$stmt->bind_param("s", $_SESSION['username']); $stmt->execute(); $stmt->store_result(); $stmt->bind_result($remPassword); if ($stmt->num_rows > 0) { while ($stmt->fetch()) { $oldpassword = $remPassword; } $stmt->close(); if (!PassAuth::checkPassword($password, $oldpassword)) { echo "Your current password is incorrect."; } else { if ($pass1 != $pass2 || empty($pass2) || empty($pass1)) { echo "Your new passwords do not match"; } else { if (PassAuth::checkPassword($pass1, $oldpassword)) { echo "You can't change your password to that!"; } else { $password = PassAuth::encryptPassword($pass1); $stmt = $db->prepare("UPDATE " . $prefix . "users SET password=? WHERE username=?"); $stmt->bind_param("ss", $password, $_SESSION['username']); $stmt->execute(); $stmt->close(); echo "Your password has been changed. You must login again before proceeding to another page."; session_destroy(); } } } } else { $stmt->close(); echo "There was an error processing your request. Please try again later.";
include "../config.php"; require "PassAuth.php"; $username = $_POST['username']; $password = $_POST['password']; if (empty($username) || empty($password)) { echo 'You have left something blank'; } else { $stmt = $db->prepare("SELECT * FROM " . $prefix . "users WHERE username = ? LIMIT 1"); $stmt->bind_param('s', $username); $stmt->execute(); $stmt->store_result(); } if ($stmt->num_rows == 0) { echo 'Your username or password was incorrect [0x001]'; } else { $stmt->bind_result($nid, $nusername, $npassword, $nprivileges); while ($stmt->fetch()) { if (PassAuth::checkPassword($password, $npassword)) { session_start(); $_SESSION['online'] = true; $_SESSION['username'] = $nusername; $_SESSION['privileges'] = $nprivileges; $page = $_SERVER['PHP_SELF']; echo 'Logging you in...<meta http-equiv="refresh" content="0">'; } else { echo 'Your username or password was incorrect [0x002]'; } } } $stmt->free_result(); $stmt->close();