<?php require_once "../config.php"; verify_access($list_modules); $settUpd = false; $company->open($company->id); if ($_POST['action'] == 'SaveCompany') { if (isset($_POST['txtCompanyName'])) { $company->save($_POST['txtCompanyName'], $_FILES["txtCompanyLogo"]["tmp_name"], $_FILES["txtCompanyLogo"]["type"]); $company->open($company->id); $settUpd = true; } } ?> <!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8" /> <link rel="shortcut icon" href="../img/icon.png"> <title>Settings | FOLearn</title> <meta name="viewport" content="width=device-width, initial-scale=1.0" /> <meta name="description" content="" /> <meta name="author" content="stilearning" /> <!-- google font --> <link href="http://fonts.googleapis.com/css?family=Aclonica:regular" rel="stylesheet" type="text/css" /> <!-- styles --> <link href="../css/bootstrap.css" rel="stylesheet" /> <link href="../css/bootstrap-responsive.css" rel="stylesheet" />
<?php // configuration require "../includes/config.php"; verify_access(); if (empty($_POST)) { render_mult(["change_passfm.php"], ["title" => "Change Password"]); } else { if ($_SERVER["REQUEST_METHOD"] != "POST") { redirect("index.php"); } // if form was submitted... // validate submission if (empty($_POST["old_pass"])) { apologize("You must provide your current password."); } if (empty($_POST["new_pass"])) { apologize("You must provide a new password."); } if (empty($_POST["confirmation"])) { apologize("You must confirm your new password."); } if ($_POST["new_pass"] != $_POST["confirmation"]) { apologize("Password and confirmation do not match."); } // compare hash of user's input against the old hash if (!password_verify($_POST["old_pass"], $_SESSION["user"]["password"])) { apologize("Invalid username and/or password."); } if (tquery(" \tUPDATE users\n\t\t\t\t\t\tSET password = ?\n\t\t\t\t\t\tWHERE user_id = ?", [password_hash($_POST["new_pass"], PASSWORD_DEFAULT), $_SESSION["user"]["user_id"]]) === false) { apologize("Failed to change password.");
public function __construct() { parent::__construct(); verify_access(); }