blob: 17d64bd596180e4d52939df35601b894c17ad83d [file] [log] [blame]
<?php
require '../credentials.php';
require 'utils.php';
require (dirname(__FILE__)."/security.php");
Security::checkIsSignedIn();
$credentials = new Credentials();
$usersdb = $credentials->usersdb;
date_default_timezone_set("Europe/Madrid");
// Check if confirmation is the same
if ($_POST['password'] != $_POST['confirmation']) {
header("Location: /main.php?wrongconfirmation=1");
exit();
} else if ($_POST['password'] == '') {
header("Location: /main.php");
exit();
} else {
// Execute query to change password
$spassword = mysqli_real_escape_string($conn, password_hash($_POST["password"], PASSWORD_DEFAULT));
$update_password = "UPDATE $usersdb SET password=\"".$spassword."\" WHERE id=".(int)$_SESSION['id'];
if(!$result = query($update_password)) die("<script>window.location.href = '../main.php?errordb=1'</script>");
// Go back to main page
header("Location: /main.php?successpassword=1");
exit();
}