janis/ma
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update passwd.php

Browse Source
This commit is contained in:
jakani24
2024-01-15 17:19:36 +01:00
parent 3a155709fb
commit 2beeeab541
1 changed files with 3 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/server/cyberhex-code/system/secure_zone/php/passwd.php
View File

@@ -58,7 +58,7 @@ $email = $_SESSION["email"];
$password = $_POST["password"]; $password = $_POST["password"];
$new_password1=$_POST["new_password1"]; $new_password1=$_POST["new_password1"];
$new_password2=$_POST["new_password2"]; $new_password2=$_POST["new_password2"];
$hash=password_hash($new_password1, PASSWORD_BCRYPT);
// Create a connection // Create a connection
$conn = new mysqli($DB_SERVERNAME, $DB_USERNAME, $DB_PASSWORD, $DB_DATABASE); $conn = new mysqli($DB_SERVERNAME, $DB_USERNAME, $DB_PASSWORD, $DB_DATABASE);
@@ -84,6 +84,7 @@ $email = $_SESSION["email"];
if ($result->num_rows > 0) { if ($result->num_rows > 0) {
$row = $result->fetch_assoc(); $row = $result->fetch_assoc();
if (password_verify($password, $row['password'])) { if (password_verify($password, $row['password'])) {
echo($password."::".$row['password']);
//password correct update //password correct update
// Create connection // Create connection
$conn = new mysqli($DB_SERVERNAME, $DB_USERNAME, $DB_PASSWORD,$DB_DATABASE); $conn = new mysqli($DB_SERVERNAME, $DB_USERNAME, $DB_PASSWORD,$DB_DATABASE);
@@ -94,7 +95,7 @@ $email = $_SESSION["email"];
die("Connection failed: " . $conn->connect_error); die("Connection failed: " . $conn->connect_error);
} }
$stmt = $conn->prepare("UPDATE users set password = ? where username = ?"); $stmt = $conn->prepare("UPDATE users set password = ? where username = ?");
$stmt->bind_param("ss", $new_password1, $username); $stmt->bind_param("ss", $hash, $username);
$stmt->execute(); $stmt->execute();
$stmt->close(); $stmt->close();
$conn->close(); $conn->close();