cmaffio/pannello
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

inserita gestione cambio password utenti proxy

Browse Source
This commit is contained in:
cmaffio
2016-05-16 15:50:57 +02:00
parent d01f3a895e
commit 6d7923c5d5
9 changed files with 393 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
core/function.php
View File

@@ -49,7 +49,7 @@ function db_data_connect () {
function login () { function login () {
global $_SESSION, $_POST, $POP3_Server, $DB_ID, $CONF; global $_SESSION, $_POST, $POP3_Server, $DB_ID, $CONF;
session_name("FirewallSW"); session_name("SWP");
session_start(); session_start();
if ($_SESSION['auth'] && ($_SESSION['time']+$CONF['temposessione']*60 >= time())) { if ($_SESSION['auth'] && ($_SESSION['time']+$CONF['temposessione']*60 >= time())) {
if(!db_login ($_SESSION['username'], $_SESSION['passwd'])) { if(!db_login ($_SESSION['username'], $_SESSION['passwd'])) {

2
core/logout.php
View File

@@ -2,7 +2,7 @@
include_once ("config.php"); include_once ("config.php");
login(); login();
logga ("Uscita"); logga ("Uscita");
session_name("AllegatiSW"); session_name("SWP");
session_start(); session_start();
$_SESSION['auth'] = 0; $_SESSION['auth'] = 0;
session_destroy(); session_destroy();

153
proxy/ext/chkpasswd_proxy.php Executable file
View File

@@ -0,0 +1,153 @@
<?php
include_once ("../../core/config.php");
include_once ("function_proxy.php");
$UTENTE = login_proxy();
view_top_proxy();
if (isset ($_POST['id'])) {
$modifica = 2;
$id = $_POST['id'];
$utente = $_POST['utente'];
$password1 = $_POST['password1'];
$password2 = $_POST['password2'];
if (($password1 != "ahg5t!frtb5@u&^!") && ($password1 == $password2)) {
$querypwd = "pass = PASSWORD('$password1'),";
} else {
$querypwd = "";
}
$testo = "L'utente e' stato correttamente modificato";
$query = "UPDATE proxy_utenti SET $querypwd modifica = NOW() WHERE `id`=$id";
?>
<table cellpadding="0" cellspacing="0" border="0" width="90%">
<tr>
<td><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif" width="1" height="10" alt=""><td>
</tr>
<tr>
<td>
<?php if (mysql_query( $query, $DB_ID )) { ?>
<?php print $testo ?><br>
<?php } else { ?>
Non e' stato possibile eseguire l'operazione richiesta a causa di un errore: <?php print mysql_error() ?><br>
<?php print $query ?><br>
<?php } ?>
</td>
</tr>
<tr>
<td><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif" width="1" height="5" alt=""></td>
</tr>
<tr>
<td><input type="button" value="Ok" onclick="location.href = 'main.php';"></button></td>
</tr>
<tr>
<td><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif" width="1" height="10" alt=""></td>
</tr>
</table>
<?php
} else {
$bottone = "Modifica";
$modifica = 1;
$query = "SELECT * FROM proxy_utenti WHERE user = '".$UTENTE['user']."'";
$res = mysql_query( $query, $DB_ID );
$dato = mysql_fetch_array ( $res );
$dato['password'] = "ahg5t!frtb5@u&^!";
}
?>
<?php if (($modifica == 0 || $modifica == 1) && !isset($_GET['rm'])) { ?>
<script type="text/javascript" src="<?php print $CONF['base_url'] ?>/jquery/jquery.js"></script>
<script type="text/javascript" src="<?php print $CONF['base_url'] ?>/jquery/jquery.validate.js"></script>
<script type="text/javascript" src="<?php print $CONF['base_url'] ?>/jquery/jquery.validate.password.js"></script>
<link rel="stylesheet" type="text/css" href="<?php print $CONF['base_url'] ?>/jquery/jquery.validate.password.css" />
<script type="text/javascript">
$(document).ready(function()
{
$("#modulo").validate( {
rules: {
password1: {
password: "#utente",
minlength: 0
},
password2: {
equalTo: "#password1"
}
},
messages: {
password2: {
equalTo: "Le due password devono essere uguali"
}
},
errorPlacement: function(error, element) {
error.prependTo( element.parent().next() );
},
success: function(label) {
label.html("&nbsp;").addClass("checked");
}
});
});
</script>
<form action="chkpasswd_proxy.php" method="post" id="modulo">
<table cellpadding="0" cellspacing="0" border="0" width="90%">
<input type="hidden" name="id" value="<?php print $dato['id'] ?>">
<tr>
<td><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif" width="30" height="1" alt=""></td>
<td>Nome Utente</td>
<td><?php print $dato['user']?></td>
<td class="status" colspan="6"></td>
</tr>
<tr><td colspan="9"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif" width="1" height="5" alt=""></td></tr>
<tr>
<td><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif" width="30" height="1" alt=""></td>
<td class="label"><label id="lmail" for="mail">Indirizzo E-Mail</label></td>
<td class="field"><input id="mail" name="mail" type="text" value="<?php print $dato['mail']?>" maxlength="50" /></td>
<td class="status" colspan="6"></td>
</tr>
<tr><td colspan="9"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif" width="1" height="5" alt=""></td></tr>
<tr>
<td class="col1" colspan="9">
<table cellpadding="0" cellspacing="0" border="0" width="100%">
<tr>
<td><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif" width="40" height="50" alt=""></td>
<td class="label"><label id="lpassword" for="password">Password</label></td>
<td><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif" width="10" height="1" alt=""></td>
<td class="field" width="30"><input id="password1" name="password1" type="password" size="30" maxlength="32" value="<?php print $dato['password'] ?>" /></td>
<td class="status" width="400">
<div class="password-meter">
<div class="password-meter-message">&nbsp;</div>
<div class="password-meter-bg">
<div class="password-meter-bar"></div>
</div>
</div>
</td>
</tr>
<tr>
<td><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif" width="40" height="50" alt=""></td>
<td class="label"><label id="lpassword_confirm" for="password_confirm">Password</label></td>
<td><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif" width="10" height="1" alt=""></td>
<td class="field" width="30"><input id="password2" name="password2" type="password" size="30" maxlength="32" value="<?php print $dato['password'] ?>" /></td>
<td class="status" width="400"></td>
</tr>
<tr><td colspan="9" class="spaziov"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif" width="1" alt=""></td></tr>
</table>
</td>
</tr>
<tr><td colspan="9"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif" width="1" height="5" alt=""></td></tr>
<tr><td align="center" colspan="9">
<input type="submit" value="<?php print $bottone ?>">
&nbsp;&nbsp;&nbsp;
<input type="button" value="Annulla" onclick="location.href = 'main.php';"></button>
</td></tr>
<tr><td colspan="9"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif" width="1" height="10" alt=""></td></tr>
</table>
</form>
<?php } ?>
<?php view_footer_proxy(); ?>

