-
Notifications
You must be signed in to change notification settings - Fork 3
/
Change-Pass.php
104 lines (72 loc) · 2.12 KB
/
Change-Pass.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
<?php
session_start();
include("config.php");
if (isset($_POST['change-password']))
{
$user_id = $_SESSION['id'];
$current_password = get_CurrentPassword($user_id);
$data_By_User = $_POST['old-password'];
$new_password = $_POST['new-password'];
$retype_password = $_POST['retype-password'];
$function_output = strcmp($current_password, md5($data_By_User));
$function_output_2 = strcmp($new_password, $retype_password);
$function_output_3 = strcmp($current_password, md5($new_password));
if($function_output == 0)
{
if($function_output_3 == 0)
{
header('location: edit-profile.php?error_message=You Can"t Use Old Password as your new password');
exit();
}
else
{
if($function_output_2 == 0)
{
Update_Password($new_password, $user_id);
}
else
{
header('location: edit-profile.php?error_message=Retype Correctly New Password');
exit();
}
}
}
else
{
header('location: edit-profile.php?error_message=Old Password You Entered Incorrect');
exit();
}
}
function Update_Password($new_password, $user_id)
{
include 'config.php';
$secure_password = md5($new_password);
$SQL = "UPDATE users SET PASSWORD_S = '$secure_password' WHERE User_ID = $user_id;";
$stmt = $conn->prepare($SQL);
if ($stmt->execute()) {
header('location: edit-profile.php?success_message=Password Change Successfully');
exit;
} else {
header('location: edit-profile.php?error_message=Problem With Password Change Process');
exit();
}
$conn->close();
}
function get_CurrentPassword($User_ID)
{
include 'config.php';
$SQL = "SELECT * FROM users WHERE User_ID = $User_ID;";
$result = $conn->query($SQL);
if ($result->num_rows > 0)
{
while($row = $result->fetch_assoc())
{
$password = $row["PASSWORD_S"];
return $password;
}
}else
{
return 0;
}
$conn->close();
}