$prenom_client = htmlentities(addslashes($_POST['prenom_client']));
$adresse_client = htmlentities(addslashes($_POST['adresse_client']));
$code_postal = $_POST['code_postal'];
$ville_client = htmlentities(addslashes($_POST['ville_client']));
$tel_client = substr($_POST['tel_client'], 3);
$mail_client = $_POST['mail_client'];
$num_client = "CLS" . rand(1000000, 9999999);
$cat_client = $_POST['cat_client'];
$type_facturation = $_POST['type_facturation'];
$type_reglement = $_POST['type_reglement'];
$client_i = $DB->execute("INSERT INTO client(idclient, nom_client, prenom_client, adresse_client, code_postal, ville_client, tel_client, mail_client, num_client, cat_client) VALUES\r\n (NULL, :nom_client, :prenom_client, :adresse_client, :code_postal, :ville_client, :tel_client, :mail_client, :num_client, :cat_client)", array("nom_client" => $nom_client, "prenom_client" => $prenom_client, "adresse_client" => $adresse_client, "code_postal" => $code_postal, "ville_client" => $ville_client, "tel_client" => $tel_client, "mail_client" => $mail_client, "num_client" => $num_client, "cat_client" => $cat_client));
$user_q = $DB->query("SELECT * FROM client WHERE num_client = :num_client", array("num_client" => $num_client));
$conf_client = $DB->query("SELECT * FROM conf_annuaire_cat_client WHERE idcatclient = :idcatclient", array("idcatclient" => $cat_client));
$username = $fonction->gen_username($nom_client, $prenom_client);
$pass = $fonction->gen_password();
$encrypt = new encrypt($username, $pass);
$pass_crypt = $encrypt->encrypt();
$idclient = $user_q[0]->idclient;
$user_info_i = $DB->execute("INSERT INTO client_info_default(idclientinfo, idclient, type_facturation, type_reglement, encours, delai_reglement) VALUES\r\n (NULL, :idclient, :type_facturation, :type_reglement, :encours, :delai_reglement)", array("idclient" => $idclient, "type_facturation" => $type_facturation, "type_reglement" => $type_reglement, "encours" => $conf_client[0]->encours, "delai_reglement" => $conf_client[0]->delai_rglt));
$user_client_insert = $DB->execute("INSERT INTO users(iduser, groupe, username, password, nom_user, prenom_user, connect, last_connect, poste_user, date_naissance, num_tel_poste, commentaire, totp, totp_token, idclient) VALUES\r\n (NULL, :groupe, :username, :password, :nom_user, :prenom_user, '0', '', 'Client', '', '', '', '0', NULL, :idclient)", array("groupe" => 4, "username" => $username, "password" => $pass_crypt, "nom_user" => $nom_client, "prenom_user" => $prenom_client, "idclient" => $idclient));
// ENVOIE MAIL
$to = $mail_client;
$sujet = "Création de votre Espace - CRIDIP";
$headers = 'MIME-Version: 1.0' . "\r\n";
$headers .= 'Content-type: text/html; charset=UTF-8' . "\r\n";
$headers .= 'From: CRIDIP <*****@*****.**>' . "\r\n";
ob_start();
?>
<!doctype html>
<html lang="fr">
<head>
$new_password = $_POST['new_password'];
$confirm_new_password = $_POST['confirm_new_password'];
//Import des informations utilisateurs
$iduser = $user->iduser;
$username = $user->username;
$password = $user->password;
//Vérification que le mot de passe actuel soit différent que le nouveau
if ($new_password == $actual_password) {
$fonction->redirect("profil", "", "", "warning", "edit-password", "L'ancien mot de passe et le nouveau correspondent, Veuillez en saisir un nouveau !");
}
//Vérification de la confirmation
if ($new_password != $confirm_new_password) {
$fonction->redirect("profil", "", "", "warning", "edit-password", "Veuillez saisir le même mot de passe dans le champs de confirmation de mot de passe !");
}
//Encrypter
$encrypt = new encrypt($username, $new_password);
$en_pass = $encrypt->encrypt();
$user_u = $DB->execute("UPDATE users SET password = :password WHERE iduser = :iduser", array("iduser" => $iduser, "password" => $en_pass));
if ($user_u == 1) {
$text = "Le mot de passe de l'utilisateur <strong>" . $username . "</strong> à été changer avec succès !";
$addNotif = $DB->execute("INSERT INTO notif(idnotif, iduser, type, notification, date_notification, vu) VALUES (NULL , :iduser, :type, :notification, :date_notification, :vu)", array("iduser" => $iduser, "type" => 2, "notification" => $user->prenom_user . " à modifier le mot de passe de sont Espace.", "date_notification" => $date_format->format_strt(date("d-m-Y H:i:s")), "vu" => 0));
$fonction->redirect("profil", "", "", "success", "edit-password", $text);
} else {
$fonction->redirect("error", "", "", "code", "USR4", "");
}
}
if (isset($_POST['action']) && $_POST['action'] == 'active_totp') {
session_start();
require "../application/classe.php";
$iduser = $user->iduser;
$username = $user->username;
