php/change_password.php - edu/fisi-pastanagapp - Gitiles

 <?php
 	require '../credentials.php';
 	require 'utils.php';
 	require (dirname(__FILE__)."/security.php");

 	Security::checkIsSignedIn();

 	$credentials = new Credentials();
 	$usersdb = $credentials->usersdb();

 	date_default_timezone_set("Europe/Madrid");

 	// Check if confirmation is the same
 	if ($_POST['password'] != $_POST['confirmation']) {
 		header("Location: /main.php?wrongconfirmation=1");
 		exit();
 	} else if ($_POST['password'] == '') {
 		header("Location: /main.php");
 		exit();
 	} else {
 		// Execute query to change password
 		$spassword = mysqli_real_escape_string($conn, password_hash($_POST["password"], PASSWORD_DEFAULT));
 		$update_password = "UPDATE $usersdb SET password=\"".$spassword."\" WHERE id=".(int)$_SESSION['id'];
 		if(!$result = query($update_password)) die("<script>window.location.href = '../main.php?errordb=1'</script>");

 		// Go back to main page
 		header("Location: /main.php?successpassword=1");
 		exit();
 	}
	<?php
	require '../credentials.php';
	require 'utils.php';
	require (dirname(__FILE__)."/security.php");

	Security::checkIsSignedIn();

	$credentials = new Credentials();
	$usersdb = $credentials->usersdb();

	date_default_timezone_set("Europe/Madrid");

	// Check if confirmation is the same
	if ($_POST['password'] != $_POST['confirmation']) {
	header("Location: /main.php?wrongconfirmation=1");
	exit();
	} else if ($_POST['password'] == '') {
	header("Location: /main.php");
	exit();
	} else {
	// Execute query to change password
	$spassword = mysqli_real_escape_string($conn, password_hash($_POST["password"], PASSWORD_DEFAULT));
	$update_password = "UPDATE $usersdb SET password=\"".$spassword."\" WHERE id=".(int)$_SESSION['id'];
	if(!$result = query($update_password)) die("<script>window.location.href = '../main.php?errordb=1'</script>");

	// Go back to main page
	header("Location: /main.php?successpassword=1");
	exit();
	}