-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathsettings_changepass.php
45 lines (40 loc) · 1.87 KB
/
settings_changepass.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
<?php
require_once "./dbConnection.inc";
require_once "./function.php";
getSessionValues();
if (isset($_POST['changePass'], $conn)) {
$data = getDatabase_info($conn, $userId, "freelance_info", TRUE);
if (isset($_POST['current-password'], $_POST['new-password'], $_POST['confirm-password'])) {
$inputCurrentPassword = sha1($_POST['current-password']);
$inputNewPassword = sha1(mysqli_real_escape_string($conn, $_POST['new-password']));
$inputConfirmPassword = sha1($_POST['confirm-password']);
if ($inputCurrentPassword === $data["freelance_password"]) {
if ($inputNewPassword === $inputConfirmPassword) {
$sql = "UPDATE freelance_info SET freelance_password = '$inputConfirmPassword' WHERE freelance_id = '$userId'";
$conn->query($sql);
session_destroy();
echo "<script>alert('Password Changed Successfully')
window.location.href='login.php?change_status=success';
</script>";
} else {
echo "<script>alert('Password and Confirm Password is not the same.')
window.location.href='settings.php?password_status=pass-not-the-same';
</script>";
}
} else {
echo "<script>alert('Current Password is not equal to Login Password.')
window.location.href='settings.php?password_status=invalid-current';
</script>";
}
} else {
echo "<script>alert('Please fill out all the fields.')
window.location.href='settings.php?password_status=no-input';
</script>";
}
} elseif (isset($conn) && $conn) {
echo "<script>alert('Please submit your credentials properly.')
window.location.href='settings.php?password_status=no-submit';
</script>";
} else {
trigger_error("Connection failed: " . $conn->connect_error);
}