<?php // save old password and username to session if ($_GET['password']) { session_start(); $_SESSION['oldPassword'] = $_GET['password']; $_SESSION['username'] = $_GET['username']; } // connect ot database and change password according old password and username if (isset($_POST['newPassword'])) { include_once "MyDB.php"; $myDB = new MyDB(); $myDB->modifyDB("update userProfile set password ='******'newPassword']) . "' where password ='******'oldPassword'] . "' and username='******'username'] . "';"); session_destroy(); header("Location: login.php"); } ?> <html> <body> <form method="post"> <table> <tr> <td>set a new password: </td> <td><input type="password" name="newPassword"></td> </tr> <tr> <td><button type="submit">change password</button></td> </tr> </table>
} if ($_POST['password'] == "") { $passwordErr = " - please enter password"; $isValid = false; } if ($_POST['hint'] == "") { $hintErr = " - please enter hint"; $isValid = false; } // if is valid, encrtpt password then connect to database and create accout in user projile and user progress if ($isValid) { include_once "php/MyDB.php"; $DBManager = new MyDB(); $password = md5($_POST['password']); $query = "insert into userProfile values( '" . $_POST['username'] . "','" . md5($password) . "','" . $_POST['hint'] . "');"; $DBManager->modifyDB($query); $query = "insert into accomplishment values('" . $_POST['username'] . "','" . "2016-01-01" . "','" . "0" . "','" . "0" . "','" . "0" . "0" . "','" . "');"; $DBManager->modifyDB($query); header("Location: php/login.php"); } } ?> <html> <head> <title> Recite </title> </head> <body bgcolor="87cefa" link="c80000">