Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- if (isset($_POST['chanpass']))
- {
- $db_host='localhost';
- $db_user='root';
- $db_pass='root';
- $db_name='realmd';
- mysql_connect($db_host,$db_user,$db_pass) or die(mysql_error());
- mysql_select_db($db_name) or die(mysql_error());
- $login=(empty($_POST['login'])?'':mysql_escape_string($_POST['login']));
- $old_pass=(empty($_POST['old_pass'])?'':mysql_escape_string($_POST['old_pass']));
- $new_pass1=(empty($_POST['new_pass1'])?'':mysql_escape_string($_POST['new_pass1']));
- $new_pass2=(empty($_POST['new_pass2'])?'':mysql_escape_string($_POST['new_pass2']));
- if($new_pass1!=$new_pass2)
- {
- die('Новые парли не совпадают');
- }
- if(strlen($new_pass1)<2)
- {
- die('Новый пароль слишком короткий');
- }
- if(mysql_result(mysql_query("select count(`id`) from `account` where `username`='$login' and `sha_pass_hash`=SHA1(CONCAT(UPPER('$login') ,':',UPPER('$old_pass')))"),0)>0)
- {
- $sql="update `account` set
- `sha_pass_hash`=SHA1(CONCAT(UPPER('$login') ,':',UPPER('$new_pass1'))),
- `sessionkey`=NULL,
- `v`=NULL,
- `s`=NULL
- where `username`='$login'";
- if(mysql_query($sql))
- {
- die('пароль успешно изменён!');
- }
- else
- {
- die(mysql_error());
- }
- }
- else
- {
- echo 'логин:пароли - не совпадают';
- }
- }
- ?>
- <form method="post">
- Логин:<br/>
- <input type="text" name="login" /><br/>
- Старый пароль:<br/>
- <input type="password" name="old_pass" /><br/>
- Новый пароль:<br/>
- <input type="password" name="new_pass1" /><br/>
- Новый пароль:<br/>
- <input type="password" name="new_pass2" /><br/>
- <input type="submit" name="chanpass" value="изменить"/>
- </form>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement