From 2beeeab54139ad7694152df83807ae19d6a97494 Mon Sep 17 00:00:00 2001 From: jakani24 Date: Mon, 15 Jan 2024 17:19:36 +0100 Subject: [PATCH] Update passwd.php --- src/server/cyberhex-code/system/secure_zone/php/passwd.php | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/server/cyberhex-code/system/secure_zone/php/passwd.php b/src/server/cyberhex-code/system/secure_zone/php/passwd.php index ba53175..b76e85a 100644 --- a/src/server/cyberhex-code/system/secure_zone/php/passwd.php +++ b/src/server/cyberhex-code/system/secure_zone/php/passwd.php @@ -58,7 +58,7 @@ $email = $_SESSION["email"]; $password = $_POST["password"]; $new_password1=$_POST["new_password1"]; $new_password2=$_POST["new_password2"]; - + $hash=password_hash($new_password1, PASSWORD_BCRYPT); // Create a connection $conn = new mysqli($DB_SERVERNAME, $DB_USERNAME, $DB_PASSWORD, $DB_DATABASE); @@ -84,6 +84,7 @@ $email = $_SESSION["email"]; if ($result->num_rows > 0) { $row = $result->fetch_assoc(); if (password_verify($password, $row['password'])) { + echo($password."::".$row['password']); //password correct update // Create connection $conn = new mysqli($DB_SERVERNAME, $DB_USERNAME, $DB_PASSWORD,$DB_DATABASE); @@ -94,7 +95,7 @@ $email = $_SESSION["email"]; die("Connection failed: " . $conn->connect_error); } $stmt = $conn->prepare("UPDATE users set password = ? where username = ?"); - $stmt->bind_param("ss", $new_password1, $username); + $stmt->bind_param("ss", $hash, $username); $stmt->execute(); $stmt->close(); $conn->close();