<?php
// save old password and username to session
if ($_GET['password']) {
session_start();
$_SESSION['oldPassword'] = $_GET['password'];
$_SESSION['username'] = $_GET['username'];
}
// connect ot database and change password according old password and username
if (isset($_POST['newPassword'])) {
include_once "MyDB.php";
$myDB = new MyDB();
$myDB->modifyDB("update userProfile set password ='******'newPassword']) . "' where password ='******'oldPassword'] . "' and username='******'username'] . "';");
session_destroy();
header("Location: login.php");
}
?>
<html>
<body>
<form method="post">
<table>
<tr>
<td>set a new password: </td>
<td><input type="password" name="newPassword"></td>
</tr>
<tr>
<td><button type="submit">change password</button></td>
</tr>
</table>
}
if ($_POST['password'] == "") {
$passwordErr = " - please enter password";
$isValid = false;
}
if ($_POST['hint'] == "") {
$hintErr = " - please enter hint";
$isValid = false;
}
// if is valid, encrtpt password then connect to database and create accout in user projile and user progress
if ($isValid) {
include_once "php/MyDB.php";
$DBManager = new MyDB();
$password = md5($_POST['password']);
$query = "insert into userProfile values( '" . $_POST['username'] . "','" . md5($password) . "','" . $_POST['hint'] . "');";
$DBManager->modifyDB($query);
$query = "insert into accomplishment values('" . $_POST['username'] . "','" . "2016-01-01" . "','" . "0" . "','" . "0" . "','" . "0" . "0" . "','" . "');";
$DBManager->modifyDB($query);
header("Location: php/login.php");
}
}
?>
<html>
<head>
<title>
Recite
</title>
</head>
<body bgcolor="87cefa" link="c80000">
