Browse code
Created repository.
DoubleBastionAdmin authored on 29/11/2024 03:10:08
Showing 1 changed files
| 1 | 1 |
new file mode 100644 |
| ... | ... |
@@ -0,0 +1,93 @@ |
| 1 |
+<?php |
|
| 2 |
+ |
|
| 3 |
+/** |
|
| 4 |
+ * @copyright 2024 Double Bastion LLC <www.doublebastion.com> |
|
| 5 |
+ * |
|
| 6 |
+ * @author Double Bastion LLC |
|
| 7 |
+ * |
|
| 8 |
+ * @license GNU AGPL version 3 or any later version |
|
| 9 |
+ * |
|
| 10 |
+ * This program is free software; you can redistribute it and/or |
|
| 11 |
+ * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE |
|
| 12 |
+ * License as published by the Free Software Foundation; either |
|
| 13 |
+ * version 3 of the License, or any later version. |
|
| 14 |
+ * |
|
| 15 |
+ * This program is distributed in the hope that it will be useful, |
|
| 16 |
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
| 17 |
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
| 18 |
+ * GNU AFFERO GENERAL PUBLIC LICENSE for more details. |
|
| 19 |
+ * |
|
| 20 |
+ * You should have received a copy of the GNU Affero General Public |
|
| 21 |
+ * License along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
| 22 |
+ * |
|
| 23 |
+ */ |
|
| 24 |
+ |
|
| 25 |
+session_start(); |
|
| 26 |
+ |
|
| 27 |
+if (($_SESSION['loggedtorspanel'] == true) && isset($_POST['verifyKey']) && ($_POST['verifyKey'] == $_SESSION['valid_access'])) {
|
|
| 28 |
+ |
|
| 29 |
+define('ACCESSCONST', TRUE);
|
|
| 30 |
+ |
|
| 31 |
+require('db-connect.php');
|
|
| 32 |
+ |
|
| 33 |
+ if (isset($_POST['currentPass']) && isset($_POST['newPass'])) {
|
|
| 34 |
+ |
|
| 35 |
+ $crntPswd = $_POST['currentPass']; |
|
| 36 |
+ $newpass = $_POST['newPass']; |
|
| 37 |
+ $userName = $_SESSION['login']; |
|
| 38 |
+ |
|
| 39 |
+ if ($crntPswd != '' && $newpass != '') {
|
|
| 40 |
+ |
|
| 41 |
+ try {
|
|
| 42 |
+ // Check if the given password matches the password in the database |
|
| 43 |
+ $query0 = $mysqli->prepare("SELECT id, username, password FROM panelusers WHERE username=?");
|
|
| 44 |
+ $query0->bind_param("s", $userName);
|
|
| 45 |
+ $query0->execute(); |
|
| 46 |
+ $fetchData = $query0->get_result(); |
|
| 47 |
+ $getData = $fetchData->fetch_row(); |
|
| 48 |
+ $query0->close(); |
|
| 49 |
+ |
|
| 50 |
+ if (!empty($getData)) {
|
|
| 51 |
+ |
|
| 52 |
+ $passfromdb = $getData[2]; |
|
| 53 |
+ $passVerify = password_verify($crntPswd, $passfromdb); |
|
| 54 |
+ |
|
| 55 |
+ if ($passVerify) {
|
|
| 56 |
+ |
|
| 57 |
+ $newPswd = password_hash($newpass, PASSWORD_DEFAULT); |
|
| 58 |
+ $query1 = $mysqli->prepare("UPDATE panelusers SET password=? WHERE BINARY username=?");
|
|
| 59 |
+ $query1->bind_param("ss", $newPswd, $userName);
|
|
| 60 |
+ |
|
| 61 |
+ if ($query1->execute()) {
|
|
| 62 |
+ $result = 'success'; |
|
| 63 |
+ $messagetosend = "The new password has been saved !<br>From now on please use your new password to log in!"; |
|
| 64 |
+ } else {
|
|
| 65 |
+ $result = 'success'; |
|
| 66 |
+ $messagetosend = "An error occurred while updating your password!"; |
|
| 67 |
+ } |
|
| 68 |
+ |
|
| 69 |
+ $query1->close(); |
|
| 70 |
+ |
|
| 71 |
+ } else {
|
|
| 72 |
+ $result = 'failure'; |
|
| 73 |
+ $messagetosend = "The given current password is incorrect !"; |
|
| 74 |
+ } |
|
| 75 |
+ |
|
| 76 |
+ } else {
|
|
| 77 |
+ $result = 'failure'; |
|
| 78 |
+ $messagetosend = "The given current password is incorrect !"; |
|
| 79 |
+ } |
|
| 80 |
+ |
|
| 81 |
+ } catch (mysqli_sql_exception $e) {
|
|
| 82 |
+ $result = 'failure'; |
|
| 83 |
+ $messagetosend = "An error occurred while processing your request. You can try again after a few moments !"; |
|
| 84 |
+ } |
|
| 85 |
+ |
|
| 86 |
+ $resp = array('result' => $result, 'messagetosend' => $messagetosend);
|
|
| 87 |
+ echo json_encode($resp); |
|
| 88 |
+ } |
|
| 89 |
+ } |
|
| 90 |
+ |
|
| 91 |
+} else { header("Location: panel-login.php"); }
|
|
| 92 |
+ |
|
| 93 |
+?> |