Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- /*
- Feel free to alter or change the layout in any manner you see fit.
- I'd appreciate it if you left the 'Made by Bellatrix' line though.
- */
- echo "<link href='style.css' type='text/css' rel='stylesheet'>";
- echo "<html><body>";
- echo "<center><table>";
- echo "<tr><td colspan=2 align=center><img src='../images/changepass.jpg'></td></tr>";
- //include_once "./config/configc.php";
- //global $aHost, $aDatabase, $aPort, $aUsername, $aPass, $cHost, $cDatabase, $cPort, $cUsername, $cPass;
- $aHost = "localhost";
- $aDatabase = "azian";
- $aPort = "3307";
- $aUsername = "root";
- $aPass = "usbw";
- function shitChecker($str)
- {
- $var = preg_match('/[^a-zA-Z]/', $str);
- return $var;
- }
- function shitCheckerNum($str)
- {
- $var = preg_match('/[^a-zA-Z0-9]/', $str);
- return $var;
- }
- if(isset($_POST['submit']))
- {
- //Get all the user inputs
- $account = $_POST['account'];
- $passwordOld = $_POST['passwordOld'];
- $passwordNew = $_POST['passwordNew'];
- $passwordNew1 = $_POST['passwordNew1'];
- // $passkey=$_GET['passkey'];
- //Connect to accounts database
- $con = mysql_connect($aHost.":".$aPort, $aUsername, $aPass) or die(mysql_error());
- mysql_select_db($aDatabase) or die(mysql_error());
- //Remove bullshit from the user inputs(Sorta pointless as i use regex in a second...
- $account = mysql_real_escape_string(html_entity_decode(htmlentities($account)));
- $passwordOld = mysql_real_escape_string(html_entity_decode(htmlentities($passwordOld)));
- $passwordNew = mysql_real_escape_string(html_entity_decode(htmlentities($passwordNew)));
- $passwordNew1 = mysql_real_escape_string(html_entity_decode(htmlentities($passwordNew1)));
- //Die if account contains non-alphanumeric characters
- if(shitCheckerNum($account) == 1)
- {
- die("Error: Account contains invalid characters!");
- }
- //Die if old password contains non-alphanumeric characters
- elseif(shitCheckerNum($passwordOld) == 1)
- {
- die("Error: Password contains invalid characters!");
- }
- //Die if new password contains non-alphanumeric characters
- elseif(shitCheckerNum($passwordNew) == 1)
- {
- die("Error: New password contains invalid characters!");
- }
- //Die if new password(confirm) contains non-alphanumeric characters
- elseif(shitCheckerNum($passwordNew1) == 1)
- {
- die("Error: New password contains invalid characters!");
- }
- //If new pass and new pass(confirm) dont match, die.
- if($passwordNew != $passwordNew1)
- {
- die("New password fields must match!");
- }
- //Get acct num from db
- $query = "SELECT acct FROM accounts WHERE login = '".$account."' AND password = '".$passwordOld."'";
- $result = mysql_query($query) or die(mysql_error());
- $numrows = mysql_num_rows($result);
- echo "<tr><td align=center>";
- //If no rows, means invalid user/pass, die.
- if($numrows == 0)
- {
- die("Invalid username/password!");
- }
- //Change pass to new password
- $query = "UPDATE accounts SET password = '".$passwordNew."' WHERE login = '".$account."'";
- $result = mysql_query($query) or die(mysql_error());
- echo "Password for account '".$account."' successfully changed!";
- echo "</td></tr>";
- //close mysql connection
- mysql_close();
- }
- else
- {
- echo "<form name=myform method=post action=passchanger.php>";
- echo "<tr><td colspan=2 align=center><font size=4>Change Account Password</td></tr>";
- echo "<tr><td width=125>Account Name: </td><td><input type=text name=account value=''></td></tr>";
- echo "<tr><td width=125>Old-Password: </td><td><input type=password name=passwordOld value=''></td></tr>";
- echo "<tr><td width=125>New-Password: </td><td><input type=password name=passwordNew value=''></td></tr>";
- echo "<tr><td width=125>Re-Enter: </td><td><input type=password name=passwordNew1 value=''></td></tr>";
- echo "<tr><td colspan=2 align=center><br><input type=submit name=submit value=Submit></td></tr>";
- echo "</form>";
- }
- echo "</table></center>";
- echo "Made by Bellatrix";
- echo "<br>You MUST be offline to use this!";
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement