Sākums Izpētīt Palīdzība
Pierakstīties
hanzhengyi
/
usky-website
1
0
Atdalīts 0
Faili Problēmas 0 Izmaiņu pieprasījumi 0 Vikivietne
Atzars: master
Atzari Tagi
usky-website
/
web
/
phpMyAdmin
/
libraries
/
classes
/
Controllers
/
UserPasswordController.php

UserPasswordController.php 3.3 KB
Patstāvīgā saite Vēsture Neapstrādāts

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107 
  1. <?php
    2. 

  2. 

  3. declare(strict_types=1);
    4. 

  4. 

  5. namespace PhpMyAdmin\Controllers;
    6. 

  6. 

  7. use PhpMyAdmin\DatabaseInterface;
    8. 

  8. use PhpMyAdmin\Html\Generator;
    9. 

  9. use PhpMyAdmin\Message;
    10. 

  10. use PhpMyAdmin\Response;
    11. 

  11. use PhpMyAdmin\Template;
    12. 

  12. use PhpMyAdmin\UserPassword;
    13. 

  13. 

  14. /**
    15. 

  15.  * Displays and handles the form where the user can change their password.
    16. 

  16.  */
    17. 

  17. class UserPasswordController extends AbstractController
    18. 

  18. {
    19. 

  19.     /** @var UserPassword */
    20. 

  20.     private $userPassword;
    21. 

  21. 

  22.     /** @var DatabaseInterface */
    23. 

  23.     private $dbi;
    24. 

  24. 

  25.     /**
    26. 

  26.      * @param Response          $response
    27. 

  27.      * @param DatabaseInterface $dbi
    28. 

  28.      */
    29. 

  29.     public function __construct($response, Template $template, UserPassword $userPassword, $dbi)
    30. 

  30.     {
    31. 

  31.         parent::__construct($response, $template);
    32. 

  32.         $this->userPassword = $userPassword;
    33. 

  33.         $this->dbi = $dbi;
    34. 

  34.     }
    35. 

  35. 

  36.     public function index(): void
    37. 

  37.     {
    38. 

  38.         global $cfg, $hostname, $username, $password, $change_password_message, $msg;
    39. 

  39. 

  40.         $this->addScriptFiles(['server/privileges.js', 'vendor/zxcvbn.js']);
    41. 

  41. 

  42.         /**
    43. 

  43.          * Displays an error message and exits if the user isn't allowed to use this
    44. 

  44.          * script
    45. 

  45.          */
    46. 

  46.         if (! $cfg['ShowChgPassword']) {
    47. 

  47.             $cfg['ShowChgPassword'] = $this->dbi->selectDb('mysql');
    48. 

  48.         }
    49. 

  49.         if ($cfg['Server']['auth_type'] === 'config' || ! $cfg['ShowChgPassword']) {
    50. 

  50.             $this->response->addHTML(Message::error(
    51. 

  51.                 __('You don\'t have sufficient privileges to be here right now!')
    52. 

  52.             )->getDisplay());
    53. 

  53. 

  54.             return;
    55. 

  55.         }
    56. 

  56. 

  57.         /**
    58. 

  58.          * If the "change password" form has been submitted, checks for valid values
    59. 

  59.          * and submit the query or logout
    60. 

  60.          */
    61. 

  61.         if (isset($_POST['nopass'])) {
    62. 

  62.             if ($_POST['nopass'] == '1') {
    63. 

  63.                 $password = '';
    64. 

  64.             } else {
    65. 

  65.                 $password = $_POST['pma_pw'];
    66. 

  66.             }
    67. 

  67.             $change_password_message = $this->userPassword->setChangePasswordMsg();
    68. 

  68.             $msg = $change_password_message['msg'];
    69. 

  69. 

  70.             if (! $change_password_message['error']) {
    71. 

  71.                 $sql_query = $this->userPassword->changePassword($password);
    72. 

  72. 

  73.                 if ($this->response->isAjax()) {
    74. 

  74.                     $sql_query = Generator::getMessage($change_password_message['msg'], $sql_query, 'success');
    75. 

  75.                     $this->response->addJSON('message', $sql_query);
    76. 

  76. 

  77.                     return;
    78. 

  78.                 }
    79. 

  79. 

  80.                 $this->response->addHTML('<h1>' . __('Change password') . '</h1>' . "\n\n");
    81. 

  81.                 $this->response->addHTML(Generator::getMessage($msg, $sql_query, 'success'));
    82. 

  82.                 $this->render('user_password');
    83. 

  83. 

  84.                 return;
    85. 

  85.             }
    86. 

  86. 

  87.             if ($this->response->isAjax()) {
    88. 

  88.                 $this->response->addJSON('message', $change_password_message['msg']);
    89. 

  89.                 $this->response->setRequestStatus(false);
    90. 

  90. 

  91.                 return;
    92. 

  92.             }
    93. 

  93.         }
    94. 

  94. 

  95.         /**
    96. 

  96.          * If the "change password" form hasn't been submitted or the values submitted
    97. 

  97.          * aren't valid -> displays the form
    98. 

  98.          */
    99. 

  99. 

  100.         // Displays an error message if required
    101. 

  101.         if (isset($msg)) {
    102. 

  102.             $this->response->addHTML($msg->getDisplay());
    103. 

  103.         }
    104. 

  104. 

  105.         $this->response->addHTML($this->userPassword->getFormForChangePassword($username, $hostname));
    106. 

  106.     }
    107. 

  107. }
    108.