Added password change logic

changepasswd.php

@@ -0,0 +1,60 @@
+<?php
+
+session_start();
+
+function passwd_error($message) {
+    $_SESSION['message'] = $message;
+    header('Location: formpasswd.php');
+    exit();
+}
+
+if (!isset($_SESSION['user'])) {
+    header('Location: signin.php');
+    exit();
+}
+
+if ($_SERVER['REQUEST_METHOD'] != 'POST') {
+    header('Location: signin.php');
+    exit();
+}
+
+if (!isset($_POST['password_current'], $_POST['password'], $_POST['password_conf'])) {
+    header('Location: signin.php');
+    exit();
+}
+
+$passwd = $_POST['password'];
+$passwd_conf = $_POST['password_conf'];
+$current_password = $_POST["password_current"];
+
+if ($passwd != $passwd_conf) {
+    passwd_error("Passwords do not match");
+}
+
+if (strlen($passwd) < 8) {
+    passwd_error("Password too short (min 8 chars)");
+}
+
+$ini = parse_ini_file('includes/config.ini');
+
+try {
+    $ldapconn = ldap_connect($ini['hostname'], $ini['port']);
+    ldap_set_option($ldapconn, LDAP_OPT_PROTOCOL_VERSION, 3);
+    ldap_set_option($ldapconn, LDAP_OPT_REFERRALS, 0);
+} catch (Exception $e) {
+    die ('ERROR: ' . $e->getMessage());
+}
+
+$dn = "uid=" . ldap_escape($_SESSION['user']) . ',' . $ini["binddn"];
+$ldap_bind = ldap_bind($ldapconn, $dn, $current_password);
+
+if ($ldap_bind) {
+    if (ldap_exop_passwd($ldapconn, $dn, "",$passwd)) {
+        header('Location: home.php');
+        exit();
+    } else {
+        passwd_error("A problem occured, contact admins");
+    }
+} else {
+    passwd_error("Wrong current password");
+}

formpasswd.php

@@ -0,0 +1,24 @@
+<?php
+
+session_start();
+
+if (!isset($_SESSION['user'])) {
+    header('Location: signin.php');
+    exit();
+}
+
+include 'vendor/autoload.php';
+
+try {
+    $loader = new Twig\Loader\FilesystemLoader('templates');
+    $twig = new Twig\Environment($loader);
+    $twig->addGlobal('session', $_SESSION);
+
+    $template = $twig->load('formpasswd.html.twig');
+
+    echo $template->render();
+
+    unset($_SESSION['message']);
+} catch (Exception $e) {
+    die ('ERROR: ' . $e->getMessage());
+}

signin.php

@@ -2,6 +2,11 @@
 
 session_start();
 
+if (isset($_SESSION['user'])) {
+    header('Location: home.php');
+    exit();
+}
+
 include 'vendor/autoload.php';
 
 try {

templates/formpasswd.html.twig

@@ -0,0 +1,26 @@
+<!DOCTYPE html>
+<html>
+    <head>
+        <title>BIM</title>
+    </head>
+    <body>
+        <form method="post" accept-charset="UTF-8" action="../changepasswd.php">
+
+            <h3><label for="password">Current password</label></h3>
+            <input id="password_current" type="password" name="password_current">
+        
+            <h3><label for="password">New password</label></h3>
+            <input id="password" type="password" name="password">
+
+            <h3><label for="password_conf">Confirm password</label></h3>
+            <input id="password_conf" type="password" name="password_conf">
+        
+            <input type="submit" value="Confirm">
+        
+            {% if session.message is defined %}
+                <p>{{ session.message }}</p>
+            {% endif %}
+        </form>
+        
+    </body>
+</html>

templates/home.html.twig

@@ -5,5 +5,8 @@
     </head>
     <body>
         <h1>Hello {{session.user}}</h1>
+        <ul>
+            <li><a href="formpasswd.php">Change password</a></li>
+        </ul>
     </body>
 </html>