Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- $nuser = mysql_real_escape_string($_POST['login']); // 'login' is name from the html form
- $npass = $_POST['password']; // 'password' is name from the html form
- $nnewpass = $_POST['newpassword']; // 'newpassword' is name from the html form
- $nconfirmpass = $_POST['confirmnewpassword']; // 'confirmnewpassword' is name from the html form
- $username = strtoupper($nuser);
- $password = sha1($username .":". strtoupper($npass));
- $newpassword = sha1($username .":". strtoupper($nnewpass));
- $confirmpass = sha1($username .":". strtoupper($nconfirmpass));
- $result = mysql_query("SELECT sha_pass_hash FROM account WHERE username='{$username}'");
- //echo($password.", ".$username.", ".mysql_result($result, 0));
- if(!$result)
- {
- echo "<p>The username you entered does not exist, try again.</p>";
- }
- else if($password != mysql_result($result, 0))
- {
- echo "<p>Please retry your password.</p>";
- }
- else if($newpassword == $confirmpass)
- $sql=mysql_query("UPDATE account SET sha_pass_hash='{$newpassword}', v = NULL, s = NULL where username='{$username}'");
- if($sql)
- {
- echo "<p>Congratulations you have successfully changed your password!</p>";
- }
- else
- {
- echo "<p>Please retry your password</p>";
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement