<?phpif( isset( $_GET[ 'Change' ] ) ) { // Check Anti-CSRF token checkTo

1. <?php
2.  
3. if( isset( $_GET[ 'Change' ] ) ) {
4. // Check Anti-CSRF token
5. checkToken( $_REQUEST[ 'user_token' ], $_SESSION[ 'session_token' ], 'index.php' );
6.  
7. // Get input
8. $pass_curr = $_GET[ 'password_current' ];
9. $pass_new = $_GET[ 'password_new' ];
10. $pass_conf = $_GET[ 'password_conf' ];
11.  
12. // Sanitise current password input
13. $pass_curr = stripslashes( $pass_curr );
14. $pass_curr = mysql_real_escape_string( $pass_curr );
15. $pass_curr = md5( $pass_curr );
16.  
17. // Check that the current password is correct
18. $data = $db->prepare( 'SELECT password FROM users WHERE user = (:user) AND password = (:password) LIMIT 1;' );
19. $data->bindParam( ':user', dvwaCurrentUser(), PDO::PARAM_STR );
20. $data->bindParam( ':password', $pass_curr, PDO::PARAM_STR );
21. $data->execute();
22.  
23. // Do both new passwords match and does the current password match the user?
24. if( ( $pass_new == $pass_conf ) && ( $data->rowCount() == 1 ) ) {
25. // It does!
26. $pass_new = stripslashes( $pass_new );
27. $pass_new = mysql_real_escape_string( $pass_new );
28. $pass_new = md5( $pass_new );
29.  
30. // Update database with new password
31. $data = $db->prepare( 'UPDATE users SET password = (:password) WHERE user = (:user);' );
32. $data->bindParam( ':password', $pass_new, PDO::PARAM_STR );
33. $data->bindParam( ':user', dvwaCurrentUser(), PDO::PARAM_STR );
34. $data->execute();
35.  
36. // Feedback for the user
37. $html .= "<pre>Password Changed.</pre>";
38. }
39. else {
40. // Issue with passwords matching
41. $html .= "<pre>Passwords did not match or current password incorrect.</pre>";
42. }
43. }
44.  
45. // Generate Anti-CSRF token
46. generateSessionToken();
47.  
48. ?>