51ff3226 |
1 | <?php |
2 | |
3 | function set_password() { |
4 | global $db,$error,$error_messages; |
5 | $old_password=$_POST['old_password']; |
6 | $new_password1=$_POST['new_password1']; |
7 | $new_password2=$_POST['new_password2']; |
8 | |
9 | if ($new_password1!=$new_password2) { |
10 | $error=$error_messages['NEW_PASSWORD_MISMATCH']; |
11 | return false; |
12 | } |
13 | $user_id=$_SESSION['user_id']; |
14 | $login=$_SESSION['user_name']; |
15 | if (!$user_id) { |
16 | return false; |
17 | } |
18 | |
19 | //old password check |
20 | |
21 | $q="select * from users where login='$login'"; |
22 | $set=$db->query($q); |
23 | $set->next(); |
24 | if ($set->getString('password')!=md5($old_password)) { |
25 | $error="bad password"; |
26 | return false; |
27 | } |
28 | |
51ff3226 |
29 | |
30 | //changing in MySQL |
31 | $password=md5($new_password1); |
32 | $db->query("update users set password='$password' where user_id='$user_id'"); |
33 | } |
34 | |
35 | ?> |