Gitiles
Code Review Sign In
gerrit.avm99963.com / edu / fisi-pastanagapp / d3394e1accae91a2624805e4b08012483d99341f / . / php / change_password.php
blob: 819d3887cdf9b9c82b9c51bb2d82dc805a199bbd [file] [log] [blame]
Andreu20cbd1d2019-09-22 00:00:57 +0200[diff] [blame]1<?php
Andreu2457e402019-09-22 00:52:41 +0200[diff] [blame]2 require '../credentials.php';
Andreu20cbd1d2019-09-22 00:00:57 +0200[diff] [blame]3 require 'utils.php';
4
Andreu20af6c22019-09-24 18:33:50 +0200[diff] [blame]5 $credentials = new Credentials();
6 $usersdb = $credentials->usersdb;
7 $mortsdb = $credentials->mortsdb;
8
Adrià Vilanova Martínezd3394e12022-11-19 15:45:58 +0100[diff] [blame^]9 date_default_timezone_set("Europe/Madrid");
Andreu03d030d2019-09-25 21:52:01 +0200[diff] [blame]10
Andreu20cbd1d2019-09-22 00:00:57 +0200[diff] [blame]11 // Check if confirmation is the same
12 if ($_POST['password'] != $_POST['confirmation']) {
Andreu03d030d2019-09-25 21:52:01 +0200[diff] [blame]13 die("<script>window.location.href = '../main.php?wrongconfirmation=1'</script>");
Andreu20cbd1d2019-09-22 00:00:57 +0200[diff] [blame]14 } else {
15 // Execute query to change password
Andreu20af6c22019-09-24 18:33:50 +0200[diff] [blame]16 $update_password = "UPDATE $usersdb SET password=\"".md5($_POST['password'])."\" WHERE id=".$_POST['userid'];
Andreu03d030d2019-09-25 21:52:01 +0200[diff] [blame]17 if(!$result = query($update_password)) die("<script>window.location.href = '../main.php?errordb=1'</script>");
Andreu20cbd1d2019-09-22 00:00:57 +0200[diff] [blame]18
19 // Save 'password' to cookies
20 setcookie('password', md5($_POST['password']), time() + (86400 * 10), "/");
21
22 // Go back to main page
Andreu03d030d2019-09-25 21:52:01 +0200[diff] [blame]23 die("<script>window.location.href = '../main.php?successpassword=1'</script>");
Andreu20cbd1d2019-09-22 00:00:57 +0200[diff] [blame]24 }
25?>