Initial commit

actions/change-password.php

@@ -0,0 +1,77 @@
+<?php session_start();
+require "../files/ezine_db.inc.php";
+
+$Benutzername = strip_tags(htmlentities($_SESSION["Benutzername"]));
+$Verification = $_SESSION["Verification"];
+if($Verification == 'true') {
+  $LoggedIn = 'true';
+  $forwarding = 'reset-password';
+}
+else {
+  $forwarding = 'myaccount';
+  $Passwort = strip_tags(htmlentities($_POST["Passwort"]));
+  $Passwort = hash('sha512',$Passwort);
+  $sql = "SELECT * FROM `VokabelBoxUsers` WHERE `Benutzername` = '$Benutzername' AND `Passwort` = '$Passwort'";
+  $result_articles = $conn->query($sql);
+  if(!mysqli_num_rows($result_articles))
+  {
+  $LoggedIn = 'false';
+  }
+  else {
+  $LoggedIn = 'true';
+  }
+}
+unset($_SESSION["Verification"]);
+$Passwort1 = strip_tags(htmlentities($_POST["Passwort1"]));
+$Passwort2 = strip_tags(htmlentities($_POST["Passwort2"]));
+
+
+$Passwort1 = hash('sha512',$Passwort1);
+$Passwort2 = hash('sha512',$Passwort2);
+
+
+?>
+<!DOCTYPE html>
+<html>
+  <head>
+    <title>VokabelBox</title>
+    <meta name="viewport" content="width=device-width, initial-scale=1">
+    <link rel="stylesheet" href="../files/style.css" />
+    <link rel="stylesheet" href="https://use.fontawesome.com/releases/v5.8.1/css/all.css" integrity="sha384-50oBUHEmvpQ+1lW4y57PTFmhCaXp0ML5d60M1M7uH2+nqUivzIebhndOJK28anvf" crossorigin="anonymous">
+  </head>
+  <body>
+    <?php
+    if(empty($Passwort1) || empty($Passwort2)) {
+      $_SESSION["errorCode"] = 'generalError';
+      print("<meta http-equiv='refresh' content='0; URL=../$forwarding'>");
+    }
+    else{
+      if($LoggedIn == 'true') {
+      if($Passwort1 != $Passwort2) {
+        $_SESSION["errorCode"] = 'keineUebereinstimmung';
+        print("<meta http-equiv='refresh' content='0; URL=../$forwarding'>");
+      }
+      else {
+
+        $conn->query("UPDATE `VokabelBoxUsers` SET `Passwort` = '$Passwort1',`UngueltigeLogins` = '0' WHERE `Benutzername` = '$Benutzername'");
+
+        $_SESSION["errorCode"] = 'success';
+        print("<meta http-equiv='refresh' content='0; URL=../myaccount'>");
+
+        $_SESSION["Benutzername"] = $Benutzername;
+        $_SESSION["Passwort"] = $Passwort1;
+
+        }
+      }
+        else {
+          $_SESSION["errorCode"] = 'wrongLogin';
+          print("<meta http-equiv='refresh' content='0; URL=../$forwarding'>");
+        }
+      }
+
+
+
+
+    ?>
+  </body>
+</html>