17
proxy/ext/footer_proxy.php Normal file
View File

@@ -0,0 +1,17 @@
</td></tr>
<tr><td>
<table cellpadding="0" cellspacing="0" border="0" width="100%">
<tr bgcolor="#FFC350">
<td nowrap class="lbottom">&nbsp;<?php print $CONF['Versione'] ?></td>
<td width="500">&nbsp;</td>
<?php if ($UTENTE['admin']) { ?>
<td class="rtop"><a class="rtop" href="main.php">Admin&nbsp;</a></td>
<?php } else {?>
<td>&nbsp;</td>
<?php } ?>
</tr>
</table>
</td></tr>
</table>
</body>
</html>

143
proxy/ext/function_proxy.php Normal file
View File

@@ -0,0 +1,143 @@
<?php
function view_top_proxy () {
global $CONF, $UTENTE;
include_once ("top_proxy.php");
}
function view_footer_proxy () {
global $CONF, $UTENTE;
include_once ("footer_proxy.php");
}
function db_login_proxy($user,$pass) {
global $DB_ID;
$query = "SELECT id FROM proxy_utenti WHERE user = '$user' AND pass = PASSWORD('$pass') AND attivo = 1";
$res = mysql_query( $query, $DB_ID );
$dato = mysql_fetch_array ( $res );
$ritorno = $dato['id'];
return $ritorno;
}
function login_proxy () {
global $_SESSION, $_POST, $DB_ID, $CONF;
session_name("authmail");
session_start();
if ($_SESSION['auth'] && ($_SESSION['time']+$CONF['temposessione']*60 >= time())) {
if(!db_login_proxy ($_SESSION['username'], $_SESSION['passwd'])) {
$tMessage = '<span class="error_msg">Dati di autenticazione errati</span>';
$tUsername = $_SESSION['username'];
$_SESSION['auth'] = 0;
session_destroy();
include ("userlogin.php");
exit;
} else {
logga ($_SERVER['REQUEST_URI']);
$_SESSION['time'] = time();
return carica_utente_proxy ();
}
} else {
if ($_POST['fUsername']) {
$fUsername = $_POST['fUsername'];
$fPassword = $_POST['fPassword'];
if(db_login_proxy ($fUsername, $fPassword)) {
$_SESSION = array();
$_SESSION['passwd'] = $fPassword;
$_SESSION['username'] = $fUsername;
$_SESSION['auth'] = 1;
$_SESSION['time'] = time();
session_regenerate_id(TRUE);
return carica_utente_proxy ();
} else {
$tMessage = 'Errore';
$tUsername = $fUsername;
include ("userlogin.php");
exit;
}
} else {
if ($_SESSION['auth'] && ($_SESSION['time']+$CONF['temposessione']*60 < time())) {
$tMessage = '<span class="error_msg">Sessione scaduta</span>';
$tUsername = $_SESSION['username'];
logga ("Sessione scaduta");
include ("userlogin.php");
exit;
} else {
include ("userlogin.php");
exit;
}
}
}
}
function carica_utente_proxy () {
global $_SESSION, $CONF, $DB_ID;
$query = "SELECT * FROM proxy_utenti where user = '".$_SESSION['username']."'";
$res = mysql_query( $query, $DB_ID );
$dati = mysql_fetch_array ( $res );
return $dati;
}
function lista_moduli_proxy () {
global $UTENTE, $DB_ID, $CONF;
$menu[] = array("Home", "main.php",0,"Home Page",0);
$menu[] = array("Cambio password", "chkpasswd_proxy.php",0,"Cambio Password");
$pezzi = preg_split('/\//', $_SERVER["PHP_SELF"], -2);
$self = $pezzi[count($pezzi)-1];
?>
<ul id="nav">
<?php for ($i=0; $i<count($menu);$i++) {
if ($self == $menu[$i][1]) {
$classe = "sel";
} else {
$classe = "nosel";
}
?>
<li>
<a class="<?php print $classe ?>" href="<?php print $menu[$i][1]?>"><?php print $menu[$i][0]?></a>
<?php
if ($menu[$i][2] != 0) {
$query = " SELECT
moduli_page.nome AS nome,
moduli_page.pagina AS pagina,
moduli.directory AS directory
FROM
moduli_page
JOIN
moduli
ON
moduli.id = moduli_page.id_moduli
WHERE
moduli_page.attivo = 1
AND
moduli_page.livello <= ".$menu[$i][4]."
AND
moduli_page.id_moduli = ".$menu[$i][2]."
ORDER BY
moduli_page.ordine
";
$res_page = mysql_query( $query, $DB_ID ); ?>
<ul>
<?php while ($page = mysql_fetch_array ($res_page)) { ?>
<li><a href="<?php print $CONF['base_url']."/".$page['directory']."/".$page['pagina'] ?>"><?php print $page['nome'] ?></a></li>
<?php } ?>
</ul>
<?php } ?>
</li>
<?php } ?>
</ul>
<?php
}
?>

