Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- $host = "localhost";
- $username = "root";
- $password = "";
- $database = "PDOtesting";
- $message = "";
- try
- {
- $connect = new PDO("mysql:host=$host; dbname=$database", $username, $password);
- $connect->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
- if(isset($_POST['re_password'])) {
- $old_pass=$_POST['old_pass'];
- $new_pass=$_POST['new_pass'];
- $re_pass=$_POST['re_pass'];
- // User confirm old password authentication
- $query = "SELECT * FROM users WHERE username = :username LIMIT 1";
- $statement = $connect->prepare($query);
- $statement->execute(
- array(
- 'username' => $login_session
- )
- );
- $count = $statement->rowCount();
- if($count > 0)
- {
- $result = $statement->fetch();
- //check old password if correct
- if (password_verify($_POST["old_pass"], $result['old_pass'])) {
- // if password correct
- if ($new_pass == $re_pass) {
- $query2 = "UPDATE users SET password = :password WHERE username = :username";
- $hash = password_hash($re_pass, PASSWORD_DEFAULT);
- $statement = $connect->prepare($query2);
- $statement->execute(
- array(
- 'username' => $login_session,
- 'password' => $hash
- )
- );
- echo "<script>alert('Changed Password Sucessfully! You will be logged out from this page'); window.location='../session_destroy.php'</script>";
- }
- else {
- echo "<script>alert('new password and repeat password does not match!'); window.location='change_password.php'</script>";
- }
- }} else {
- echo "<script>alert('Your old password is incorrect'); window.location='change_password.php'</script>";
- }
- // $data_pwd=$chg_pwd1['password'];
- }
- }
- catch(PDOException $error)
- {
- $message = $error->getMessage();
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement