Gitiles
Code Review Sign In
gerrit.avm99963.com / edu / fisi-pastanagapp / 13cf0cd109772eabd750d4d0bf322beb19e3bc12 / . / php / change_password.php
blob: 50eb9c1fcaee9f7ba8643a431dc2a1fdb104d85b [file] [log] [blame]
Andreu20cbd1d2019-09-22 00:00:57 +0200[diff] [blame]1<?php
Andreu2457e402019-09-22 00:52:41 +0200[diff] [blame]2 require '../credentials.php';
Andreu20cbd1d2019-09-22 00:00:57 +0200[diff] [blame]3 require 'utils.php';
4
Andreu20af6c22019-09-24 18:33:50 +0200[diff] [blame]5 $credentials = new Credentials();
6 $usersdb = $credentials->usersdb;
Andreu20af6c22019-09-24 18:33:50 +0200[diff] [blame]7
Adrià Vilanova Martínezd3394e12022-11-19 15:45:58 +0100[diff] [blame]8 date_default_timezone_set("Europe/Madrid");
Andreu03d030d2019-09-25 21:52:01 +0200[diff] [blame]9
Andreu20cbd1d2019-09-22 00:00:57 +0200[diff] [blame]10 // Check if confirmation is the same
11 if ($_POST['password'] != $_POST['confirmation']) {
Adrià Vilanova Martínez13cf0cd2022-11-20 01:02:20 +0100[diff] [blame^]12 header("Location: /main.php?wrongconfirmation=1");
13 exit();
Andreu20cbd1d2019-09-22 00:00:57 +0200[diff] [blame]14 } else {
15 // Execute query to change password
Adrià Vilanova Martínez13cf0cd2022-11-20 01:02:20 +0100[diff] [blame^]16 $spassword = mysqli_real_escape_string($conn, password_hash($_POST["password"], PASSWORD_DEFAULT));
17 $update_password = "UPDATE $usersdb SET password=\"".$spassword."\" WHERE id=".(int)$_POST['userid'];
Andreu03d030d2019-09-25 21:52:01 +0200[diff] [blame]18 if(!$result = query($update_password)) die("<script>window.location.href = '../main.php?errordb=1'</script>");
Andreu20cbd1d2019-09-22 00:00:57 +0200[diff] [blame]19
Adrià Vilanova Martínez13cf0cd2022-11-20 01:02:20 +0100[diff] [blame^]20 // Sign in
21 $_SESSION["id"] = (int)$_POST['userid'];
Andreu20cbd1d2019-09-22 00:00:57 +0200[diff] [blame]22
23 // Go back to main page
Adrià Vilanova Martínez13cf0cd2022-11-20 01:02:20 +0100[diff] [blame^]24 header("Location: /main.php?successpassword=1");
25 exit();
Andreu20cbd1d2019-09-22 00:00:57 +0200[diff] [blame]26 }