<?php
session_start();
require_once '../classes/connection.class.php';
require_once '../classes/admin.class.php';
$objValidate = new admin();
$username = mysqli_real_escape_string($objValidate->conxn, $_POST['username']);
$password = mysqli_real_escape_string($objValidate->conxn, $_POST['password']);
//$password=crypt($password);
$objValidate->setUsername($username);
$objValidate->setPassword($password);
$flag = $objValidate->validateAdmin();
/*echo $objValidate->sql;
exit;*/
// echo '<pre>';
// print_r ($objValidate);
// echo '</pre>';
// exit;
if ($flag) {
$_SESSION['username'] = $username;
//$_SESSION['adminid']=$user_id;
header('location:../index.php?homepage');
} else {
header('location:../login.php?err=.base64_decode("invalid username and password")');
$_SESSION['msg'] = $adduserobj->msg = "Sorry incorrect username and password";
}
/**
* Crea un addetto ordini da una riga del db
* @param type $row
* @return \admin
*/
public function creaAdminDaArray($row)
{
$admin = new admin();
$admin->setId($row['admin_id']);
$admin->setNome($row['admin_nome']);
$admin->setCognome($row['admin_cognome']);
$admin->setVia($row['admin_via']);
$admin->setCivico($row['admin_civico']);
$admin->setCitta($row['admin_citta']);
$admin->setCap($row['admin_cap']);
$admin->setTelefono($row['admin_telefono']);
$admin->setRuolo(User::admin);
$admin->setUsername($row['admin_username']);
$admin->setPassword($row['admin_password']);
return $admin;
}
include_once $_SERVER['DOCUMENT_ROOT'] . "/core/init.inc.php";
if (!admin::isSession()) {
header("Location: /admin/login.php");
}
if (!empty($_POST)) {
$authToken = isset($_POST['authenticity_token']) ? $_POST['authenticity_token'] : '';
$current_passw = isset($_POST['current_passw']) ? $_POST['current_passw'] : '';
$new_passw = isset($_POST['new_passw']) ? $_POST['new_passw'] : '';
$current_passw = helper::clearText($current_passw);
$current_passw = helper::escapeText($current_passw);
$new_passw = helper::clearText($new_passw);
$new_passw = helper::escapeText($new_passw);
if ($authToken === helper::getAuthenticityToken() && !APP_DEMO) {
$admin = new admin($dbo);
$admin->setId(admin::getCurrentAdminId());
$result = $admin->setPassword($current_passw, $new_passw);
if ($result['error'] === false) {
header("Location: /admin/settings.php/?result=success");
exit;
} else {
header("Location: /admin/settings.php/?result=error");
exit;
}
}
header("Location: /admin/settings.php");
exit;
}
$stats = new stats($dbo);
$page_id = "settings";
$error = false;
$error_message = '';