TwoTalesDev/4WDCSA.co.za
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Initial commit

Browse Source
This commit is contained in:
Local Administrator
2025-04-18 10:32:42 +02:00
commit b83134aca3
29643 changed files with 3045897 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

70
change_password.php Normal file
View File

@@ -0,0 +1,70 @@
<?php
require_once("session.php");
require_once("connection.php");
require_once("functions.php");
$response = array('status' => 'error', 'message' => 'Something went wrong');
// Check if the user is logged in
if (!isset($_SESSION['user_id'])) {
$response['message'] = 'You are not logged in.';
echo json_encode($response);
exit();
}
$user_id = $_SESSION['user_id'];
// Check if form data is submitted
if (isset($_POST['current_password'], $_POST['new_password'], $_POST['confirm_password'])) {
$current_password = $_POST['current_password'];
$new_password = $_POST['new_password'];
$confirm_password = $_POST['confirm_password'];
// Validate new passwords
if ($new_password !== $confirm_password) {
$response['message'] = 'New passwords do not match.';
echo json_encode($response);
exit();
}
// Fetch the stored hashed password from the database
$sql = "SELECT password FROM users WHERE user_id = ?";
$stmt = $conn->prepare($sql);
$stmt->bind_param("i", $user_id);
$stmt->execute();
$result = $stmt->get_result();
$user = $result->fetch_assoc();
if (!$user) {
$response['message'] = 'User not found.';
echo json_encode($response);
exit();
}
// Verify the current password
if (!password_verify($current_password, $user['password'])) {
$response['message'] = 'Current password is incorrect.';
echo json_encode($response);
exit();
}
// Hash the new password
$new_password_hash = password_hash($new_password, PASSWORD_BCRYPT);
// Update the new password in the database
$sql = "UPDATE users SET password = ? WHERE user_id = ?";
$stmt = $conn->prepare($sql);
$stmt->bind_param("si", $new_password_hash, $user_id);
if ($stmt->execute()) {
$response['status'] = 'success';
$response['message'] = 'Password changed successfully.';
} else {
$response['message'] = 'Failed to change password.';
}
} else {
$response['message'] = 'Invalid form submission.';
}
echo json_encode($response);
?>