function changePassword($newPassword, $id = "") { if ($newPassword == "" || !isActiveUser()) { return 4; } $link = getDBConnection(); if (mysqli_select_db($link, getDBName())) { $newPassword = md5(md5(trim(mysqli_real_escape_string($link, $newPassword)))); if (isAdmin() && $id != "") { $currentId = intval($id); } else { $currentId = intval(getActiveUserID()); } if (mysqli_query($link, "UPDATE users SET password = '******' WHERE id = {$currentId}")) { //logOff(); LogIn(md5(generateUniqueCode(10)), getActiveUserID()); return 0; } return 1; } else { return 2; } }
include_once 'procedures.php'; if (isActiveUser()) { header("Location: /"); } $loginFailed = false; $userBanned = false; if (isset($_POST['submitAuth'])) { $reason = ""; $data = getAuthorizationData(); //var_dump($data); if (!empty($data)) { if ($data['group'] == 'banned' && $data['password'] === md5(md5($_POST['password']))) { $userBanned = true; } else { if ($data['password'] === md5(md5($_POST['password']))) { $hash = md5(generateUniqueCode(10)); LogIn($hash, $data['id']); echo '<meta http-equiv="refresh" content="0; url=userCheckData.php?redirect=' . htmlspecialchars($_POST['redirect']) . '">'; exit; } else { //$reason = "Неправильный пароль!"; $loginFailed = true; } } } else { //$reason = "Проблемы с БД!"; $loginFailed = true; } } ?>