usereditconfirm

1. <?php include_once("../connect.php") ?>
2. <?php include("header.php") ?>
3.  
4. <body>
5. <?php include("top.php") ?>
6.  
7. <section class="content">
8. <div class="admin-wrap">
9. <?php
10. $valid = false;
11. $username = $_POST["username"];
12. $passwordold = $_POST["passwordold"];
13. $passwordnew = $_POST["passwordnew"];
14. $passwordnewconfirm = $_POST["passwordnewconfirm"];
15. $stmt = $conn->prepare("SELECT * FROM users WHERE Username='$username'");
16. $stmt->execute();
17. $results = $stmt->fetchall();
18. foreach ($results as $row) {
19. if ($username == $row['username'] and $passwordnew == $row['password']) {
20. echo "<h2>Nieuwe wachtwoord moet anders zijn dat het oude wachtwoord.</h2>
21. <a href='users.php'>
22. <button class='form-button' type='button'>
23. Terug
24. </button>
25. </a> ";
26. }
27. if ($username == $row['username'] and $passwordold == $row['password']) {
28. $valid = true;
29. }
30. else{
31. echo "<h2>Oude wachtwoord is niet correct.</h2>
32. <a href='users.php'>
33. <button class='form-button' type='button'>
34. Terug
35. </button>
36. </a> ";
37. }
38. }
39. if ($valid == true) {
40. if ($passwordnew != $passwordnewconfirm) {
41. echo "<h2>Nieuwe wachtwoord komt niet overeen</h2>
42. <a href='users.php'>
43. <button class='form-button' type='button'>
44. Terug
45. </button>
46. </a> ";
47. }
48. else {
49. $sql = "UPDATE users SET password = :password WHERE username = :username";
50. $stmt = $conn->prepare($sql);
51. $stmt->bindValue(":password", $passwordnew);
52. $stmt->bindValue(":username", $username);
53. $stmt->execute();
54.  
55. echo "<h2>Wachtoowrd aangepast naar $passwordnew<br> </h2>
56. <a href='users.php'>
57. <button class='form-button' type='button'>
58. Terug
59. </button>
60. </a> ";
61. }
62. }
63.  
64.  
65.  
66.  
67. ?>
68.  
69. </div>
70. </section>
71. </body>
72. </html>