Added func change_password

author: Horus3 2014-03-16 23:39:07 +0100
committer: Horus3 2014-03-16 23:39:07 +0100
commit: d5bd89e1d64d00f0d10926c470bc850646f4a969 (patch)
tree: 26949050c55cb7d89d2fb6ae70e262fc3851ab09 /www/functions/func_password.php
parent: 7f91eee42bf1e48021fc1901c46c2c614adbab7d (diff)
download: files.iamfabulous.de-d5bd89e1d64d00f0d10926c470bc850646f4a969.tar.gz
1 files changed, 30 insertions, 0 deletions
diff --git a/www/functions/func_password.php b/www/functions/func_password.php
new file mode 100644
index 0000000..9d2d08a
--- /dev/null
+++ b/www/functions/func_password.php
@@ -0,0 +1,30 @@
+<?php
+
+function change_password($db, $first_password, $second_password){
+	if($_SESSION["login"]){
+		$username = user($db, $_SESSION["username"]);
+	} else {
+		$username_db = $db->query("SELECT id FROM user WHERE email='" . SQLite3::escapeString($_POST['email']) . "';");
+		$username_ar = $username_db->fetchArray(SQLITE3_NUM);
+		$username = $username_ar[0];
+	}
+	
+	if($first_password != $second_password || !isset($first_password) || empty($first_password) || $first_password == ""){
+		return PASSWORD_PASSWORD;
+	}
+
+	$pepper = file_get_contents("../database/pepper.txt");
+	$password = $first_password . $pepper;
+
+	$hash_password = password_hash($password, PASSWORD_DEFAULT);
+
+	if($db->exec("
+		BEGIN TRANSACTION;
+		UPDATE user SET password='" . $hash_password . "' WHERE id=" . $username . ";
+		COMMIT;
+	")){
+		return PASSWORD_SUCCESS;
+	} else {
+		return PASSWORD_DATABASE;
+	}
+}
author	Horus3	2014-03-16 23:39:07 +0100
committer	Horus3	2014-03-16 23:39:07 +0100
commit	d5bd89e1d64d00f0d10926c470bc850646f4a969 (patch)
tree	26949050c55cb7d89d2fb6ae70e262fc3851ab09 /www/functions/func_password.php
parent	7f91eee42bf1e48021fc1901c46c2c614adbab7d (diff)
download	files.iamfabulous.de-d5bd89e1d64d00f0d10926c470bc850646f4a969.tar.gz