<label></label> <input type="submit" value="<?php echo $text[$lan]["f_add"]; ?> "/> </li> </ul> </form> </section> <div id="myhosts"> <?php $pgclient = new PgClient($db_config); $pgclient->connect() or die($text[$lan]["dberror"]); $q = "select tag, ip from hosts where oid=(select id from usuarios where mail='" . $_SESSION["email"] . "');"; $r = $pgclient->exeq($q); ?> <h3><?php echo $text[$lan]["ht_htitle"]; ?> </h3> <form id="change" action="<?php echo $config["html_root"]; ?> /?z=mod" method="POST"> <input type="hidden" id="edith" name="edith" required/> <input type="hidden" id="editip" name="editip" required/> </form> <form id="del" action="<?php
$rq_opass = base64_decode($_POST["op"]); $rq_npass = base64_decode($_POST["np"]); $rq_cpass = base64_decode($_POST["cp"]); if ($rq_npass != $rq_cpass) { echo "<div class='err'>La confirmacion no coincide</div>"; exit(2); } if (strlen($rq_opass) < MIN_PASS_LENGTH || strlen($rq_npass) < MIN_PASS_LENGTH || strlen($rq_cpass) < MIN_PASS_LENGTH) { echo "<div class='err'>No cumple las longitudes mínimas</div>"; exit(2); } $pgclient = new PgClient($db_config); $opass = hash("sha512", $salt . $rq_opass); $npass = hash("sha512", $salt . $rq_npass); $cpass = hash("sha512", $salt . $rq_cpass); $pgclient->connect() or die("<div class='err'>Woooops, culpa nuestra, contacte con el administrador</div>"); $q = "Select * from usuarios where lower(mail)=lower('" . $_SESSION["email"] . "') and pass='******';"; $r = pg_fetch_object($pgclient->exeq($q)); if ($pgclient->lq_nresults() == 0) { // USER NON EXISTENT OR PASSWORD ERROR echo "<div class='err'>Los datos introducidos no son correctos</div>"; exit(3); } $q = "Update usuarios set pass='******' where lower(mail)=lower('" . $_SESSION["email"] . "');"; $pgclient->exeq($q); $pgclient->disconnect(); session_write_close(); echo "<div class='ok'>Contraseña actualizada con éxito</div>"; ?>
} if (!isset($_POST["edith"]) || !isset($_POST["nip"])) { echo "Rellene todos los datos"; exit(1); } if (strlen($_POST["edith"]) < LENGTH_HOST_MIN || strlen($_POST["nip"]) < 7) { echo "Rellene todos los datos y respete las longitudes máximas."; exit(1); } $check = ip2long($_POST["nip"]); if ($check < 0 || $check == FALSE) { echo "La dirección IP no es válida"; exit(2); } $pgclient = new PgClient($db_config); $pgclient->connect() or die("ERR"); $host = strtok($_POST["edith"], "."); $main = strtok("."); $dom = strtok("."); $check = $config["domainname"]; $checkm = strtok($check, "."); $checkd = strtok("."); if ($main != $checkm || $dom != $checkd || strlen($host) < LENGTH_HOST_MIN || strlen($host) > LENGTH_HOST_MAX) { die("ERR: nombre de host no valido"); } $host = $pgclient->prepare($host, "letters") . "." . $config["domainname"]; $ip = $_POST["nip"]; // UPDATE ONLY AN EXISTENT HOST $q = "select count(tag) from hosts where lower(tag)=lower('" . $host . "') and oid=(select id from usuarios where lower(mail)=lower('" . $pgclient->prepare($_SESSION["email"], "email") . "'));"; $pgclient->exeq($q); if ($pgclient->lq_nresults() == 1) {