setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
// Fetch input values
$customerId = $_GET['customerId'];
$newPassword = md5($_POST['new_password']);
$confirmPassword = md5($_POST['confirm_password']);
if ($newPassword !== $confirmPassword) {
$message = 'New passwords do not match. Please try again.
';
} else {
// Update password
$stmt = $db->prepare("UPDATE users SET password = :password WHERE customerId = :customerId");
$stmt->bindParam(':password', $newPassword, PDO::PARAM_STR);
$stmt->bindParam(':customerId', $customerId, PDO::PARAM_STR);
if ($stmt->execute()) {
$message = 'Password updated successfully!
';
} else {
$message = 'Failed to update password. Try again later.
';
}
}
} catch (PDOException $e) {
$message = 'Error: ' . $e->getMessage() . '
';
}
}
?>