b01e8f2
2 changed files with 8 additions and 8 deletions

View File

@ -11,10 +11,10 @@ function Status($message, $level='success', $dismissable=true) {
} }
function DisplayAuthConfig($username, $password){ function DisplayAuthConfig($username, $password){
$status = ''; $status = '';
if (isset($_POST['UpdateAdminPassword'])) { if (isset($_POST['UpdateAdminPassword'])) {
if (CSRFValidate()) { if (CSRFValidate()) {
if (password_verify($_POST['oldpass'], $password)) { if (password_verify($_POST['oldpass'], $password)) {
$new_username=trim($_POST['username']); $new_username=trim($_POST['username']);
if ($_POST['newpass'] != $_POST['newpassagain']) { if ($_POST['newpass'] != $_POST['newpassagain']) {
$status = Status('New passwords do not match', 'danger'); $status = Status('New passwords do not match', 'danger');
@ -35,7 +35,7 @@ function DisplayAuthConfig($username, $password){
$status = Status('Old password does not match', 'danger'); $status = Status('Old password does not match', 'danger');
} }
} else { } else {
// Log something error_log('CSRF violation');
} }
} }
?> ?>
@ -45,8 +45,8 @@ function DisplayAuthConfig($username, $password){
<div class="panel-heading"><i class="fa fa-lock fa-fw"></i>Configure Auth</div> <div class="panel-heading"><i class="fa fa-lock fa-fw"></i>Configure Auth</div>
<div class="panel-body"> <div class="panel-body">
<p><?php echo $status; ?></p> <p><?php echo $status; ?></p>
<form role="form" action="/?page=admin_conf" method="POST"> <form role="form" action="/?page=auth_conf" method="POST">
<?php CSRFToken() ?> <?php CSRFToken() ?>
<div class="row"> <div class="row">
<div class="form-group col-md-4"> <div class="form-group col-md-4">
<label for="username">Username</label> <label for="username">Username</label>

View File

@ -7,7 +7,7 @@
*/ */
function CSRFToken() { function CSRFToken() {
?> ?>
<input type="hidden" name="csrf_token" value="<?php echo $csrf_token; ?>" /> <input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token']; ?>" />
<?php <?php
} }