Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- $connection=mysql_connect("(host)","(Username)","(Password)");
- $db=mysql_select_db("uber",$connection);
- function c( $str ) {
- return addslashes( @mysql_real_escape_string( $s, $connection ) );
- }
- if ( isset( $_POST["changepassword"] ) )
- {
- $username = c( $_POST["username"] );
- $password = c( $_POST["password"] );
- $new = md5( c( $_POST["newpassword"] ) );
- $confirm = md5( c( $_POST["confirmnewpassword"] ) );
- $userQ = @mysql_query( "SELECT * FROM `users` WHERE `username` = '" . $username . "'" );
- if ( @mysql_num_rows( $userQ ) == 0 )
- {
- echo "This user does not exist.";
- }
- else
- {
- $userA = @mysql_fetch_array( $userQ );
- if ( $userA["password"] !== md5( $password ) )
- {
- echo "The password you entered is incorrect.";
- }
- else
- {
- if ( $new !== $confirm )
- {
- echo "The two new passwords you entered do not match.";
- }
- else
- {
- $change = @mysql_query( "UPDATE `users` SET `password` = '" . $new . "' WHERE `username` = '" . $username . "'" );
- if ( $change )
- {
- echo "Your password has been changed.";
- }
- else
- {
- echo "An error occurred with the MySQL:<br /><br />" . mysql_errno() . ": " . mysql_error();
- }
- }
- }
- }
- }
- else
- {
- echo "Change Password<br /><br />
- <form method=\"post\">
- Username: <input type=\"text\" name=\"username\" id=\"username\" /><br />
- Current Password: <input type=\"password\" name=\"password\" id=\"password\" /><br />
- New Password: <input type=\"password\" name=\"newpassword\" id=\"newpassword\" /><br />
- Confirm New Password: <input type=\"password\" name=\"confirmnewpassword\" id=\"confirmnewpassword\" /><br /><br />
- <input type=\"submit\" name=\"changepassword\" id=\"changepassword\" value=\"Save »\" />
- </form>";
- }
- ?>
Add Comment
Please, Sign In to add comment