Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- include("php-cont.php");
- session_start();
- $user = $_SESSION['username'];
- if($user)
- {
- if($_POST['submit'])
- {
- $oldpassword = md5($_POST['oldpassword']);
- $newpassword = $_POST['newpassword'];
- $repeatnewpassword = $_POST['repeatnewpassword'];
- $queryget = mysql_query("SELECT password FROM users WHERE username='$user'") or die("Query didn't work!");
- $row = mysql_fetch_assoc($queryget);
- $oldpassworddb = $row['password'];
- if($oldpassword == $oldpassworddb)
- {
- if($newpassword == $repeatnewpassword)
- {
- if(strlen($newpassword) >= 6 && strlen($newpassword) <= 25 )
- {
- // Hash the password
- $newpassword = md5($_POST['newpassword']);
- $repeatnewpassword = md5($_POST['repeatnewpassword']);
- // Upload the new password into the database
- $querychange = mysql_query("UPDATE users SET password='$newpassword' WHERE username='$user'");
- session_destroy();
- // Let them know their password has changed
- die("Your password has been changed. <a href='index.php'> Return </a> to main page.");
- }
- else
- {
- echo("Your password must be between 6 and 25 characters");
- }
- }
- else
- die("New passwords didn't match!");
- }
- else
- die("Old password doesn't match!");
- }
- else
- {
- echo("
- <form action='changepassword.php' method='POST'>
- Old password: <input type='password' name='oldpassword'><p>
- New Password: <input type='password' name='newpassword'><br>
- Repeat New Password: <input type='password' name='repeatnewpassword'><br>
- <input type='submit' name='submit' value='Change Password'>
- </form>
- ");
- }
- }
- else
- die("You must be logged in to change your password");
- ?>
Add Comment
Please, Sign In to add comment