Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- $user="root";
- $password="ascent";
- $database="tlogon";
- $host="localhost";
- function EchoForm()
- {
- echo '<form action="passreset.php" method="POST">
- Username: <input name="login" type="text" /><br />
- Old Password: <input name="oldpass" type="password" /><br />
- New Password: <input name="newpass[]" type="password" /><br />
- Repeat New Password: <input name="newpass[]" type="password" /><br />
- <input type="hidden" value="1" name="issent" />
- <input type="submit" value="Change Password" name="submit" />
- </form>';
- }
- if(!$_POST["issent"])
- {
- EchoForm();
- return;
- }
- if($_POST["issent"] == "1" && (!$_POST["login"] || !$_POST["oldpass"] || !$_POST["newpass"]))
- {
- echo "Missing info.<br />";
- EchoForm();
- return;
- }
- if($_POST["newpass"][0] != $_POST["newpass"][1])
- {
- echo "New password doesn't match both fields.<br />";
- EchoForm();
- return;
- }
- //Time to connect
- mysql_connect($host,$user,$password);
- @mysql_select_db($database) or die( "Unable to select database");
- $login = mysql_real_escape_string($_POST["login"]);
- $fopass = mysql_real_escape_string($_POST["oldpass"]);
- $apass = mysql_real_escape_string($_POST["newpass"][0]);
- $query = "SELECT `password` FROM `accounts` WHERE `login` = '$login';";
- $result = mysql_query($query);
- if($row = mysql_fetch_array($result))
- {
- $opass = $row[0];
- if($opass != $fopass)
- {
- echo "Password incorrect.<br />";
- mysql_close();
- EchoForm();
- return;
- }
- mysql_query("UPDATE `accounts` SET `password` = '$fopass' WHERE `login` = '$login';");
- echo "Password changed successfully.<br />Please allow up to 5 minutes for the server to update with the change.<br />";
- return;
- }
- else
- {
- echo "Username not found.<br />";
- EchoForm();
- return;
- }
- mysql_close();
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
