PageRenderTime 41ms CodeModel.GetById 13ms RepoModel.GetById 0ms app.codeStats 0ms

/mybookbag/passreset.php

https://bitbucket.org/s2223902/mybookbag
PHP | 191 lines | 189 code | 2 blank | 0 comment | 1 complexity | e212825f88ee9d1f006ebc07767d895e MD5 | raw file
    

  1. <?php
    2. 

  2. session_start();
    3. 

  3. include('db_connection.php');
    4. 

  4. include('functions.php');
    5. 

  5. 

  6. 

  7. ?>
    8. 

  8. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
    9. 

  9. <html xmlns="http://www.w3.org/1999/xhtml">
    10. 

  10.     <head>
    11. 

  11.         <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
    12. 

  12.         <link rel="stylesheet" href="css/formstyles.css" type="text/css" />
    13. 

  13. 		<link href='http://fonts.googleapis.com/css?family=Varela+Round' rel='stylesheet' type='text/css'>
    14. 

  14. 		<link rel="shortcut icon" href="favicon.ico" type="image/x-icon" />
    15. 

  15. 		<script type="text/javascript" src="js/Placeholders.js"></script>
    16. 

  16. 		<script type="text/javascript">
    17. 

  17. 			Placeholders.init({
    18. 

  18. 			live: true,
    19. 

  19. 			hideOnFocus: true});
    20. 

  20. 		</script>
    21. 

  21. 		<link href="css/toolbar.css" rel="stylesheet" type="text/css" />
    22. 

  22.         <title><?php echo $_SESSION['username'];?>'s Settings</title>
    23. 

  23.     </head>
    24. 

  24.     <body>
    25. 

  25. 	<?php include ("php/random-bg.php"); ?>
    26. 

  26. <div id="mainContainer">
    27. 

  27.         
    28. 

  28. <div id="carbonForm2">
    29. 

  29. <div id="logo2">
    30. 

  30. 		<img src="img/logo.png" />
    31. 

  31. 		<p>Welcome <b><?php echo $_SESSION['username'];?></b></p>
    32. 

  32. 	</div>
    33. 

  33. 	<ul id="nav">
    34. 

  34. 	<li><a href="page.php">Home</a></li>
    35. 

  35. 	<li><a href="mybooks.php">MyBookBag</a>
    36. 

  36. 		<ul>
    37. 

  37. 			<li><a href="mybooks.php">My Books</a></li>
    38. 

  38. 			<li><a href="myebooks.php">My eBooks</a></li>
    39. 

  39. 			<li><a href="myjournals.php">My journals</a></li>
    40. 

  40. 			<li><a href="adddoc.php">Add Books</a></li>
    41. 

  41. 		</ul>
    42. 

  42. 	</li>
    43. 

  43. 	<li><a href="friends.php">My Friends</a>
    44. 

  44. 		<ul>
    45. 

  45. 			<li><a href="friends.php">My Friends</a></li>
    46. 

  46. 			<li><a href="messages.php">Messages (<?php echo checkMessages();?>)</a></li>
    47. 

  47. 			<li><a href="addfriend.php">Add friends</a></li>
    48. 

  48. 			<li><a href="requests.php">Friend Requests</a></li>
    49. 

  49. 		</ul>
    50. 

  50. 	</li>
    51. 

  51. 	
    52. 

  52. 	<li class="current"><a href="settings.php">Settings</a>
    53. 

  53. 		<ul>
    54. 

  54. 		<li><a href="passreset.php">Change Password</a></li>
    55. 

  55. 		</ul>
    56. 

  56. 		</li>
    57. 

  57. 	<li><a href="contact.php">Contact</a></li>
    58. 

  58. 	<li><a href="logout.php">Log Out</a></li>
    59. 

  59. 	</ul>
    60. 

  60. 	<div class="fieldContainer">
    61. 

  61. 	<h1>Settings</h1>
    62. 

  62. 	<h3>Updating Password</h3>
    63. 

  63. 	<br>
    64. 

  64. 	<hr>
    65. 

  65. 	<br>
    66. 

  66. 	
    67. 

  67. <?php
    68. 

  68. 

  69. //We check if the user is logged
    70. 

  70. if(isset($_SESSION['username']))
    71. 

  71. {
    72. 

  72. $form = true;
    73. 

  73. $opassword = '';
    74. 

  74. $opassword2 = '';
    75. 

  75. $opassword3 = '';
    76. 

  76. 

  77. if(isset($_POST['password'], $_POST['password2'], $_POST['password3']))
    78. 

  78. {
    79. 

  79.         $opassword = $_POST['password'];
    80. 

  80.         $opassword2 = $_POST['password2'];
    81. 

  81.         $opassword3 = $_POST['password3'];
    82. 

