Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_start();
- ?>
- <html>
- <body>
- <div style="margin:0 auto" align=center>
- <form>
- Username:<br>
- <input type="text" name="username"><br>
- Current Password:<br>
- <input type="password" name="password"><br>
- New Password:<br>
- <input type="password" name="newpassword"><br>
- Confirm Password:<br>
- <input type="password" name="confirmnewpassword"><br>
- <br>
- <input type="submit" name="submit" value="Submit" />
- </form>
- <?php
- $dbhost = "*****";
- $dbname = "*****";
- $dbuser = "*****";
- $dbpass = "*****";
- //Connect to database
- $connect= mysql_connect ("$dbhost","$dbuser","$dbpass")or die("Could not connect: ".mysql_error());
- mysql_select_db("$dbname") or die(mysql_error());
- if(isset($_POST['submit']))
- $username = $_POST['username'];
- $password = md5($_POST['password']);
- $newpassword = md5($_POST['newpassword']);
- $confirmnewpassword = md5($_POST['confirmnewpassword']);
- $result = mysql_query("SELECT password FROM accounts WHERE username='$username'");
- $row = mysql_fetch_assoc($result);
- $passworddb = $row['passoword']; //password from Data Base
- if(!$result)
- {
- echo "The username you entered does not exist";
- }
- if($password==$passworddb){
- if($newpassword==$confirmnewpassword){
- $sql=mysql_query("UPDATE accounts SET password='$newpassword' where username='$username'");
- ?> <script>
- alert('Password changed!');
- window.location.href='change_password.php';
- </script> <?php
- }
- else{
- ?> <script>
- alert('Error, new password and confirm password must be the same');
- window.location.href='change_password.php';
- </script> <?php
- }
- }
- ?>
- </body>
- </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement