ex02--------------------------------------------------------------------------

1. ex02
2. --------------------------------------------------------------------------------------
3. modif.php
4. --------------------------------------------------------------------
5.  
6. <?php
7.  
8. if ($_POST['login'] && $_POST['oldpw'] && $_POST['newpw'] && $_POST['submit'] && ($_POST['submit'] === "OK"))
9.  
10. {
11. $path_f = "../private/passwd";
12. $db = unserialize(file_get_contents($path_f));
13. if ($db)
14.  
15. {
16.  
17. $exista = 0;
18. foreach ($db as $key => $value)
19.  
20. {
21.  
22. if ($value['login'] === $_POST['login'] && $value['passwd'] === hash("whirlpool", $_POST['oldpw']))
23.  
24. {
25.  
26. $exista = 1;
27.  
28. $db[$key]['passwd'] = hash("whirlpool", $_POST['newpw']);
29.  
30. }
31.  
32. if ($exista)
33.  
34. {
35.  
36. file_put_contents($path_f, serialize($db));
37.  
38. echo $_POST['submit'] . "\n";
39.  
40. }
41.  
42. else
43.  
44. echo "ERROR\n";
45.  
46. }
47.  
48. }
49.  
50. else
51.  
52. {
53.  
54. echo "ERROR\n";
55.  
56. }
57.  
58. }
59.  
60. else
61.  
62. {
63.  
64. echo "ERROR\n";
65.  
66. }
67.  
68.  
69.  
70.  
71. ?>
72. ------------------------------------------------------------------------
73. index.html
74. ------------------------------------------------------------------------
75.  
76.  
77. <html>
78.  
79. <body>
80.  
81. <form method="post" action="modif.php" name="modif.php">
82.  
83. Username: <input type="text" name="login" />
84.  
85. <br/>
86.  
87. Old password: <input type="text" name="oldpw" />
88.  
89. <br/>
90.  
91. New password: <input type="text" name="newpw" />
92.  
93. <br/>
94.  
95. <input type="submit" name="submit" value="OK" />
96.  
97. </form>
98.  
99. </body>
100.  
101. </html>
102.  
103. ---------------------------------------------------------------------------------------------------------------------
104. final ex02
105. ---------------------------------------------------------------------------------------------------------------------
106.  
107. ex03
108. ---------------------------------------------------------------------------------------------------------------------
109. auth.php
110. --------------------------------------------------------------------------
111. <?php
112.  
113. function auth($login, $passwd)
114. {
115. if (!$login || !$passwd)
116. return FALSE;
117. $db = unserialize(file_get_contents("../private/passwd"));
118. if ($db)
119. {
120. foreach ($db as $key => $value)
121. {
122. if ($value['login'] === $login && $value['passwd'] === hash('whirlpool', $passwd))
123. return TRUE;
124. else
125. return FALSE;
126. }
127.  
128. }
129. else
130. return FALSE;
131. }
132.  
133. ?>
134. ----------------------------------------------------------------------------
135. login.php
136. ----------------------------------------------------------------------------
137. <?php
138.  
139. require_once("auth.php");
140.  
141. session_start();
142.  
143. if ($_GET['login'] && $_GET['passwd'] && auth($_GET['login'], $_GET['passwd']))
144. {
145. $_SESSION['loggued_on_user'] = $_GET['login'];
146. echo "OK\n";
147. }
148. else
149. {
150. $_SESSION['loggued_on_user'] = "";
151. echo "ERROR\n";
152. }
153.  
154. ?>
155. ------------------------------------------------------------------------------
156. logout.php
157. ------------------------------------------------------------------------------
158. <?php
159.  
160. session_start();
161.  
162. $_SESSION['loggued_on_user'] = "";
163.  
164. ?>
165. ------------------------------------------------------------------------------
166. whoami.php
167. ------------------------------------------------------------------------------
168. <?php
169.  
170. session_start();
171.  
172. if ($_SESSION['loggued_on_user'])
173. {
174. echo $_SESSION['loggued_on_user'] . "\n";
175. }
176. else
177. echo "ERROR\n";
178.  
179. ?>
180.  
181. ---------------------------------------------------------------------------------------------------------------------
182. final ex03