diff options
Diffstat (limited to 'change_passw.php')
| -rw-r--r-- | change_passw.php | 69 |
1 files changed, 32 insertions, 37 deletions
diff --git a/change_passw.php b/change_passw.php index aa8de88..31e0e0d 100644 --- a/change_passw.php +++ b/change_passw.php @@ -1,28 +1,11 @@ -<?php include_once 'header.php';?> - -<section> <?php - // FIXME - if (!isset($_SESSION) or empty($_SESSION['signed_in']) or !$_SESSION['signed_in']) { - echo '<h2>You must be logged in to change your password.</h2>'; - } else { - echo ' - <h2>Change your password</h2> - <form action="change_passw.php" method="post"> - <label for="user_pass">Password: </label><br> - <input type="password" name="user_pass"><br> - <label for="user_pass_check">Re-enter password: </label><br> - <input type="password" name="user_pass_check"><br> - <input type="submit" name="submit"> - </form> - <br>'; - } -?> +include_once './includes/Session.php'; +include_once './includes/model/User.php'; +include_once './includes/functions_user.php'; -<?php -include_once 'includes/db_inc.php'; +session_start(); -if ($_SERVER['REQUEST_METHOD'] == 'POST' and $_SESSION['signed_in']) { +if ($_SERVER['REQUEST_METHOD'] == 'POST' and Session::get()->is_signed_in()) { $errors = array(); $user_pass = ""; @@ -48,24 +31,36 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST' and $_SESSION['signed_in']) { } echo '</ul>'; } else { - $sql = "UPDATE users SET user_pass = ? WHERE user_id = ?;"; - $stmt = mysqli_stmt_init($dbc); - - if (!mysqli_stmt_prepare($stmt, $sql)) { - die('Could not create account due to internal error: ' . mysqli_error($dbc)); - } - $pass_hash = password_hash($user_pass, PASSWORD_DEFAULT); - - mysqli_stmt_bind_param($stmt, "ss", $pass_hash, $_SESSION['user_id']); - mysqli_stmt_execute($stmt); - mysqli_stmt_close($stmt); - + change_password(Session::get()->get_current_user(), $pass_hash); echo 'Password successfully changed!'; } } ?> +<!DOCTYPE html> +<html lang="en"> +<head> + <title>Change your password - cflip.net forum</title> + <link rel="stylesheet" href="styles/style.css"> +</head> +<body> +<?php +include_once './includes/templates/header.php'; -</section> - -<?php include_once 'footer.php';?> +if (!Session::get()->is_signed_in()) { + echo '<h2>You must be logged in to change your password.</h2>'; +} else { + echo ' + <h2>Change your password</h2> + <form action="change_passw.php" method="post"> + <label for="user_pass">Password: </label><br> + <input type="password" name="user_pass"><br> + <label for="user_pass_check">Re-enter password: </label><br> + <input type="password" name="user_pass_check"><br> + <input type="submit" name="submit"> + </form> + <br>'; +} +?> +</body> +</html> |