File "change-pass-user.php"
Full Path: /home/u165092617/domains/tadzz.com/public_html/forms/change-pass-user.php
File size: 1.91 KB
MIME-type: text/x-php
Charset: utf-8
<?php session_start();
include("../config/config.php");
require_once("./../validation/validate_userlogin.php");
$alertType='1';// ADMIN=1 USER =0
$password_old = secureSuperGlobalPOST($_REQUEST[SESS_MASTER.'old']);
$password_new = secureSuperGlobalPOST($_REQUEST[SESS_MASTER.'new']);
$user_id=$_SESSION[ADD_TAG.'_UserId_user'];
$sql = "SELECT * FROM user_master WHERE rowId='$user_id'";
$myquery=$conn->query($sql);
$mydara= $myquery->fetchAll() ;
$rows_found = $myquery->rowCount();
if($rows_found==0){
$_SESSION[ADD_TAG.'_unvalidate_user']=12;
$_SESSION[ADD_TAG.'_tologusername']='';
$pagename='Admin Login ';
$parameter='suspicious Login for Admin ';
$alertdisplay=' For Email ID '.$email_id ;
header('Location: ../login');
}else{
foreach( $mydara as $row ) {
$userId = $row['rowId'];
$first_name = $row['first_name'];
$email_id = $row['emailId'];
$mobile_no = $row['mobile_no'];
$password = $row['userpass'];
}
$verifypass =password_verify($password_old,$password);
if($password_old==$verifypass){
$hash = password_hash($password_new,PASSWORD_DEFAULT);
$sqls = "UPDATE user_master SET userpass='$hash' WHERE rowId='$user_id'";
$myquerys=$conn->query($sqls);
$_SESSION[ADD_TAG.'_Tab_id']='change_pass';
header('Location: ../user-profile');
}else{
$_SESSION[ADD_TAG.'_Tab_id']='change_pass';
$_SESSION[ADD_TAG.'_unvalidate_user']=16;
$_SESSION[ADD_TAG.'_tologusername']='';
$pagename='Admin Login ';
$parameter='suspicious Login for Admin ';
$alertdisplay=' For Email ID '.$email_id ;
header('Location: ../user-profile');
}
}
?>