2016-12-02 19:19:11 +00:00
< ? php
if ( isset ( $_GET [ 'Change' ] ) ) {
// Get input
$pass_new = $_GET [ 'password_new' ];
$pass_conf = $_GET [ 'password_conf' ];
// Do the passwords match?
if ( $pass_new == $pass_conf ) {
// They do!
2018-10-12 15:49:58 +00:00
$pass_new = (( isset ( $GLOBALS [ " ___mysqli_ston " ]) && is_object ( $GLOBALS [ " ___mysqli_ston " ])) ? mysqli_real_escape_string ( $GLOBALS [ " ___mysqli_ston " ], $pass_new ) : (( trigger_error ( " [MySQLConverterToo] Fix the mysql_escape_string() call! This code does not work. " , E_USER_ERROR )) ? " " : " " ));
2016-12-02 19:19:11 +00:00
$pass_new = md5 ( $pass_new );
// Update the database
$insert = " UPDATE `users` SET password = ' $pass_new ' WHERE user = ' " . dvwaCurrentUser () . " '; " ;
2018-10-12 15:49:58 +00:00
$result = mysqli_query ( $GLOBALS [ " ___mysqli_ston " ], $insert ) or die ( '<pre>' . (( is_object ( $GLOBALS [ " ___mysqli_ston " ])) ? mysqli_error ( $GLOBALS [ " ___mysqli_ston " ]) : (( $___mysqli_res = mysqli_connect_error ()) ? $___mysqli_res : false )) . '</pre>' );
2016-12-02 19:19:11 +00:00
// Feedback for the user
$html .= " <pre>Password Changed.</pre> " ;
}
else {
// Issue with passwords matching
$html .= " <pre>Passwords did not match.</pre> " ;
}
2018-10-12 15:49:58 +00:00
(( is_null ( $___mysqli_res = mysqli_close ( $GLOBALS [ " ___mysqli_ston " ]))) ? false : $___mysqli_res );
2016-12-02 19:19:11 +00:00
}
?>
