Temas

Mi codigo del cambio de contraseña changePassword.php:

Código (php) [Seleccionar] Expandir


<?php
    require 'database.php';

    $errors = array();

    $nickname = trim($_POST['nickname']);
    if (empty($nickname) {
        $errors[] = 'You forgot to enter your nickname.';
    }

    $password = trim($_POST['password']);
    if (empty($password)) {
$errors[] = 'You forgot to enter your old password.';
    }

    $new_password = trim($_POST['new_password']);
    $verify_password = trim($_POST['new_confirm_password']);
    if (!empty($new_password)) {
        if (($new_password != $verify_password) ||
( $password == $new_password ))
{
            $errors[] = 'Your new password did not match the confirmed password and/or ';
$errors[] = 'Your old password is the same as your new password.';
}
} else {
$errors[] = 'You did not enter a new password.';
    }

    if (empty($errors)) { 
        try {
            $query = "SELECT id, password FROM users WHERE ( nickname=:nickname )";
        $q = mysqli_stmt_init($dbcon);
            mysqli_stmt_prepare($q, $query);

            mysqli_stmt_bind_param($q, 's', $nickname);

            mysqli_stmt_execute($q);

            $result = mysqli_stmt_get_result($q);
            $row = mysqli_fetch_array($result, MYSQLI_ASSOC);
            if ((mysqli_num_rows($result) == 1) && (password_verify($password, $row['password']))) {
                $hashed_passcode = password_hash($new_password, PASSWORD_BCRYPT);
                $query = "UPDATE users SET password=:password WHERE nickname=:nickname";
            $q = mysqli_stmt_init($dbcon);                                 
                mysqli_stmt_prepare($q, $query);

                mysqli_stmt_bind_param($q, 'ss', $hashed_passcode, $nickname);

                mysqli_stmt_execute($q);

                if (mysqli_stmt_affected_rows($q) == 1) {
                    header ("location: passwordThanks.php"); 
            exit();   
        } else {
                    $errorstring = "System Error! <br /> You could not change password due ";
        $errorstring .= "to a system error. We apologize for any inconvenience.</p>"; 
                    echo "<p>$errorstring</p>";

                    echo '<footer class="jumbotron text-center col-sm-12" style="padding-bottom:1px; padding-top:8px;"> include("footer.php"); </footer>';
            exit();
                }
            } else { 
                $errorstring = 'Error! <br /> ';
                $errorstring .= 'The nickname and/or password do not match those on file.';
                $errorstring .= " Please try again.";
                echo "<p>$errorstring</p>";
            }
        } catch(Exception $e) {
            print "The system is busy please try later";
        } catch(Error $e) {
            print "The system is busy please try again later.";
        }
    } else {
        $errorstring = "Error! The following error(s) occurred:<br>";
foreach ($errors as $msg) {
            $errorstring .= " - $msg<br>\n";
}
$errorstring .= "Please try again.<br>";
echo "<p>$errorstring</p>";
}

?>
<!DOCTYPE html>
<html>
    <head>
        <meta charset="utf-8">
        <title>Change your Password</title>
        <link href="https://fonts.googleapis.com/css?family=Roboto" rel="stylesheet">
        <link rel="stylesheet" href="assets/css/style.css"/>
    </head>
    <body>

        <?php require "partials/header.php" ?>

        <?php if (!empty($message)): ?>
            <p><?= $message ?></p>
        <?php endif; ?>

        <h1>Change your Password</h1>
        <form action="changePassword.php" method="post">
            <input type="text" name="nickname" placeholder="Enter your nickname">
            <input type="password" name="old_password" placeholder="Enter your old password">
            <input type="password" name="new_password" placeholder="Enter your new password">
            <input type="password" name="new_confirm_password" placeholder="Confirm your new password">
            <input type="submit" value="Send">
    </body>
    <footer class="jumbotron text-center row" style="padding-bottom:1px; padding-top:8px;">
        <?php
            require 'partials/footer.php'
        ?>
    </footer>
</html>

Mi codigo del index.php:

Código (php) [Seleccionar] Expandir

  <head>
    <meta charset="utf-8">
    <title>Welcome to you WebApp</title>
    <link href="https://fonts.googleapis.com/css?family=Roboto" rel="stylesheet">
    <link rel="stylesheet" href="assets/css/style.css">
  </head>
  <body>
    <?php require 'partials/header.php' ?>

    <?php if(!empty($user)): ?>
      <br> Welcome. <?= $user['nickname']; ?>
      <br>You are Successfully Logged In
      <br>
      <a href="logout.php"> Logout </a>
      <br>
      <br>1-. <a href="showDatabase.php"> Show your Database </a>
      <br>
      <br>2-. <a href="showTables.php"> Show your Tables of Database </a>
      <br>
      <br>3-. <a href="query.php"> Show your Query </a>
      <br>
      <br>4-. <a href="createDatabase.php"> Create your new Database </a>
      <br>
      <br>5-. <a href="subQuestion.php"> Show your Sub-Question </a>
      <br>
      <br>6-. <a href="insertRecord.php"> Insert record in your Database </a>

    <?php else: ?>
        <p> Welcome to our official website,
            in order to buy you need to log in,
            if you have an account you have to register.
        </p>
      <h1>Please Login or SignUp</h1>
      <a href="login.php">Login</a> or
      <a href="signup.php">SignUp</a>

    <?php endif; ?>
    <footer class="jumbotron text-center row" style="padding-bottom:1px; padding-top:8px;">
        <?php
            require 'partials/footer.php'
        ?>
    </footer>
  </body>
</html>