-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathchange-password-process.php
More file actions
63 lines (47 loc) · 1.56 KB
/
change-password-process.php
File metadata and controls
63 lines (47 loc) · 1.56 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
<?php
require_once "./db/connect.php";
// Check if form data is received
if ($_SERVER["REQUEST_METHOD"] !== "POST") {
die("Invalid request method!");
}
// Get email and passwords
$email = htmlspecialchars($_POST['email']);
$new_password = $_POST['new_password'];
$confirm_password = $_POST['confirm_password'];
if ($new_password !== $confirm_password) {
die("Passwords do not match!");
}
var_dump($email);
exit;
// Hash the new password
$hashed_password = password_hash($new_password, PASSWORD_DEFAULT);
// // Make sure email exists before updating
$checkEmailSql = "SELECT id FROM officers WHERE email = ?";
$stmt = $conn->prepare($checkEmailSql);
if (!$stmt) {
die("Error preparing statement: " . $conn->error);
}
$stmt->bind_param("s", $email);
$stmt->execute();
$result = $stmt->get_result();
if ($result->num_rows === 0) {
die("No officer found with this email.");
}
$stmt->close();
// Update the password and mark the officer as active
$updateSql = "UPDATE officers SET password = ?, is_active = 1 WHERE email = ?";
$stmt = $conn->prepare($updateSql);
$stmt->bind_param("ss", $hashed_password, $email);
if ($stmt->execute()) {
echo "Password updated successfully! You can now log in.";
//header("Location: /digifine/login/index.php");
} else {
die("Error updating password: " . $conn->error);
}
$stmt->close();
$conn->close();
// PASSWORD_RESET_REQUEST_TABLE:[TOKEN:PRIMARY KEY, EMAIL]
// Fetch email by token
// update password related to fetched email
// delete token from table
?>