emmev-code/orario
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Change password feature (maybe)

Browse Source
This commit is contained in:
Vichingo455
2025-10-01 16:55:28 +02:00
parent e8079c2ce7
commit 0265af9dd2
6 changed files with 89 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
README.md
View File

@@ -86,6 +86,7 @@ curl -fsSL https://get.docker.com | bash
```bash
git clone https://git.vichingo455.freeddns.org/emmev-code/orario
cd orario
git checkout dev # richiesto per passare alla versione di sviluppo
docker compose up -d
```
3. Il container dovrebbe diventare disponibile su ``http://localhost:8080``

4
docker-compose.yml
View File

@@ -1,5 +1,3 @@
version: "3.8"
services:
web:
build: .
@@ -9,7 +7,6 @@ services:
depends_on:
- db
restart: unless-stopped
db:
image: mariadb:11
container_name: orario-db
@@ -22,6 +19,5 @@ services:
volumes:
- db_data:/var/lib/mysql
- ./schema.sql:/docker-entrypoint-initdb.d/init.sql:ro
volumes:
db_data:

81
htdocs/admin/changepassword.php Normal file
View File

@@ -0,0 +1,81 @@
<?php
session_start();
include("../db.php");
if (!isset($_SESSION['admin']) || $_SESSION['auth_type'] != 'local') {
header("Location: login.php");
exit;
}
$message = '';
if ($_SERVER["REQUEST_METHOD"] === "POST") {
$old = $_POST['old_password'];
$new = $_POST['new_password'];
$confirm = $_POST['confirm_password'];
$user = $_SESSION['admin'];
if ($new !== $confirm) {
$message = "Le nuove password non coincidono.";
} else {
// Recupera hash password attuale
$stmt = $conn->prepare("SELECT password FROM admins WHERE username = ?");
$stmt->bind_param("s", $user);
$stmt->execute();
$res = $stmt->get_result();
$row = $res->fetch_assoc();
if ($row && password_verify($old, $row['password'])) {
$newHash = password_hash($new, PASSWORD_DEFAULT);
$stmt = $conn->prepare("UPDATE admins SET password = ? WHERE username = ?");
$stmt->bind_param("ss", $newHash, $user);
$stmt->execute();
$message = "Password cambiata con successo.";
} else {
$message = "Password attuale errata.";
}
}
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Cambia Password</title>
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link rel="stylesheet" href="style.css">
</head>
<body>
<div class="navbar">
<div class="logo">Admin Dashboard</div>
<div class="links">
<a href="index.php">Dashboard</a>
<a href="logout.php">Logout</a>
</div>
</div>
<div class="admin-container">
<h1>Cambia Password</h1>
<?php if ($message): ?>
<p style="color:<?php echo strpos($message,'successo')!==false ? 'green':'red'; ?>;"><?php echo $message; ?></p>
<?php endif; ?>
<form method="POST">
<label>Password attuale:<br>
<input type="password" name="old_password" required>
</label><br><br>
<label>Nuova password:<br>
<input type="password" name="new_password" required>
</label><br><br>
<label>Conferma nuova password:<br>
<input type="password" name="confirm_password" required>
</label><br><br>
<button type="submit">Cambia password</button>
</form>
</div>
</body>
</html>

5
htdocs/admin/index.php
View File

@@ -29,6 +29,11 @@ if (!isset($_SESSION['admin'])) {
<a href="classes.php">Gestisci Classi</a>
<a href="subjects.php">Gestisci Materie</a>
<a href="timetable.php">Gestisci Orario</a>
<?php
if ($_SESSION['auth_type'] === 'local') {
echo '<a href="changepassword.php">Cambia Password</a>';
}
?>
<!--<a href="logout.php">Logout</a>-->
</p>
<p>

1
htdocs/admin/login.php
View File

@@ -12,6 +12,7 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
if ($row = $res->fetch_assoc()) {
if (password_verify($password, $row['password'])) {
$_SESSION['admin'] = $row['username'];
$_SESSION['auth_type'] = 'local';
header("Location: index.php");
exit;
}

1
htdocs/admin/login.php.keycloak
View File

@@ -14,5 +14,6 @@ $oidc->setRedirectURL('https://<APP_DOMAIN>/admin/login.php');
$oidc->authenticate();
$userinfo = $oidc->getVerifiedClaims();
$_SESSION['admin'] = $userinfo->preferred_username;
$_SESSION['auth_type'] = 'keycloak';
header("Location: index.php");
exit;