API tools faq
paste
Guest User

Old pass change

a guest
Feb 20th, 2015
406
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 5.70 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2.  
  3.  
  4. include_once("php_includes/check_login_status.php");
  5.  
  6. // Initialize any variables that the page might echo
  7. $u = "";
  8. $sex = "Male";
  9. $userlevel = "";
  10. $country = "";
  11. $joindate = "";
  12. $lastsession = "";
  13. $password = "";
  14. // Make sure the _GET username is set, and sanitize it
  15. if(isset($_GET["u"])){
  16.     $u = preg_replace('#[^a-z0-9]#i', '', $_GET['u']);
  17. } else {
  18.     header("location: settings.php?u=".$_SESSION["username"]);
  19.     exit();
  20. }
  21.  
  22. // Select the member from the users table
  23. $sql = "SELECT * FROM users WHERE username='$u' AND activated='1' LIMIT 1";
  24. $user_query = mysqli_query($db_conx, $sql);
  25. // Now make sure that user exists in the table
  26. $numrows = mysqli_num_rows($user_query);
  27. if($numrows < 1){
  28.     echo "That user does not exist or is not yet activated, press back";
  29.    
  30.     exit();
  31. }
  32. // Check to see if the viewer is the account owner
  33. $isOwner = "no";
  34. if($u == $log_username && $user_ok == true){
  35.     $isOwner = "yes";
  36. }
  37. // Fetch the user row from the query above
  38. while ($row = mysqli_fetch_array($user_query, MYSQLI_ASSOC)) {
  39.     $profile_id = $row["id"];
  40.     $gender = $row["gender"];
  41.     $country = $row["country"];
  42.     $userlevel = $row["userlevel"];
  43.     $signup = $row["signup"];
  44.     $lastlogin = $row["lastlogin"];
  45.     $joindate = strftime("%b %d, %Y", strtotime($signup));
  46.     $lastsession = strftime("%b %d, %Y", strtotime($lastlogin));
  47.     $password = $row["password"];
  48.     if($gender == "f"){
  49.         $sex = "Female";
  50.     }
  51. }
  52. ?>
  53.  
  54. <!doctype html>
  55.     <head>
  56.         <meta charset="utf-8">
  57.         <meta http-equiv="X-UA-Compatible" content="IE=edge">
  58.         <meta name="robots" content="index, follow">
  59.        
  60.         <meta name="viewport" content="width=device-width, initial-scale=1.0">
  61.         <link href="css/bootstrap.css" rel="stylesheet" media="screen" type="text/css">
  62.         <link href="css/custom.css" rel="stylesheet" type="text/css">
  63.         <link href="css/bootstrap-min.css" rel="stylesheet" media="screen" type="text/css">
  64.         <script src="js/main.js"></script>
  65.         <title>KZ|Language exchange</title>
  66.     </head>
  67.     <body>
  68.     <div id="custom-bootstrap-menu" class="navbar navbar-default navbar-fixed-top" role="navigation">
  69.     <div class="container-fluid">
  70.         <div class="navbar-header"><a class="navbar-brand" href="#">Brand</a>
  71.             <button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".navbar-menubuilder"><span class="sr-only">Toggle navigation</span><span class="icon-bar"></span><span class="icon-bar"></span><span class="icon-bar"></span>
  72.             </button>
  73.         </div>
  74.         <div class="collapse navbar-collapse navbar-menubuilder">
  75.             <ul class="nav navbar-nav navbar-left">
  76.                 <li><a href="index.php">Home</a>
  77.                 </li>
  78.                 <li><a href="user.php">Profile</a>
  79.                 </li>
  80.                 <li><a href="settings.php">Settings</a>
  81.                 </li>
  82.                
  83.             </ul>
  84.             <ul class="nav navbar-nav navbar-right">
  85.                
  86.                 <li><?php
  87.         if ($isOwner == "yes") {?>
  88.        
