put_errormsg("State cannot be blank");
redirect("emplmaint.php");
exit;
}
if (empty($_POST["zipcode"])) {
put_errormsg("Zip Code cannot be blank");
redirect("emplmaint.php");
exit;
}
if (empty($_POST["telephone"])) {
put_errormsg("Telephone cannot be blank");
redirect("emplmaint.php");
exit;
}
require_once "pwdreq.php";
$errormsg = pwdreq($epassword);
if (strlen($errormsg) > 0) {
put_errormsg($errormsg);
redirect("emplmaint.php");
exit;
}
$mysqli = new mysqli('localhost', $_SESSION["user"], mc_decrypt($_SESSION["up"], ps_key), '');
if ($editempnum != "new") {
$sql = "SELECT upassword FROM petcliniccorp.employee WHERE emplnumber = " . $editempnum;
$result = $mysqli->query($sql);
if ($result == FALSE) {
put_errormsg("Invalid Employee number");
redirect("emplmaint.php");
exit;
}
$row_cnt = $result->num_rows;
*****************************************************************/
session_start();
$logFileName = "user";
$headerTitle = "USER LOG";
$logFileName = "install";
require_once "includes/common.inc";
$log->logThis("checking passwords");
unset($_SESSION["errormessage"]);
$password1 = $_POST["newpwd1"];
$password2 = $_POST["newpwd2"];
if ($password1 != $password2) {
put_errormsg("The Passwords do not match");
redirect("newpassword.php");
}
require_once "pwdreq.php";
$errormsg = pwdreq($password1);
if (strlen($errormsg) > 0) {
put_errormsg($errormsg);
redirect("newpassword.php");
exit;
}
$log->logThis("password passes requirements");
$newpassword = mc_encrypt($password1, ENCRYPTION_KEY);
$emplid = $_SESSION['employeenumber'];
$mysqlic = new mysqli('localhost', $_SESSION["user"], mc_decrypt($_SESSION["up"], ps_key), '');
$sql = "UPDATE `petcliniccorp`.`employee` SET upassword=\"{$newpassword}\", changepwd=\"N\", changeid=\"" . $emplid . "\" WHERE emplnumber = \"{$emplid}\"";
if ($mysqlic->query($sql) === TRUE) {
} else {
echo "Employee update failed" . $mysqlic->error;
exit(1);
}