API tools faq
paste
Guest User

Untitled

a guest
Sep 2nd, 2018
111
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 3.33 KB | None | 0 0
raw download clone embed print report
  1. <form name="resetform" action="changepass.php" id="resetform" class="passform" method="post" role="form">
  2. <h3>Change Your Password</h3>
  3. <br />
  4. <input type="text" name="username" value="<?php echo $_SESSION["username"]; ?>" ></input>
  5. <label>Enter Old Password</label>
  6. <input type="password" class="form-control" name="old_password" id="old_password">
  7. <label>Enter New Password</label>
  8. <input type="password" class="form-control" name="new_password" id="new_password">
  9. <label>Confirm New Password</label>
  10. <input type="password" class="form-control" name="con_newpassword" id="con_newpassword" />
  11. <br>
  12. <input type="submit" class="btn btn-warning" name="password_change" id="submit_btn" value="Change Password" />
  13. </form>
  14.  
  15. <!--display success/error message-->
  16. <div id="message"></div>
  17.  
  18. <script>
  19. $(document).ready(function() {
  20. var frm = $('#resetform');
  21. frm.submit(function(e){
  22. e.preventDefault();
  23.  
  24. var formData = frm.serialize();
  25. formData += '&' + $('#submit_btn').attr('name') + '=' + $('#submit_btn').attr('value');
  26. $.ajax({
  27. type: frm.attr('method'),
  28. url: frm.attr('action'),
  29. data: formData,
  30. success: function(data){
  31. $('#message').html(data).delay(3000).fadeOut(3000);
  32. },
  33. error: function(jqXHR, textStatus, errorThrown) {
  34. $('#message').html(textStatus).delay(2000).fadeOut(2000);
  35. }
  36.  
  37. });
  38. });
  39. });
  40. </script>
  41.  
  42. include_once 'include/connection.php';
  43.  
  44. if (isset($_POST['password_change'])) {
  45.  
  46. $username = strip_tags($_POST['username']);
  47. $password = strip_tags($_POST['old_password']);
  48. $newpassword = strip_tags($_POST['new_password']);
  49. $confirmnewpassword = strip_tags($_POST['con_newpassword']);
  50.  
  51. // match username with the username in the database
  52. $sql = "SELECT * FROM `user` WHERE `username` = ? AND password = PASSWORD(?)";
  53.  
  54. $query = $connect->prepare($sql);
  55. $query->bindParam(1, $username, PDO::PARAM_STR);
  56. $query->bindParam(2, $password, PDO::PARAM_STR);
  57.  
  58. if($query->execute() && $query->rowCount()){
  59. $hash = $query->fetch();
  60. if ($password == $hash['password']){
  61. if($newpassword == $confirmnewpassword) {
  62. $sql = "UPDATE `user` SET `password` = PASSWORD(?) WHERE `username` = ?";
  63.  
  64. $query = $connect->prepare($sql);
  65. $query->bindParam(1, $newpassword, PDO::PARAM_STR);
  66. $query->bindParam(2, $username, PDO::PARAM_STR);
  67. if($query->execute()){
  68. echo "Password Changed Successfully!";
  69. }else{
  70. echo "Password could not be updated";
  71. }
  72. } else {
  73. echo "Passwords do not match!";
  74. }
  75. }else{
  76. echo "Please type your current password accurately!";
  77. }
  78. }else{
  79. echo "Incorrect username";
  80. }
  81. }
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!