/lenasys/trunk

To get this branch, use:
bzr branch http://gegoxaren.bato24.eu/bzr/lenasys/trunk

« back to all changes in this revision

Viewing changes to DuggaSys/changePassword/index.php

  • Committer: galaxyAbstractor
  • Date: 2013-04-04 16:19:07 UTC
  • mto: (12.2.4 lenasys) (19.1.4 lenasys)
  • mto: This revision was merged to the branch mainline in revision 17.
  • Revision ID: galaxyabstractor@gmail.com-20130404161907-eo1wnb7ac2rnizg8
Started implementation of a new codeviewer using Ace

Show diffs side-by-side

added added

removed removed

Lines of Context:
DuggaSys/changePassword/index.php
1
1
<?php
2
 
        header( "X-UA-Compatible: IE=edge,chrome=1" );
3
 
        $content = "password.html.php";
4
 
        $pagetitle = "Change password";
 
2
        header("X-UA-Compatible: IE=edge,chrome=1");
 
3
        $content="password.html.php";
 
4
        $pagetitle="Change password";
5
5
        
6
6
        // echo "<pre>";
7
7
        // print_r($_POST);
8
8
        // echo "</pre>";
9
9
        
10
10
        //Passwordchangingcode
11
 
        if( isset( $_POST['changePasswordSubmit'] )) {
 
11
        if(isset($_POST['changePasswordSubmit'])) {
12
12
                include '../../php/dbconnect.php';
13
13
                $queryString = "SELECT Student.ssn FROM Student WHERE Student.loginName=:LOGIN AND Student.passw=:PASSW;";
14
14
 
15
 
                $stmt = $pdo->prepare( $queryString );
16
 
                $stmt -> bindParam( ':LOGIN', $_POST['loginName'] );
17
 
                $oldPassword = md5( $_POST['password'] );
18
 
                $stmt -> bindParam( ':PASSW', $oldPassword );
19
 
                $stmt -> execute();
 
15
                $stmt = $pdo->prepare($queryString);
 
16
                $stmt->bindParam(':LOGIN', $_POST['loginName']);
 
17
                $oldPassword=md5($_POST['password']);
 
18
                $stmt->bindParam(':PASSW', $oldPassword);
 
19
                $stmt->execute();
20
20
 
21
 
                if( $stmt -> rowCount() == 1 ) { //Old password correct
22
 
                        $student = $stmt -> fetch( PDO::FETCH_ASSOC );
 
21
                if ($stmt->rowCount() == 1) { //Old password correct
 
22
                        $student=$stmt->fetch(PDO::FETCH_ASSOC);
23
23
                        //Update password to new password
24
24
                        $updateString = "UPDATE Student 
25
 
                                SET Student.passw=:NEWPASSW
26
 
                                WHERE Student.ssn=:SSN
27
 
                                AND Student.loginName=:LOGIN;";
28
 
                        $updateStmt = $pdo -> prepare( $updateString );
29
 
                        $newPassword = md5( $_POST['newPassword'] );
30
 
                        $updateStmt -> bindParam(':NEWPASSW', $newPassword );
31
 
                        $updateStmt -> bindParam(':LOGIN', $_POST['loginName'] );
32
 
                        $updateStmt -> bindParam(':SSN', $student['ssn'] );
33
 
                        $updateStmt -> execute();
34
 
                        if( $updateStmt -> execute()) {
35
 
                                $errorMsg = "New password stored";
 
25
                                                        SET Student.passw=:NEWPASSW
 
26
                                                        WHERE Student.ssn=:SSN
 
27
                                                                AND Student.loginName=:LOGIN;";
 
28
                        $updateStmt = $pdo->prepare($updateString);
 
29
                        $newPassword=md5($_POST['newPassword']);
 
30
                        $updateStmt->bindParam(':NEWPASSW', $newPassword);
 
31
                        $updateStmt->bindParam(':LOGIN', $_POST['loginName']);
 
32
                        $updateStmt->bindParam(':SSN', $student['ssn']);
 
33
                        $updateStmt->execute();
 
34
                        if($updateStmt->execute()) {
 
35
                                $errorMsg="New password stored";
36
36
                        } else {
37
 
                                $errorMsg = "ERROR: Failed to change password";
 
37
                                $errorMsg="ERROR: Failed to change password";
38
38
                        }
39
39
                }
40
40
        }