Gitiles
Code Review Sign In
gerrit.avm99963.com / edu / fisi-pastanagapp / 03d030d510773ff627c0532009fb8782682a1517 / . / php / change_password.php
blob: 315d08e9f038cb96010406088fd8ef343cdcd791 [file] [log] [blame]
Andreu20cbd1d2019-09-22 00:00:57 +0200[diff] [blame]1<?php
Andreu2457e402019-09-22 00:52:41 +0200[diff] [blame]2 require '../credentials.php';
Andreu20cbd1d2019-09-22 00:00:57 +0200[diff] [blame]3 require 'utils.php';
4
Andreu20af6c22019-09-24 18:33:50 +0200[diff] [blame]5 $credentials = new Credentials();
6 $usersdb = $credentials->usersdb;
7 $mortsdb = $credentials->mortsdb;
8
Andreu03d030d2019-09-25 21:52:01 +0200[diff] [blame^]9 date_default_timezone_set("Europe/Berlin");
10
Andreu20cbd1d2019-09-22 00:00:57 +0200[diff] [blame]11 // Check if confirmation is the same
12 if ($_POST['password'] != $_POST['confirmation']) {
Andreu03d030d2019-09-25 21:52:01 +0200[diff] [blame^]13 die("<script>window.location.href = '../main.php?wrongconfirmation=1'</script>");
Andreu20cbd1d2019-09-22 00:00:57 +0200[diff] [blame]14 } else {
15 // Execute query to change password
Andreu20af6c22019-09-24 18:33:50 +0200[diff] [blame]16 $update_password = "UPDATE $usersdb SET password=\"".md5($_POST['password'])."\" WHERE id=".$_POST['userid'];
Andreu03d030d2019-09-25 21:52:01 +0200[diff] [blame^]17 if(!$result = query($update_password)) die("<script>window.location.href = '../main.php?errordb=1'</script>");
Andreu20cbd1d2019-09-22 00:00:57 +0200[diff] [blame]18
19 // Save 'password' to cookies
20 setcookie('password', md5($_POST['password']), time() + (86400 * 10), "/");
21
22 // Go back to main page
Andreu03d030d2019-09-25 21:52:01 +0200[diff] [blame^]23 die("<script>window.location.href = '../main.php?successpassword=1'</script>");
Andreu20cbd1d2019-09-22 00:00:57 +0200[diff] [blame]24 }
25?>