main
Suvodip
parent
7dcd87c174
commit
156aad3ecf
|
|
@ -3,30 +3,51 @@
|
|||
header("Location: /login");
|
||||
exit;
|
||||
}
|
||||
// Password update query
|
||||
if($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['update_password'])){
|
||||
try {
|
||||
$db = new PDO("mysql:host=$mariaServer;dbname=$mariaDb", $mariaUser, $mariaPass);
|
||||
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
|
||||
|
||||
$email = $_SESSION['userEmail'];
|
||||
$newPassword = md5($_POST['new_password']);
|
||||
|
||||
?>
|
||||
<?php
|
||||
$message = ""; // Variable to store error or success messages
|
||||
|
||||
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['update_password'])) {
|
||||
try {
|
||||
$db = new PDO("mysql:host=$mariaServer;dbname=$mariaDb", $mariaUser, $mariaPass);
|
||||
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
|
||||
|
||||
// Fetch input values
|
||||
$email = $_SESSION['userEmail'];
|
||||
$currentPassword = md5($_POST['current_password']); // Encrypt current password
|
||||
$newPassword = md5($_POST['new_password']);
|
||||
$confirmPassword = md5($_POST['confirm_password']);
|
||||
|
||||
// Check if current password matches the database
|
||||
$stmt = $db->prepare("SELECT password FROM users WHERE email = :email");
|
||||
$stmt->bindParam(':email', $email, PDO::PARAM_STR);
|
||||
$stmt->execute();
|
||||
$user = $stmt->fetch(PDO::FETCH_ASSOC);
|
||||
|
||||
if (!$user || $user['password'] !== $currentPassword) {
|
||||
$message = '<div class="alert alert-danger">Current password is incorrect. Please try again.</div>';
|
||||
} elseif ($newPassword !== $confirmPassword) {
|
||||
$message = '<div class="alert alert-danger">New passwords do not match. Please try again.</div>';
|
||||
} else {
|
||||
// Update password
|
||||
$stmt = $db->prepare("UPDATE users SET password = :password WHERE email = :email");
|
||||
$stmt->bindParam(':password', $newPassword, PDO::PARAM_STR);
|
||||
$stmt->bindParam(':email', $email, PDO::PARAM_STR);
|
||||
|
||||
if ($stmt->execute()) {
|
||||
echo '<div class="alert alert-success">Password updated successfully!</div>';
|
||||
$message = '<div class="alert alert-success">Password updated successfully!</div>';
|
||||
} else {
|
||||
echo '<div class="alert alert-danger">Failed to updated Password.</div>';
|
||||
$message = '<div class="alert alert-danger">Failed to update password. Try again later.</div>';
|
||||
}
|
||||
// $stmt->execute();
|
||||
// echo "Password updated successfully!";
|
||||
} catch (PDOException $e) {
|
||||
echo "Error: " . $e->getMessage();
|
||||
}
|
||||
|
||||
} catch (PDOException $e) {
|
||||
$message = '<div class="alert alert-danger">Error: ' . $e->getMessage() . '</div>';
|
||||
}
|
||||
}
|
||||
?>
|
||||
|
||||
<style>
|
||||
|
||||
.profile-container {
|
||||
|
|
@ -69,6 +90,7 @@
|
|||
|
||||
<div class="mt-3">
|
||||
<h5>Change Password</h5><hr>
|
||||
<?= $message ?>
|
||||
<form method="POST">
|
||||
<div class="mb-3">
|
||||
<input type="password" class="form-control" id="currentPassword" name="current_password" placeholder="Current Password" required>
|
||||
|
|
|
|||
Loading…
Reference in New Issue