Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_start();
- $local = 'localhost';
- $loginbd = 'root';
- $passbd = 'root';
- $namebd = 'crm';
- $link = mysqli_connect($local,$loginbd,$passbd,$namebd);
- $id = $_SESSION['id'];
- $query = mysqli_query($link,"SELECT * FROM users WHERE id='$id'");
- $user = mysqli_fetch_assoc($query);
- if(!empty($_POST)){
- $login = $_POST['login'];
- $name = $_POST['name'];
- $surname = $_POST['surname'];
- $email = $_POST['email'];
- mysqli_query($link,"UPDATE users SET login='$login',name='$name',surname='$surname',email='$email'");
- header("Refresh:0");
- }
- if(!empty($_POST['old_pass']) && !empty($_POST['new_pass']) && !empty($_POST['repeat_pass'])){
- $old_pass = $_POST['old_pass'];
- $new_pass = $_POST['new_pass'];
- $repeat_pass = $_POST['repeat_pass'];
- $hash = $user['password'];
- if(password_verify($old_pass,$hash)){
- if(preg_match("#^[a-zA-Z0-9._-]{6,100}$#",$new_pass)){
- if($new_pass === $repeat_pass){
- $new_hash = password_hash($new_pass,PASSWORD_DEFAULT);
- mysqli_query($link,"UPDATE users SET password='$new_hash' WHERE id='$id'");
- $res = "Successfully!";
- } else {
- $error_pass = "Passwords do not match";
- }
- } else {
- $error_pass = "New password is incorrect";
- }
- } else {
- $error_pass = "Wrong old password";
- }
- }
- ?>
- <!DOCTYPE html>
- <html>
- <head>
- <title>Add client</title>
- </head>
- <body>
- <a href="/main"><-Back</a></br>
- <h2>Editing personal information</h2></br>
- <form action="" method="post">
- <input name="login" value="<?php echo $user['login']?>"></br>
- <input name="name" value="<?php echo $user['name']?>"></br>
- <input name="surname" value="<?php echo $user['surname']?>"></br>
- <input name="email" value="<?php echo $user['email']?>"></br>
- </form>
- <form action="" method="post">
- <h2>Change password:</h2></br>
- <input name="old_pass" placeholder="Old password">
- <input name="new_pass" placeholder="New password">
- <input name="repeat_pass" placeholder="Repeat password">
- <input type="submit"></br>
- </form>
- <?php
- echo $error_pass;
- echo $res;
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement