albert
/
Zeszyt_2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
main
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'a7b088c14a'
${ noResults }
Zeszyt_2/source/change_password.php

75 lines
2.8 KiB
PHP
Raw Blame History

<?php
require_once 'includes/db.php';
require_once 'includes/auth.php';
checkAuth();
$message = '';
if ($_SERVER["REQUEST_METHOD"] === "POST") {
requireCsrfToken();
$old_pass = $_POST['old_password'] ?? '';
$new_pass = $_POST['new_password'] ?? '';
$confirm_pass = $_POST['confirm_password'] ?? '';
if ($new_pass !== $confirm_pass) {
$message = '<div class="alert alert-danger">Nowe hasła nie są identyczne.</div>';
} else {
$stmt = $pdo->prepare("SELECT password FROM " . DB_PREFIX . "users WHERE id = ?");
$stmt->execute([$_SESSION['user_id']]);
$user = $stmt->fetch();
if ($user && password_verify($old_pass, $user['password'])) {
$new_hash = password_hash($new_pass, PASSWORD_BCRYPT);
$update = $pdo->prepare("UPDATE " . DB_PREFIX . "users SET password = ? WHERE id = ?");
$update->execute([$new_hash, $_SESSION['user_id']]);
session_regenerate_id(true);
$message = '<div class="alert alert-success">Hasło zostało zmienione pomyślnie.</div>';
} else {
$message = '<div class="alert alert-danger">Obecne hasło jest nieprawidłowe.</div>';
}
}
}
?>
<!DOCTYPE html>
<html lang="pl">
<head>
<meta charset="UTF-8">
<title>Zmiana hasła - <?php echo e(APP_NAME); ?></title>
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/bootstrap.min.css" rel="stylesheet">
</head>
<body class="bg-light">
<div class="container py-5">
<div class="card shadow mx-auto" style="max-width: 450px;">
<div class="card-header bg-dark text-white">
<h5 class="mb-0">Zmiana hasła</h5>
</div>
<div class="card-body">
<?php echo $message; ?>
<form method="POST">
<?php echo csrfInput(); ?>
<div class="mb-3">
<label class="form-label">Obecne hasło</label>
<input type="password" name="old_password" class="form-control" required>
</div>
<hr>
<div class="mb-3">
<label class="form-label">Nowe hasło</label>
<input type="password" name="new_password" class="form-control" required minlength="8">
</div>
<div class="mb-3">
<label class="form-label">Powtórz nowe hasło</label>
<input type="password" name="confirm_password" class="form-control" required>
</div>
<div class="d-flex justify-content-between">
<a href="index.php" class="btn btn-secondary">Powrót</a>
<button type="submit" class="btn btn-primary">Zmień hasło</button>
</div>
</form>
</div>
</div>
</div>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink