You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
75 lines
1.8 KiB
75 lines
1.8 KiB
<?php
|
|
include("header.php");
|
|
|
|
// get user_id
|
|
$suser_id = $_SESSION['suser_id'];
|
|
|
|
// check for submit
|
|
if ($_SERVER['REQUEST_METHOD']=="POST" ) {
|
|
if (trim($_POST['user_passold']) <> "" && trim($_POST['user_passnew1']) && trim($_POST['user_passnew2']) && trim($_POST['user_passnew1']) == trim($_POST['user_passnew2'])) {
|
|
$user_passold = $_POST['user_passold'];
|
|
$user_passnew = md5($_POST['user_passnew1']);
|
|
|
|
$result = mysql_query("SELECT user_pass FROM user WHERE user_id='$suser_id'") or die(mysql_error());
|
|
// check current pass
|
|
if(!strcmp(md5($user_passold), mysql_result($result, 0, "user_pass"))) {
|
|
// ok, update pass
|
|
mysql_query("UPDATE user SET user_pass='$user_passnew' WHERE user_id='$suser_id'") or die(mysql_error());
|
|
|
|
header_location("options.php");
|
|
}
|
|
}
|
|
|
|
// not ok
|
|
echo '<b>Error!</b>';
|
|
}
|
|
|
|
// get current information
|
|
$result = mysql_query("SELECT displayname FROM user WHERE user_id='$suser_id'");
|
|
while ($row = mysql_fetch_object($result)) {
|
|
$displayname = $row->displayname;
|
|
}
|
|
?>
|
|
|
|
<form method="POST" action="userpassedit.php">
|
|
<table border="0">
|
|
<tr>
|
|
<td colspan="2">
|
|
<b>Modify settings:</b><br>
|
|
</td>
|
|
</tr>
|
|
<tr>
|
|
<td>
|
|
Current password:
|
|
</td>
|
|
<td>
|
|
<input type="password" name="user_passold">
|
|
</td>
|
|
</tr>
|
|
<tr>
|
|
<td>
|
|
New password:
|
|
</td>
|
|
<td>
|
|
<input type="password" name="user_passnew1">
|
|
</td>
|
|
</tr>
|
|
<tr>
|
|
<td>
|
|
Retype new password:
|
|
</td>
|
|
<td>
|
|
<input type="password" name="user_passnew2">
|
|
</td>
|
|
</tr>
|
|
<tr>
|
|
<td colspan="2" align="right">
|
|
<input type="submit" value="Submit"><input type="reset" value="Reset">
|
|
</td>
|
|
</tr>
|
|
</table>
|
|
</form>
|
|
|
|
<?
|
|
include("footer.php");
|
|
?>
|