Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_start();
- if ($_SESSION['username'])
- echo "Welcome, ".$_SESSION['username']."!<br><a href='logout.php'>Logout</a><p>";
- else
- die("You must be logged in!");
- $user = $_SESSION['username'];
- if ($user)
- {
- //user is logged in
- if ($_POST['submit'])
- {
- //check fields
- $oldpassword = $_POST['oldpassword'];
- $newpassword = $_POST['newpassword'];
- $renewpassword = $_POST['renewpassword'];
- // check password against db
- // connect db
- $connect = mysql_connect("207.210.254.226","datacatch","oblivion") or die("couldn't connect");
- mysql_select_db("reborn") or die("couldnt find db");
- $queryget = mysql_query("SELECT password FROM user WHERE Name='$user'") or die("Incorrect infomation");
- $row = mysql_fetch_assoc($queryget);
- $oldpassworddb = $row['password'];
- //check passwords
- if ($oldpassword==$oldpassworddb)
- {
- // check two new passwords
- if ($newpassword==$renewpassword)
- {
- //success
- //change password in db
- $querychange = mysql_query("
- UPDATE user SET password='$newpassword' WHERE Name='$user'
- ") or die("Did not work!");
- session_destroy();
- die("Your password has been changed. <a href='index.php'>Click here</a> to return to Login");
- }
- else
- die("New Passwords don't match, please try again.");
- }
- else
- die("Old Password Incorrect, please try again.");
- }
- else
- {
- echo"
- <form action='member.php' method='POST'>
- Old password: <input type='text' name='oldpassword'><p>
- New password: <input type='password' name='newpassword'><br>
- Repeat New password: <input type='password' name='renewpassword'><p>
- <input type='submit' name='submit' value='Change Password'>
- </form>
- ";
- }
- }
- else
- die("You must be logged in to change your username/password");
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
