Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- class faggots
- {
- public function escape($str)
- {
- $s = array("\\","\0","\n","\r","\x1a","'",'"');
- $r = array("\\\\","\\0","\\n","\\r","\Z","\'",'\"');
- return str_replace($s, $r, $str);
- }
- public function prot($data)
- {
- $data = trim(htmlentities(strip_tags($data)));
- if(get_magic_quotes_gpc())
- {
- $data = stripslashes($data);
- }
- $data = $this->escape($data);
- return $data;
- }
- }
- $host = '\SQLEXPRESS';
- $usr = 'as';
- $pwd = '';
- $db = 'account_dbf';
- $salt = 'serus';
- if(isset($_POST['submit'])):
- if(!isset($_POST['username']))
- {
- die("Please input your username");
- }else if(!isset($_POST['password']))
- {
- die("Please enter your password");
- }else
- {
- $con = mssql_connect($host, $usr, $pwd) or die("Could not connect to the database");
- $db = mssql_select_db($db, $con) or die("Could not select database");
- $core = new faggots;
- $username = $core->prot($_POST['username']);
- $password = $core->prot($_POST['password']);
- $password = md5($salt . $password);
- $query = mssql_query('UPDATE `account_tbl` SET password="' . $password . '" WHERE account="' . $username . '"');
- if($query)
- {
- echo "Password has been sucessfully updated!";
- }else
- {
- echo "Something went wrong under execution.";
- }
- }
- endif;
- ?>
- <form method="post">
- <table border="0">
- <tr><td>Username</td><td><input type="text" name="username" value="" /></td></tr>
- <tr><td>New password</td><td><input type="password" name="password" value="" accept="" /></td></tr>
- <tr><td></td><td><input type="submit" name="submit" value="Change Password" /></td></tr>
- </table>
- </form>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement