change_password.php 1.5 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970
  1. <?php
  2. require_once ("./header.php");
  3. logged_in_only ();
  4. $pw_message = null;
  5. if (isset ($_POST['settings_password']) && $_POST['settings_password'] == 1) {
  6. if (isset ($_POST['set_password1']) && $_POST['set_password1'] != "" &&
  7. isset ($_POST['set_password2']) && $_POST['set_password2'] != "") {
  8. if ($_POST['set_password1'] != $_POST['set_password2']) {
  9. $pw_message = 'Passwords do not match.'."\n";
  10. $password = false;
  11. }
  12. else {
  13. $password = trim ($_POST['set_password1']);
  14. }
  15. }
  16. else {
  17. $pw_message = 'Please fill out both password fields.'."\n";
  18. $password = false;
  19. }
  20. if ($password) {
  21. $query = sprintf ("UPDATE user SET password=md5('%s') WHERE username='%s'",
  22. $mysql->escape ($password),
  23. $mysql->escape ($username));
  24. if ($mysql->query ($query)) {
  25. $pw_message = "Password changed.<br>\n";
  26. }
  27. else {
  28. message ($mysql->error);
  29. }
  30. }
  31. unset ($_POST['set_password1'], $_POST['set_password2'], $password);
  32. }
  33. ?>
  34. <h2 class="title">Change Password</h2>
  35. <form action="<?php echo $_SERVER['SCRIPT_NAME']; ?>" method="POST">
  36. <table>
  37. <tr>
  38. <td>New Password</td>
  39. <td><input type="password" name="set_password1"></td>
  40. </tr>
  41. <tr>
  42. <td>Verify new Password</td>
  43. <td><input type="password" name="set_password2"></td>
  44. </tr>
  45. <tr>
  46. <td>
  47. <input type="submit" value=" Save ">
  48. <input type="button" value=" Cancel " onClick="self.close()">
  49. <input type="hidden" name="settings_password" value="1">
  50. </td>
  51. <td>
  52. <?php echo $pw_message; ?>
  53. </td>
  54. </tr>
  55. </table>
  56. </form>
  57. <?php
  58. require_once (ABSOLUTE_PATH . "footer.php");
  59. ?>