| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748 |
- <?php
- session_start();
- if (!isset($_SESSION['login'])){
- header('Location: signin.php');
- exit();
- }
- if ($_SERVER['REQUEST_METHOD'] != 'POST') {
- header('Location: signin.php');
- exit();
- }
- if (!isset($_POST['passwd'], $_POST['passwdconf'])) {
- header('Location: signin.php');
- exit();
- }
- if (empty($_POST['passwd']) || empty($_POST['passwdconf'])) {
- header('Location: signin.php');
- exit();
- }
-
- $passwd = htmlspecialchars($_POST['passwd']);
- $passwdconf = htmlspecialchars($_POST['passwdconf']);
-
- if ($passwd != $passwdconf) {
- header('Location: signin.php');
- exit();
- }
-
- include_once('bdd.php');
-
- try {
- $pdo = new PDO(SQL_DSN, SQL_USERNAME, SQL_PASSWORD);
- }
- catch (PDOException $e) {
- $_SESSION['message'] = $e->getMessage();
- header('Location: signin.php');
- exit();
- }
-
- $req = $pdo->prepare('UPDATE Users SET passwd = :passwd WHERE login = :login');
- $req->bindValue(':passwd', password_hash($passwd, PASSWORD_DEFAULT));
- $req->bindValue(':login', $_SESSION['login']);
- if ($req->execute()) {
- header('Location: welcome.php');
- exit();
- } else {
- header('Location: formpassword.php');
- exit();
- }
|
