Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- // configuration
- require("../includes/config.php");
- if ($_SERVER["REQUEST_METHOD"] == "POST")
- {
- //TODO
- if (empty($_POST["password"]))
- {
- apologize("You must provide your password.");
- }
- else if (empty($_POST["new password"]))
- {
- apologize("You must provide your new password.");
- }
- else if ($_POST["new password"] != $_POST["confirmation"])
- {
- apologize("Invalid username and/or password.");
- }
- $info = query("SELECT * FROM users WHERE id = ?",$_SESSION['id']);
- // if password does not match hash
- if (crypt($_POST["password"],$info[0]["hash"] == $info[0]["hash"] ))
- {
- // query INSERT new hash
- query("UPDATE users SET hash = ? WHERE id = ?",$_POST["new password"],$_SESSION['id']);
- }
- // else
- else
- {
- apologize("INVALID PASSWORD");
- }
- }
- else
- {
- render("change_form.php", [ "title" => "change password"]);
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement