forked from hsnmnr/Estore
-
Notifications
You must be signed in to change notification settings - Fork 0
/
updateadminpassword.php
53 lines (49 loc) · 1.31 KB
/
updateadminpassword.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
<!DOCTYPE>
<html>
<script type="text/javascript">
var store_name = 'E-Store Management System'
document.title=store_name;
document.write("<center><h1>",store_name,"<h1></center>");
</script>
<?php
ini_set('error_reporting', 'E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR');
include 'connection.php';
$conn = OpenCon();
if (mysqli_connect_errno())
{
echo "Unable to connect to server " . mysqli_connect_error();
}
session_start();
$username=$_SESSION['username'];
$oldpass=$_POST['oldpassword'];
$pass=$_POST['newpassword'];
$confirmpass=$_POST['confirmpassword'];
$query='SELECT user_id,password from admins where user_id='.$username;
$result=mysqli_query($conn,$query);
if($result->num_rows == 0)
{
echo 'Invalid Username or Login Session<br>';
exit;
}
$row=$result->fetch_assoc();
$mypass=$row['password'];
if($mypass == $oldpass)
{
if($pass == $confirmpass)
{
$query = 'UPDATE admins SET password = \''.$pass.'\' WHERE user_id='.$username;
$result=mysqli_query($conn,$query);
echo '<script>alert("Password updated")</script><br>';
}
else
{
echo 'New Password and Confirm Password Field Mismatch<br>';
}
}
else
{
echo 'Invalid Old Password<br>';
}
?>
<meta http-equiv="refresh" content="1;url=admin.php">
</html>