Can change admin password now
parent
6949fae7eb
commit
6e66ec05d8
63
common.php
63
common.php
|
@ -1184,6 +1184,24 @@ function EnvOpt($needUpdate = 0)
|
||||||
return output("{\"Error\": \"Admin pass error\"}", 403);
|
return output("{\"Error\": \"Admin pass error\"}", 403);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
if (isset($_POST['changePass'])) {
|
||||||
|
if (!is_numeric($_POST['timestamp'])) return message("Error time<a href=\"\">" . getconstStr('Back') . "</a>", "Error", 403);
|
||||||
|
if (abs(time() - $_POST['timestamp']/1000) > 5*60) return message("Timeout<a href=\"\">" . getconstStr('Back') . "</a>", "Error", 403);
|
||||||
|
if ($_POST['newPass1']==''||$_POST['newPass2']=='') return message("Empty new pass<a href=\"\">" . getconstStr('Back') . "</a>", "Error", 403);
|
||||||
|
if ($_POST['newPass1']!==$_POST['newPass2']) return message("Twice new pass not the same<a href=\"\">" . getconstStr('Back') . "</a>", "Error", 403);
|
||||||
|
if ($_POST['newPass1']==getConfig('admin')) return message("New pass same to old one<a href=\"\">" . getconstStr('Back') . "</a>", "Error", 403);
|
||||||
|
if ($_POST['oldPass']==sha1(getConfig('admin') . $_POST['timestamp'])) {
|
||||||
|
$tmp['admin'] = $_POST['newPass1'];
|
||||||
|
$response = setConfigResponse( setConfig($tmp) );
|
||||||
|
if (api_error($response)) {
|
||||||
|
return message(api_error_msg($response) . "<a href=\"\">" . getconstStr('Back') . "</a>", "Error", 403);
|
||||||
|
} else {
|
||||||
|
return message("Success<a href=\"\">" . getconstStr('Back') . "</a>", "Success", 200);
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
return message("Old pass error<a href=\"\">" . getconstStr('Back') . "</a>", "Error", 403);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
if (isset($_GET['preview'])) {
|
if (isset($_GET['preview'])) {
|
||||||
$preurl = $_SERVER['PHP_SELF'] . '?preview';
|
$preurl = $_SERVER['PHP_SELF'] . '?preview';
|
||||||
|
@ -1388,14 +1406,31 @@ function EnvOpt($needUpdate = 0)
|
||||||
$html .= '
|
$html .= '
|
||||||
<script src="https://cdn.bootcdn.net/ajax/libs/js-sha1/0.6.0/sha1.min.js"></script>
|
<script src="https://cdn.bootcdn.net/ajax/libs/js-sha1/0.6.0/sha1.min.js"></script>
|
||||||
<table>
|
<table>
|
||||||
<form id="config_f" name="config" action="" method="POST" onsubmit="return false;">
|
<form id="change_pass" name="change_pass" action="" method="POST" onsubmit="return changePassword(this);">
|
||||||
<tr>
|
<tr>
|
||||||
<td>admin pass:<input type="password" name="pass"></td>
|
<td>old pass:</td><td><input type="password" name="oldPass">
|
||||||
<td><button name="config_b" value="export" onclick="exportConfig(this);">export</button></td>
|
<input type="hidden" name="timestamp"></td>
|
||||||
</tr>
|
</tr>
|
||||||
<tr>
|
<tr>
|
||||||
<td>config:<textarea name="config_t"></textarea></td>
|
<td>new pass:</td><td><input type="password" name="newPass1"></td>
|
||||||
<td><button name="config_b" value="import" onclick="importConfig(this);">import</button></td>
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td>reinput:</td><td><input type="password" name="newPass2"></td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td></td><td><button name="changePass" value="changePass">Change Admin Pass</button></td>
|
||||||
|
</tr>
|
||||||
|
</form>
|
||||||
|
</table><br>
|
||||||
|
<table>
|
||||||
|
<form id="config_f" name="config" action="" method="POST" onsubmit="return false;">
|
||||||
|
<tr>
|
||||||
|
<td>admin pass:<input type="password" name="pass">
|
||||||
|
<button name="config_b" value="export" onclick="exportConfig(this);">export</button></td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td>config:<textarea name="config_t"></textarea>
|
||||||
|
<button name="config_b" value="import" onclick="importConfig(this);">import</button></td>
|
||||||
</tr>
|
</tr>
|
||||||
</form>
|
</form>
|
||||||
</table>
|
</table>
|
||||||
|
@ -1461,6 +1496,24 @@ function EnvOpt($needUpdate = 0)
|
||||||
}
|
}
|
||||||
xhr.send("pass=" + sha1(config_f.pass.value + "" + timestamp) + "&config_t=" + encodeURIComponent(config_f.config_t.value) + "&config_b=" + b.value + "×tamp=" + timestamp);
|
xhr.send("pass=" + sha1(config_f.pass.value + "" + timestamp) + "&config_t=" + encodeURIComponent(config_f.config_t.value) + "&config_b=" + b.value + "×tamp=" + timestamp);
|
||||||
}
|
}
|
||||||
|
function changePassword(f) {
|
||||||
|
if (f.oldPass.value==""||f.newPass1.value==""||f.newPass2.value=="") {
|
||||||
|
alert("Input");
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
if (f.oldPass.value==f.newPass1.value) {
|
||||||
|
alert("Same password");
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
if (f.newPass1.value!==f.newPass1.value) {
|
||||||
|
alert("Input twice new password");
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
var timestamp = new Date().getTime();
|
||||||
|
f.timestamp.value = timestamp;
|
||||||
|
f.oldPass.value = sha1(f.oldPass.value + "" + timestamp);
|
||||||
|
return true;
|
||||||
|
}
|
||||||
</script><br>';
|
</script><br>';
|
||||||
$Driver_arr = scandir(__DIR__ . $slash . 'disk');
|
$Driver_arr = scandir(__DIR__ . $slash . 'disk');
|
||||||
$html .= '
|
$html .= '
|
||||||
|
|
Loading…
Reference in New Issue