- htmlentities: documentation ( source)
- header: documentation ( source)
<?php
require_once('config.php');
require_once('login.php');
if($_GET['action']=='update'){
if($_POST['newpassword'] && $_POST['oldpassword']){
$pwd = mysql_real_escape_string($_POST['newpassword']);
$pwd1 = mysql_real_escape_string($_POST['newpassword1']);
if($pwd==$pwd1){
$oldpwd = mysql_real_escape_string($_POST['oldpassword']);
$user_name = $_SESSION['user_name'];
$querychk6 = mysql_query("SELECT * FROM $tbl_name WHERE user_name = '$user_name' AND password = '$oldpassword'");
$true = mysql_num_rows($querychk6);
if($true=='1'){
$query6 = "UPDATE $tbl_name SET password = '$pwd' WHERE user_name = '$user_name' AND password = '$oldpwd'";
$result1 = mysql_query( $query6 ) or die(mysql_error());
$responsemsg = "Password changed successfully!";
header("Location: members.php?msg_gr=".$responsemsg);
} else {
$responsemsg = "Error! You entered wrong old password!";
}
} else {
$responsemsg = "Sorry, You entered different passwords in verification!";
}
}
require_once('header.php');
?>
<?php if (isSet($_GET['msg_gr'])){ echo "<span style='display:block;margin-top:20px;text-align:center;color:green;font-weight:bold;'>".htmlentities($_GET['msg_gr'])."</span><br/>"; } ?>
<?php if (isSet($responsemsg)){ echo "<span style='display:block;margin-top:20px;text-align:center;color:red;font-weight:bold;'>".htmlentities($responsemsg)."</span><br/>"; } ?>
<form name="form3" method="post" action="">
<strong>Change Password </strong>
Old Password: <input name="oldpassword" type="password" id="oldpassword" />
New Password: <input name="newpassword" type="password" id="newpassword" />
Type Password again: <input name="newpassword1" type="password" id="newpassword1" />
<input type="submit" name="Submit" value="Change" /></form>
<?php
}
?>
Welcome, <?=$_SESSION['fullname']?><br />
<br />
<br />
What you want to do?<br />
<a href="?view=downloads" >Browse through our downloads</<br />
<?php
require_once('header.php');
?>