main
Suvodip
parent
7dcd87c174
commit
156aad3ecf
|
|
@ -3,30 +3,51 @@
|
||||||
header("Location: /login");
|
header("Location: /login");
|
||||||
exit;
|
exit;
|
||||||
}
|
}
|
||||||
// Password update query
|
|
||||||
if($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['update_password'])){
|
|
||||||
try {
|
|
||||||
$db = new PDO("mysql:host=$mariaServer;dbname=$mariaDb", $mariaUser, $mariaPass);
|
|
||||||
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
|
|
||||||
|
|
||||||
$email = $_SESSION['userEmail'];
|
|
||||||
$newPassword = md5($_POST['new_password']);
|
|
||||||
|
|
||||||
|
?>
|
||||||
|
<?php
|
||||||
|
$message = ""; // Variable to store error or success messages
|
||||||
|
|
||||||
|
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['update_password'])) {
|
||||||
|
try {
|
||||||
|
$db = new PDO("mysql:host=$mariaServer;dbname=$mariaDb", $mariaUser, $mariaPass);
|
||||||
|
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
|
||||||
|
|
||||||
|
// Fetch input values
|
||||||
|
$email = $_SESSION['userEmail'];
|
||||||
|
$currentPassword = md5($_POST['current_password']); // Encrypt current password
|
||||||
|
$newPassword = md5($_POST['new_password']);
|
||||||
|
$confirmPassword = md5($_POST['confirm_password']);
|
||||||
|
|
||||||
|
// Check if current password matches the database
|
||||||
|
$stmt = $db->prepare("SELECT password FROM users WHERE email = :email");
|
||||||
|
$stmt->bindParam(':email', $email, PDO::PARAM_STR);
|
||||||
|
$stmt->execute();
|
||||||
|
$user = $stmt->fetch(PDO::FETCH_ASSOC);
|
||||||
|
|
||||||
|
if (!$user || $user['password'] !== $currentPassword) {
|
||||||
|
$message = '<div class="alert alert-danger">Current password is incorrect. Please try again.</div>';
|
||||||
|
} elseif ($newPassword !== $confirmPassword) {
|
||||||
|
$message = '<div class="alert alert-danger">New passwords do not match. Please try again.</div>';
|
||||||
|
} else {
|
||||||
|
// Update password
|
||||||
$stmt = $db->prepare("UPDATE users SET password = :password WHERE email = :email");
|
$stmt = $db->prepare("UPDATE users SET password = :password WHERE email = :email");
|
||||||
$stmt->bindParam(':password', $newPassword, PDO::PARAM_STR);
|
$stmt->bindParam(':password', $newPassword, PDO::PARAM_STR);
|
||||||
$stmt->bindParam(':email', $email, PDO::PARAM_STR);
|
$stmt->bindParam(':email', $email, PDO::PARAM_STR);
|
||||||
|
|
||||||
if ($stmt->execute()) {
|
if ($stmt->execute()) {
|
||||||
echo '<div class="alert alert-success">Password updated successfully!</div>';
|
$message = '<div class="alert alert-success">Password updated successfully!</div>';
|
||||||
} else {
|
} else {
|
||||||
echo '<div class="alert alert-danger">Failed to updated Password.</div>';
|
$message = '<div class="alert alert-danger">Failed to update password. Try again later.</div>';
|
||||||
}
|
}
|
||||||
// $stmt->execute();
|
|
||||||
// echo "Password updated successfully!";
|
|
||||||
} catch (PDOException $e) {
|
|
||||||
echo "Error: " . $e->getMessage();
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
} catch (PDOException $e) {
|
||||||
|
$message = '<div class="alert alert-danger">Error: ' . $e->getMessage() . '</div>';
|
||||||
}
|
}
|
||||||
|
}
|
||||||
?>
|
?>
|
||||||
|
|
||||||
<style>
|
<style>
|
||||||
|
|
||||||
.profile-container {
|
.profile-container {
|
||||||
|
|
@ -69,6 +90,7 @@
|
||||||
|
|
||||||
<div class="mt-3">
|
<div class="mt-3">
|
||||||
<h5>Change Password</h5><hr>
|
<h5>Change Password</h5><hr>
|
||||||
|
<?= $message ?>
|
||||||
<form method="POST">
|
<form method="POST">
|
||||||
<div class="mb-3">
|
<div class="mb-3">
|
||||||
<input type="password" class="form-control" id="currentPassword" name="current_password" placeholder="Current Password" required>
|
<input type="password" class="form-control" id="currentPassword" name="current_password" placeholder="Current Password" required>
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue