-
Notifications
You must be signed in to change notification settings - Fork 0
/
settings.php
55 lines (49 loc) · 1.86 KB
/
settings.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
<?php
declare(strict_types=1);
session_start();
if (!isset($_SESSION["username"])) {
header("Location: login.php");
}
$username = $_SESSION["username"];
if (isset($_POST["change-password"])) {
require("./config/config.php");
$mysql = new mysqli(MYSQL_IP, MYSQL_USERNAME, MYSQL_PASSWORD, MYSQL_DATABASE);
$retrieve = $mysql->prepare("SELECT * FROM tUser WHERE Username=?");
$retrieve->bind_param("s", $username);
$retrieve->execute();
$result = $retrieve->get_result();
$passwordHash = $result->fetch_assoc()["Password"];
$oldPassword = $_POST["old-password"];
$newPassword = $_POST["new-password"];
$verified = password_verify($oldPassword, $passwordHash);
if ($verified) {
$newPasswordHash = password_hash($newPassword, PASSWORD_BCRYPT);
$changePassword = $mysql->prepare("UPDATE tUser SET Password=? WHERE Username=? AND Password=?");
$changePassword->bind_param("sss", $newPasswordHash, $username, $passwordHash);
$changePassword->execute();
header("Location: logout.php");
} else {
echo "Incorrect password!";
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<link rel="stylesheet" href="./assets/index.css">
<link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Outfit">
<title>Nox | Settings</title>
</head>
<body>
<ul id="navbar">
<li><a href="timeline.php">TIMELINE</a></li>
<li><a href="#">SETTINGS</a></li>
<li><a href="logout.php">LOGOUT</a></li>
</ul>
<form id="settings" action="<?= $_SERVER['PHP_SELF'] ?>" method="post">
<input type="password" name="old-password" placeholder="OLD PASSWORD" required>
<input type="password" name="new-password" placeholder="NEW PASSWORD" required>
<input type="submit" value="CHANGE PASSWORD" name="change-password">
</form>
</body>
</html>