Appreciation
Thanks a lot, your code really helped me. Thank you
<?php //redirect to home if session has been set } ?> <!DOCTYPE html> <html> <head> <meta charset="utf-8"> <title>How to Change Password using PHP</title> <link rel="stylesheet" type="text/css" href="bootstrap/css/bootstrap.min.css"> </head> <body> <div class="container"> <h1 class="page-header text-center">Change Password using PHP</h1> <div class="row"> <div class="col-sm-4 col-sm-offset-4 panel panel-default" style="padding:20px;"> <form method="POST" action="login.php"> <p class="text-center" style="font-size:30px;"><b>Login</b></p> <hr> <div class="form-group"> <label for="username">Username:</label> <input type="text" name="username" id="username" class="form-control"> </div> <div class="form-group"> <label for="password">Password:</label> <input type="password" name="password" id="password" class="form-control"> </div> <button type="submit" name="login" class="btn btn-primary"><span class="glyphicon glyphicon-log-in"></span> Login</button> </form> <?php ?> <div class="alert alert-danger text-center" style="margin-top:20px;"> <?php echo $_SESSION['error']; ?> </div> <?php } ?> </div> </div> </div> </body> </html>
<?php //connection $conn = new mysqli('localhost', 'root', '', 'dbase'); //get the user with the username $sql = "SELECT * FROM users WHERE username = '".$_POST['username']."'"; $query = $conn->query($sql); if($query->num_rows > 0){ $row = $query->fetch_assoc(); //verify password if(password_verify($_POST['password'], $row['password'])){ $_SESSION['user'] = $row['id']; } else{ $_SESSION['error'] = 'Password incorrect'; } } else{ $_SESSION['error'] = 'No account with that username'; } } else{ $_SESSION['error'] = 'Fill up login form first'; } ?>
<?php //redirect ot login page if not logged in } //connection $conn = new mysqli('localhost', 'root', '', 'dbase'); //get user details $sql = "SELECT * FROM users WHERE id = '".$_SESSION['user']."'"; $query = $conn->query($sql); $row = $query->fetch_assoc(); ?> <!DOCTYPE html> <html> <head> <meta charset="utf-8"> <title>How to Change Password using PHP</title> <link rel="stylesheet" type="text/css" href="bootstrap/css/bootstrap.min.css"> </head> <body> <div class="container"> <h1 class="page-header text-center">Change Password using PHP</h1> <div class="row"> <div class="col-sm-4 col-sm-offset-4 panel panel-default" style="padding:20px;"> <h3>Welcome, <?php echo $row['username']; ?> <span class="pull-right"> <a href="logout.php" class="btn btn-danger btn-sm"><span class="glyphicon glyphicon-log-out"></span> Logout</a> </span> </h3> <hr> <form method="POST" action="change_password.php"> <div class="form-group"> <label for="old">Old Password:</label> <input type="password" name="old" id="old" class="form-control" value="<?php echo (isset($_SESSION['old'])) ? $_SESSION['old'] : ''; ?>"> </div> <div class="form-group"> <label for="new">New Password:</label> <input type="password" name="new" id="new" class="form-control" value="<?php echo (isset($_SESSION['new'])) ? $_SESSION['new'] : ''; ?>"> </div> <div class="form-group"> <label for="retype">Retype New Password:</label> <input type="password" name="retype" id="retype" class="form-control" value="<?php echo (isset($_SESSION['retype'])) ? $_SESSION['retype'] : ''; ?>"> </div> <button type="submit" name="update" class="btn btn-success"><span class="glyphicon glyphicon-check"></span> Update</button> </form> <?php ?> <div class="alert alert-danger text-center" style="margin-top:20px;"> <?php echo $_SESSION['error']; ?> </div> <?php } ?> <div class="alert alert-success text-center" style="margin-top:20px;"> <?php echo $_SESSION['success']; ?> </div> <?php } ?> </div> </div> </div> </body> </html>
<?php //get POST data $old = $_POST['old']; $new = $_POST['new']; $retype = $_POST['retype']; //create a session for the data incase error occurs $_SESSION['old'] = $old; $_SESSION['new'] = $new; $_SESSION['retype'] = $retype; //connection $conn = new mysqli('localhost', 'root', '', 'dbase'); //get user details $sql = "SELECT * FROM users WHERE id = '".$_SESSION['user']."'"; $query = $conn->query($sql); $row = $query->fetch_assoc(); //check if old password is correct if(password_verify($old, $row['password'])){ //check if new password match retype if($new == $retype){ //hash our password $password = password_hash($new, PASSWORD_DEFAULT); //update the new password $sql = "UPDATE users SET password = '$password' WHERE id = '".$_SESSION['user']."'"; if($conn->query($sql)){ $_SESSION['success'] = "Password updated successfully"; //unset our session since no error occured } else{ $_SESSION['error'] = $conn->error; } } else{ $_SESSION['error'] = "New and retype password did not match"; } } else{ $_SESSION['error'] = "Incorrect Old Password"; } } else{ $_SESSION['error'] = "Input needed data to update first"; } ?>
<?php ?>
Thanks a lot, your code really helped me. Thank you