Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <html>
- <body>
- <?php
- $id = $_GET["id"];
- $sand = $_GET["sand"];
- if($id!= NULL && $sand!=NULL)
- {
- require_once("my_DB_functions.php");
- $conn = My_Connect_DB();
- if(!$conn)
- die("Connection to DB failed: ".mysqli_connect_error());
- $sql = "SELECT * FROM Employee WHERE id='".$id."';";
- $result = My_SQL_EXE($conn, $sql);
- if($row = mysqli_fetch_row($result))
- {
- if($sand == md5($row[1]))
- {
- echo "<form method='post' action='Activity-99-07.php'>";
- echo "Your ID is: ".$row[0]."<br>";
- echo "<input type=hidden name=id value='".$id."'>";
- echo "<input type=hidden name=sand value='".$sand."'>";
- echo "Your new password: <input type=password name=newpasswd><br>";
- echo "Your new password again: <input type=password name=newpasswd2><br>";
- echo "<input type=submit name=submit><br>";
- echo "</form>";
- }
- else
- echo "Wrong sand provided<br>";
- }
- else
- echo "Wrong ID<br>";
- }
- ?>
- </body>
- </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement