<?php include("configs.php");function shitChecker($str){ $var = pr

1. <?php  
2. include("configs.php");
3.  
4. function shitChecker($str)
5. {
6.     $var = preg_match('/[^a-zA-Z]/', $str);
7.     return $var;
8. }
9. function shitCheckerNum($str)
10. {
11.   $var = preg_match('/[^a-zA-Z0-9]/', $str);
12.   return $var;
13. }
14.  
15. if(isset($_POST['submit']))
16. {
17.     //Get all the user inputs
18.     $account = $_POST['account'];
19.     $passwordOlds = $_POST['passwordOld'];
20.     $passwordNews = $_POST['passwordNew'];
21.     $passwordNew1s = $_POST['passwordNew1'];
22. $aDatabase = "marastrealm";
23.     //Connect to  database
24.  $conn = mysql_connect("$serveraddress", "$serveruser", "$serverpass")or die("Couldn't connect to database");
25.     mysql_select_db($aDatabase) or die(mysql_error());
26.  
27.     //Remove bullshit from the user inputs(Sorta pointless as i use regex in a second...
28.     $passwordOld = sha1($_POST['passwordOld']);
29.     $passwordNew = sha1($_POST['passwordNew']);
30.     $passwordNew1 = sha1($_POST['passwordNew1']);
31.  
32.  
33.     //Get acct num from db
34.     $query = "SELECT * FROM account WHERE username = '".$_SESSION['username']."' AND sha_pass_hash = '".$passwordOld."'";
35.  
36.     $result = mysql_query($query) or die(mysql_error());
37.     $numrows = mysql_num_rows($result);
38.  
39.     echo "<tr><td align=center>";
40.  
41.     //If no rows, means invalid user/pass, die.
42.     if($numrows == 0)
43.     {
44.         echo "".$passwordOld."<br>";
45.         die("Invalid username/password!");
46.     }
47.  
48.     //Change pass to new password
49.     $query = "UPDATE account SET sha_pass_hash = '".$passwordNew."' WHERE username = '".$account."'";
50.     $result = mysql_query($query) or die(mysql_error());
51.  
52.     echo "Password for account '".$account."' successfully changed!";
53.  
54.     echo "</td></tr>";
55.  
56.     //close mysql connection
57.     mysql_close();
58. }
59. else
60. {
61.     echo "<form name=myform method=post action=#>";
62.     echo "<table>";
63.     echo "<tr><td colspan=2 align=center><font size=4>Změna Hesla</td></tr>";
64.     echo "<tr><td width=125>Account Name: </td><td><input type='text' disabled='disabled' id='oldPassword' name='account' value='".strtolower($_SESSION['username'])."' class=' input border-5 glow-shadow-2
65. ' maxlength='16' tabindex='1' /></td></tr>";
66.     echo "<tr><td width=125>Old-Password: </td><td><input type='text' id='oldPassword' name='passwordOld' value='' class=' input border-5 glow-shadow-2
67. ' maxlength='16' tabindex='1' /></td></tr>";
68.     echo "<tr><td width=125>New-Password: </td><td><input type='text' id='oldPassword' name='passwordNew' value='' class=' input border-5 glow-shadow-2
69. ' maxlength='16' tabindex='1' /></td></tr>";
70.     echo "<tr><td width=125>Re-Enter: </td><td><input type='text' id='oldPassword' name='passwordNew1' value='' class=' input border-5 glow-shadow-2
71. ' maxlength='16' tabindex='1' /></td></tr></td></tr>";
72.     echo "<tr><td><br></td><td><button
73. class='ui-button button1 enabled'
74. type='submit'
75. name='submit'
76. id='settings-submit'
77. value='Change my password!'
78. tabindex='1'>
79. <span>
80. <span>Pokračovat</span>
81. </span>
82. </button></td></tr></table>";
83.     echo "</form>";
84. }
85. ?>