-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathchange_pass.php
More file actions
42 lines (41 loc) · 1.17 KB
/
change_pass.php
File metadata and controls
42 lines (41 loc) · 1.17 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
<?php
include_once("header.php");
if(isset($_SESSION['hcl_user']))
{
if(isset($_POST["change"]))
{
$u=$_SESSION['hcl_user'];
$q=mysql_query("select pass from users where username='$u'");
if(md5($_POST["cur"])==mysql_result($q,0,"pass"))
{
if($_POST["new"]==$_POST["cnew"] && $_POST["new"]!="")
{
$p=$_POST["new"];
mysql_query("update users set pass= md5('$p') where username='$u'");
echo "Password has been succesfully changed";
}
else
echo "New Passwords dont match<br/>";
}
else
echo "Current Password is wrong<br/>";
}
echo "<h1>Change Password</h1>";
echo "<form action=change_pass.php method=post>
<br/><br/>
<table>
<tr><td>Current Password</td><td><input type=password name=cur /></td></tr>
<tr></tr>
<tr><td>New Password</td><td><input type=password name=new /></td></tr>
<tr><td>Confirm New Password</td><td><input type=password name=cnew /></td></tr>
</table>
<input type=submit name=change value=Submit />
</form>";
}
else
{
echo "<br/><br/><br/><br/><br/><br/><h4>You have tried to access a page that is visible only to logged in users.<br/><b>Please login to continue!</b>
<a href=login.php>Login</a></h4>";
}
include_once("footer.php");
?>