-
Notifications
You must be signed in to change notification settings - Fork 0
/
updatePassword.php
126 lines (114 loc) · 4.04 KB
/
updatePassword.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
<?php
session_start();
$loggedInAs = $_SESSION["currentId"];
$serverStr = $_SESSION["currentServer"];
if(isset($_POST['submit'])){
$pswdOld = $_POST['pswdOld'];
$pswdNew = $_POST['pswdNew'];
$pswdConf = $_POST['pswdConf'];
$dbHost = getenv('RDS_HOSTNAME');
$dbUser = getenv('RDS_USERNAME');
$dbPass = getenv('RDS_PASSWORD');
$dbConn = 'mysql:host='.$dbHost.';dbname='.$serverStr.';charset=utf8mb4';
try{
$conn = new \PDO( $dbConn,
$dbUser,
$dbPass,
array(
\PDO::ATTR_ERRMODE => \PDO::ERRMODE_EXCEPTION,
\PDO::ATTR_PERSISTENT => false
)
);
$pswdHandle = $conn->prepare("SELECT Password from user where SummonerId = ?");
$pswdHandle->bindParam(1, $loggedInAs, PDO::PARAM_STR);
$pswdHandle->execute();
$hashPassword = $pswdHandle->fetchColumn();
if(password_verify($pswdOld, $hashPassword) && ($pswdNew === $pswdConf)){
$updatedPswd = password_hash($pswdNew, PASSWORD_DEFAULT);
$updateHandle = $conn->prepare("Update user SET Password = ? Where SummonerId = ?");
$updateHandle->bindParam(1, $updatedPswd, PDO::PARAM_STR);
$updateHandle->bindParam(2, $loggedInAs, PDO::PARAM_INT);
$updateHandle->execute();
header("Location:passwordUpdated.php");
exit;
}else{
echo("You have entered incorrect password");
}
}catch(\PDOException $ex){
print($ex->getMessage());
}
}
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
<meta name="description" content="">
<meta name="author" content="">
<title>LeagueLights</title>
<!-- Bootstrap core CSS -->
<link href="vendor/bootstrap/css/bootstrap.min.css" rel="stylesheet">
<!-- Custom styles for this template -->
<link href="css/shop-homepage.css" rel="stylesheet">
<link href="css/leaguelights.css" rel="stylesheet">
</head>
<body>
<!-- Navigation -->
<nav class="navbar navbar-expand-lg navbar-dark bg-dark fixed-top">
<div class="container">
<a class="navbar-brand" href="index.php">LeagueLights</a>
</div>
</nav>
<div class="container py-5 my-5">
<div class="row my-4">
<form method="post" class="col-lg-12" id="userInfo">
<div class="row">
<div class="col-lg-3"></div>
<h4 class="text-center col-lg-2">Password:</h4>
<input type="password" class="col-lg-4" name="pswdOld" minlength=6 maxlength=64 required>
<div class="col-lg-3"></div>
</div>
</br>
<div class="row">
<div class="col-lg-3"></div>
<h4 class="text-center col-lg-2">New Password:</h4>
<input type="password" class="col-lg-4" id="password" name="pswdNew" minlength=6 maxlength=64 required>
<div class="col-lg-3"></div>
</div>
</br>
<div class="row">
<div class="col-lg-3"></div>
<h4 class="text-center col-lg-2">Confirm Password:</h4>
<input type="password" class="col-lg-4" name="pswdConf" oninput="check(this)" minlength=6 maxlength=64 required>
<div class="col-lg-3"></div>
</div>
<script language='javascript' type='text/javascript'>
function check(input) {
if (input.value != document.getElementById('password').value) {
input.setCustomValidity('Password Must be Matching.');
} else {
// input is valid -- reset the error message
input.setCustomValidity('');
}
}
</script>
<br>
<div class="row">
<div class="col-lg-5"></div>
<button class="col-lg-2" type="submit" name="submit" value="submit">Update</button>
<div class="col-lg-5"></div>
</div>
<br>
</form>
</div>
</div>
<!-- Footer -->
<footer id="footer" class="py-5 bg-dark">
<div class="container">
<p class="m-0 text-center text-white">Copyright © LeagueLights 2018</p>
</div>
<!-- /.container -->
</footer>
</body>
</html>