$adresse_client = htmlentities(addslashes($_POST['adresse_client'])); $code_postal = $_POST['code_postal']; $ville_client = htmlentities(addslashes($_POST['ville_client'])); $tel_client = substr($_POST['tel_client'], 3); $mail_client = $_POST['mail_client']; $num_client = "CLS" . rand(1000000, 9999999); $cat_client = $_POST['cat_client']; $type_facturation = $_POST['type_facturation']; $type_reglement = $_POST['type_reglement']; $client_i = $DB->execute("INSERT INTO client(idclient, nom_client, prenom_client, adresse_client, code_postal, ville_client, tel_client, mail_client, num_client, cat_client) VALUES\r\n (NULL, :nom_client, :prenom_client, :adresse_client, :code_postal, :ville_client, :tel_client, :mail_client, :num_client, :cat_client)", array("nom_client" => $nom_client, "prenom_client" => $prenom_client, "adresse_client" => $adresse_client, "code_postal" => $code_postal, "ville_client" => $ville_client, "tel_client" => $tel_client, "mail_client" => $mail_client, "num_client" => $num_client, "cat_client" => $cat_client)); $user_q = $DB->query("SELECT * FROM client WHERE num_client = :num_client", array("num_client" => $num_client)); $conf_client = $DB->query("SELECT * FROM conf_annuaire_cat_client WHERE idcatclient = :idcatclient", array("idcatclient" => $cat_client)); $username = $fonction->gen_username($nom_client, $prenom_client); $pass = $fonction->gen_password(); $encrypt = new encrypt($username, $pass); $pass_crypt = $encrypt->encrypt(); $idclient = $user_q[0]->idclient; $user_info_i = $DB->execute("INSERT INTO client_info_default(idclientinfo, idclient, type_facturation, type_reglement, encours, delai_reglement) VALUES\r\n (NULL, :idclient, :type_facturation, :type_reglement, :encours, :delai_reglement)", array("idclient" => $idclient, "type_facturation" => $type_facturation, "type_reglement" => $type_reglement, "encours" => $conf_client[0]->encours, "delai_reglement" => $conf_client[0]->delai_rglt)); $user_client_insert = $DB->execute("INSERT INTO users(iduser, groupe, username, password, nom_user, prenom_user, connect, last_connect, poste_user, date_naissance, num_tel_poste, commentaire, totp, totp_token, idclient) VALUES\r\n (NULL, :groupe, :username, :password, :nom_user, :prenom_user, '0', '', 'Client', '', '', '', '0', NULL, :idclient)", array("groupe" => 4, "username" => $username, "password" => $pass_crypt, "nom_user" => $nom_client, "prenom_user" => $prenom_client, "idclient" => $idclient)); // ENVOIE MAIL $to = $mail_client; $sujet = "Création de votre Espace - CRIDIP"; $headers = 'MIME-Version: 1.0' . "\r\n"; $headers .= 'Content-type: text/html; charset=UTF-8' . "\r\n"; $headers .= 'From: CRIDIP <*****@*****.**>' . "\r\n"; ob_start(); ?> <!doctype html> <html lang="fr"> <head> <meta charset="UTF-8">
$confirm_new_password = $_POST['confirm_new_password']; //Import des informations utilisateurs $iduser = $user->iduser; $username = $user->username; $password = $user->password; //Vérification que le mot de passe actuel soit différent que le nouveau if ($new_password == $actual_password) { $fonction->redirect("profil", "", "", "warning", "edit-password", "L'ancien mot de passe et le nouveau correspondent, Veuillez en saisir un nouveau !"); } //Vérification de la confirmation if ($new_password != $confirm_new_password) { $fonction->redirect("profil", "", "", "warning", "edit-password", "Veuillez saisir le même mot de passe dans le champs de confirmation de mot de passe !"); } //Encrypter $encrypt = new encrypt($username, $new_password); $en_pass = $encrypt->encrypt(); $user_u = $DB->execute("UPDATE users SET password = :password WHERE iduser = :iduser", array("iduser" => $iduser, "password" => $en_pass)); if ($user_u == 1) { $text = "Le mot de passe de l'utilisateur <strong>" . $username . "</strong> à été changer avec succès !"; $addNotif = $DB->execute("INSERT INTO notif(idnotif, iduser, type, notification, date_notification, vu) VALUES (NULL , :iduser, :type, :notification, :date_notification, :vu)", array("iduser" => $iduser, "type" => 2, "notification" => $user->prenom_user . " à modifier le mot de passe de sont Espace.", "date_notification" => $date_format->format_strt(date("d-m-Y H:i:s")), "vu" => 0)); $fonction->redirect("profil", "", "", "success", "edit-password", $text); } else { $fonction->redirect("error", "", "", "code", "USR4", ""); } } if (isset($_POST['action']) && $_POST['action'] == 'active_totp') { session_start(); require "../application/classe.php"; $iduser = $user->iduser; $username = $user->username; $otp = new Otp();