require_once '../utils/function.php';
if (!isset($_SESSION['on'])) {
redirect('../login.php');
exit;
}
if (!isset($_POST['renew'])) {
redirect('../secure/accounts.php');
exit;
}
if (!can_create_account($_SESSION['username'])) {
$_SESSION['error'] = TRUE;
$_SESSION['error_log'] = 'You are not authorized to renew Linux accounts.';
redirect('../secure/accounts.php');
exit;
}
$days = config_days();
$length = config_length();
$pin = genpin($length);
$expdate = time() + 24 * 60 * 60 * $days;
$salt = gensalt();
$query = "UPDATE passwd SET password = '******', salt = '" . $salt . "', expflag = 0, expdate =" . $expdate . ", retrycount = 0 WHERE username = :renewList";
$stmt = $db->prepare($query);
$stmt->bindValue(':renewList', $_POST['renewList']);
$result = $stmt->execute();
$_SESSION['pin'] = $pin;
$_SESSION['account'] = $_POST['renewList'];
$_SESSION['has_pin'] = TRUE;
$_SESSION['account_state'] = 'Renewed';
$_SESSION['error'] = TRUE;
$_SESSION['error_log'] = 'Account ' . $_POST['deleteList'] . ' renewed.';
redirect('../secure/account.php');
function iCrypt($passwort, $salt)
{
global $crypted_password_extern, $upgrade_password;
$v_passwort = "";
if ($upgrade_password == 1 && $crypted_password_extern == 0) {
$salt = "";
if (defined("CRYPT_SHA256")) {
$salt = '$5$rounds=5000$' . gensalt(16) . '$';
} elseif (CRYPT_MD5 == 1) {
$salt = '$1$' . gensalt(8) . '$';
} else {
$salt = gensalt(2);
// für den Notfall Std. DES
}
$upgrade_password = 0;
$v_passwort = crypt($passwort, $salt);
} elseif ($crypted_password_extern == 0) {
$upgrade_password = 0;
if ($salt == 'MD5') {
$v_passwort = md5($passwort);
} else {
$v_passwort = crypt($passwort, $salt);
}
} else {
$v_passwort = $passwort;
}
return $v_passwort;
}