10
proxy/ext/logout_proxy.php Normal file
View File

@@ -0,0 +1,10 @@
<?php
include_once ("../../core/config.php");
include_once ("function_proxy.php");
login_proxy();
session_name("authmail");
session_start();
$_SESSION['auth'] = 0;
session_destroy();
header('Location: main.php');
?>

15
proxy/ext/main.php Normal file
View File

@@ -0,0 +1,15 @@
<?php
include_once ("../../core/config.php");
include_once ("function_proxy.php");
$UTENTE = login_proxy();
view_top_proxy();
?>
<META HTTP-EQUIV="Refresh" CONTENT="30" URL="main.php">
<table cellpadding="0" cellspacing="0" border="0" width="90%">
<tr><td class="spaziov" colspan="9"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td></tr>
</table>
<img src="img/spazio.gif" width="1" height="20" alt="">
<?php view_footer_proxy(); ?>

30
proxy/ext/top_proxy.php Normal file
View File

@@ -0,0 +1,30 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>Autenticazione Proxy</title>
</head>
<body>
<link rel="stylesheet" type="text/css" href="<?php print $CONF['base_url'] ?>/css/stile.css" />
<table cellpadding="0" cellspacing="0" border="0" align="center" width="1000">
<?php
if ($UTENTE['user'] != '') { ?>
<tr><td>
<table cellpadding="0" cellspacing="0" border="0" width="100%">
<tr bgcolor="#FFC350">
<td nowrap class="ltop">Utente: <?php print $_SESSION['username'] ?></td>
<td width="200">&nbsp;</td>
<td class="rtop"><a class="rtop" href="logout_proxy.php">Logout</a></td>
</tr>
</table>
</td></tr>
<tr><td class="spaziov" colspan=2><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td></tr>
<tr><td align="center">
<?php
lista_moduli_proxy();
} else {?>
<tr bgcolor="#FFC350"><td>&nbsp;</td></tr>
<?php } ?>
</td></tr>
<tr><td class="spaziov" colspan=2><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td></tr>
<tr><td align="center">

23
proxy/ext/userlogin.php Normal file
View File

@@ -0,0 +1,23 @@
<?php view_top_proxy(); ?>
<form name="login" method="post">
<table cellpadding="0" cellspacing="10" border="0" id="login_table">
<tr align="center" valign="middle">
<td colspan="2"><h4><?php print "Benvenuto" ?></h4></td>
</tr>
<tr>
<td><?php print "Utente:"; ?></td>
<td><input type="text" name="fUsername" value="<?php print $tUsername; ?>" /></td>
</tr>
<tr>
<td><?php print "Password:"; ?></td>
<td><input type="password" name="fPassword" /></td>
</tr>
<tr>
<td colspan="2" align="center"><input type="submit" name="submit" value="<?php print "Accedi"; ?>" /></td>
</tr>
<tr>
<td colspan="2" align="center"<?php print $tMessage; ?></td>
</tr>
</table>
</form>
<?php view_footer_proxy(); ?>