  89.         <a class="navbar-brand" href="logout.php" style="border-left: 1px solid; padding-left: 10px;">Logout</a>
  90.         <?php
  91.         }
  92.         ?>
  93.                 </li>
  94.             </ul>
  95.         </div>
  96.     </div>
  97. </div>
  98.  
  99.  
  100.    
  101. <div class="container">
  102.  
  103.     <div class="row-fluid">
  104.    
  105.         <div class="col-md-9">
  106.        
  107.        
  108.   <h3><?php echo $u; ?></h3>
  109.   <p>Is the viewer the page owner, logged in and verified? <b><?php echo $isOwner; ?></b></p>
  110.   <p>Gender: <?php echo $sex; ?></p>
  111.   <p>Country: <?php echo $country; ?></p>
  112.   <p>User Level: <?php echo $userlevel; ?></p>
  113.   <p>Join Date: <?php echo $joindate; ?></p>
  114.   <p>Last Session: <?php echo $lastsession; ?></p>
  115.   <p>Password: <?php echo $password; ?></p>
  116.   <p>Password: <?php echo $_SESSION['userid'];?>
  117.                 <?php echo $_SESSION['username'];?>
  118.                 <?php echo $_SESSION['password']; ?></p>
  119.  
  120.  
  121.   <?php
  122.   // i need to make sure that $isOwner = "yes"; so only logged in users see the form and can change the password
  123.   if (isset($_POST["submit"]) &&($isOwner == "yes") && ($user_ok == true)) {
  124.     $password = md5($_POST["password"]);
  125.            
  126.     $sql = "UPDATE users SET `password`='$password' WHERE username='$u'";
  127.   }
  128.     if(isset($_SESSION['userid'])){session_regenerate_id();}
  129.     $db_id = $_SESSION['userid'];
  130.             $db_username = $_SESSION['username'];
  131.             $db_pass_str = $password;
  132.             setcookie("id", $db_id, strtotime( '+30 days' ), "/", "", "", TRUE);
  133.             setcookie("user", $db_username, strtotime( '+30 days' ), "/", "", "", TRUE);
  134.             setcookie("pass", $db_pass_str, strtotime( '+30 days' ), "/", "", "", TRUE);
  135.            
  136.     if (mysqli_query($db_conx, $sql)) {
  137.     echo "Record updated successfully";
  138.     $_SESSION['password'] = $password;
  139. } else {
  140.     echo "Error updating record: " . mysqli_error($db_conx);
  141. }
  142.  
  143.  
  144.  
  145.   ?>
  146.  
  147. <h3>Create new password</h3>
  148.   <form action="" method="post">
  149.     <div>Current Password</div>
  150.     <input type="text" class="form-control" id="password" name="password" >    
  151.     <input type="submit" name="submit" value="Submit">
  152.     <p id="status" ></p>
  153.   </form>
  154.  
  155.  
  156.         </div>
  157.        
  158.     <div class="col-md-3">
  159.         <div class="loginbox">
  160.             <?php
  161.                 if ($isOwner === "yes") {?>
  162.                 <h3>Welcome <?php echo $u; ?>!</h3>
  163.                
  164.                 <?php
  165.                 if ($isOwner == "yes") {?>
  166.                
  167.                 <p>Last online: <?php echo $lastsession;?> </p>
  168.                 <br /><br />
  169.                 <?php
  170.                 }
  171.                 ?>
  172.                 <button class="btn btn-default" href="logout.php">Log Out</button>
  173.                 <?php
  174.                 }
  175.                 ?>
  176.                
  177.                 </div>
  178.             </div>
  179.         </div>
  180.    
  181. </div>
  182.  
  183.    
  184. <script src="https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js"></script>
  185. <script src="js/bootstrap.min.js"></script>
  186. <script src="js/main.js"></script>
  187. <script src="js/ajax.js"></script>
  188.  
  189.     </body>
  190.    
  191. <?php
  192.  
  193. include 'php_includes/footer.php';
  194.  
  195. ?>
  196. </html>
Advertisement
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!