Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- include('check.php');
- $user = $_SESSION['username'];
- if($user)
- {
- //user is logged in
- if (isset($_POST['submit']))
- {
- //check fields
- $oldpassword = md5($_POST['oldpassword']);
- $newpassword = md5($_POST['newpassword']);
- $repeatnewpassword = md5($_POST['repeatnewpassword']);
- // Connect to server and select databse.
- $host="localhost"; // Host name
- $username=""; // Mysql username
- $password=""; // Mysql password
- $db_name=""; // Database name
- mysql_connect("$host", "$username", "$password")or die("cannot connect");
- $queryget = mysql_query("SELECT password FROM members WHERE username='$user'");
- if($queryget === FALSE) {
- die(mysql_error()); // TODO: better error handling
- }while($row = mysql_fetch_array($queryget))
- {
- $oldpassworddb = $row['password'];
- }
- //check passwords
- if ($oldpassword==$oldpassworddb)
- {
- //check new passowrds
- if($newpassword==$repeatnewpassword)
- {
- //success
- //change password in db
- $querychange = mysql_query("UPDATE members SET password='$newpassword' WHERE username ='$user'");
- header( "refresh:2;url=logout.php" );
- die("Your password has successfully been changed.");
- }
- else
- die("Your new passwords do not match");
- }
- else
- die("Password doesn't match");
- }
- else{
- echo"Some text";
- }
- }
- ?>
- <?php
- include('check.php');
- $user = $_SESSION['username'];
- if($user)
- {
- //user is logged in
- if (isset($_POST['submit']))
- {
- //check fields
- $oldpassword = md5($_POST['oldpassword']);
- $newpassword = md5($_POST['newpassword']);
- $repeatnewpassword = md5($_POST['repeatnewpassword']);
- // Connect to server and select databse.
- $host="localhost"; // Host name
- $username=""; // Mysql username
- $password=""; // Mysql password
- $db_name=""; // Database name
- $mysqli = new mysqli($host,$username,$password,$db_name);
- if (mysqli_connect_errno()) {
- printf("Falló la conexión failed: %sn", $mysqli->connect_error);
- exit();
- }
- $queryget = $mysqli->query("SELECT password FROM members WHERE
- username='$user'");
- if($queryget === FALSE) {
- die($mysqli->error()); // TODO: better error handling
- }
- while($row = $mysqli->fetch_array(MYSQLI_NUM){
- $oldpassworddb = $row['password'];
- }
Add Comment
Please, Sign In to add comment