  82.         //We remove slashes depending on the configuration
    83. 

  83.         if(get_magic_quotes_gpc())
    84. 

  84.         {
    85. 

  85.                 $opassword = stripslashes($opassword);
    86. 

  86.                 $opassword2 = stripslashes($opassword2);
    87. 

  87.                 $opassword3 = stripslashes($opassword3);
    88. 

  88.         }
    89. 

  89.         //We check if all the fields are filled
    90. 

  90.         if($opassword2 == $opassword3)
    91. 

  91.         {
    92. 

  92.                 //We protect the variables
    93. 

  93.                 $password = mysql_real_escape_string($opassword);
    94. 

  94.                 $password2 = mysql_real_escape_string($opassword2);
    95. 

  95. 				$password3 = mysql_real_escape_string($opassword3);
    96. 

  96.                 
    97. 

  97.                 //We update the password
    98. 

  98. 				$PasswordHash = md5($password);
    99. 

  99. 				$PasswordHash3 = md5($password3);
    100. 

  100. 				$query_change_credentials = "update `users` set `password`='$PasswordHash3' where `id`={$_SESSION["id"]} and `password`='$PasswordHash'";
    101. 

  101. 				$result_check_credentials = mysql_query($query_change_credentials);
    102. 

  102.                
    103. 

  103.                 if($result_check_credentials)
    104. 

  104.                 {
    105. 

  105. ?>
    106. 

  106. 

  107. 

  108. 

  109. 	<div class="message">The password has been succesfully updated<br />
    110. 

  110. 	<a href="settings.php">Back to settings</a></div>
    111. 

  111. <?php
    112. 

  112.                                         $form = false;
    113. 

  113.                                 }
    114. 

  114.                                 else
    115. 

  115.                                 {
    116. 

  116.                                         //Otherwise, we say that an error occured
    117. 

  117.                                         $error = 'An error occurred while updating password';
    118. 

  118.                                 }
    119. 

  119.                         
    120. 

  120.                         
    121. 

  121.                 }
    122. 

  122.                 else
    123. 

  123.                 {
    124. 

  124.                         //Otherwise, we say the passwords do not match
    125. 

  125.                         $error = 'The passwords do not match';
    126. 

  126.                 }
    127. 

  127.         }
    128. 

  128.         else
    129. 

  129.         {
    130. 

  130.                 //Otherwise, we say a field is empty
    131. 

  131.                 $error = 'Please fill in the fields to update password';
    132. 

  132.         }
    133. 

  133. 

  134. 

  135. if($form)
    136. 

  136. {
    137. 

  137. //We display a message if necessary
    138. 

  138. if(isset($error))
    139. 

  139. {
    140. 

  140.         echo '<div class="message">'.$error.'</div>';
    141. 

  141. }
    142. 

  142. //We display the form
    143. 

  143. ?>
    144. 

  144. 

  145. 

  146. 	<form action="passreset.php" method="post" id="registration_form">
    147. 

  147. 

  148. 	
    149. 

  149. 		<br />
    150. 

  150. 		
    151. 

  151. 		<div class="formRow">			
    152. 

  152. 			<div class="field">
    153. 

  153. 				<input type="password" name="password" id="password" placeholder="Current Password" />
    154. 

  154. 			</div>
    155. 

  155. 		</div>
    156. 

  156. 		
    157. 

  157. 		<div class="formRow">
    158. 

  158. 			<div class="field">
    159. 

  159. 				<input type="password" name="password2" id="password2" placeholder="New Password" />
    160. 

  160. 			</div>
    161. 

  161. 		</div>
    162. 

  162. 			<div class="formRow">
    163. 

  163. 			<div class="field">
    164. 

  164. 				<input type="password" name="password3" id="password3" placeholder="Retype Password" />
    165. 

  165. 			</div>
    166. 

  166. 		</div>
    167. 

  167. 		<br>
    168. 

  168. 		Back to <a href="settings.php">settings</a>.
    169. 

  169. 	</div> <!-- Closing fieldContainer -->
    170. 

  170. 	
    171. 

  171. 	<div class="signupButton">
    172. 

  172. 		<input type="submit" name="formsubmitted" id="submit" value="Change Password" />
    173. 

  173. 	</div>
    174. 

  174. 	
    175. 

  175. 	</form>
    176. 

  176. 		
    177. 

  177. </div>
    178. 

  178. 

  179. </div> 
    180. 

  180. 

  181. <?php
    182. 

  182. }
    183. 

  183. }
    184. 

  184. else
    185. 

  185. {
    186. 

  186.         echo '<div class="message">You must be logged to access this page.</div>';
    187. 

  187. }
    188. 

  188. ?>
    189. 

  189.           </div>     
    190. 

  190.        </body>
    191. 

  191. </html>
    192.