blob: 9d2d08a1a1b41d7202f08ecac7660eaf958d023e (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
|
<?php
function change_password($db, $first_password, $second_password){
if($_SESSION["login"]){
$username = user($db, $_SESSION["username"]);
} else {
$username_db = $db->query("SELECT id FROM user WHERE email='" . SQLite3::escapeString($_POST['email']) . "';");
$username_ar = $username_db->fetchArray(SQLITE3_NUM);
$username = $username_ar[0];
}
if($first_password != $second_password || !isset($first_password) || empty($first_password) || $first_password == ""){
return PASSWORD_PASSWORD;
}
$pepper = file_get_contents("../database/pepper.txt");
$password = $first_password . $pepper;
$hash_password = password_hash($password, PASSWORD_DEFAULT);
if($db->exec("
BEGIN TRANSACTION;
UPDATE user SET password='" . $hash_password . "' WHERE id=" . $username . ";
COMMIT;
")){
return PASSWORD_SUCCESS;
} else {
return PASSWORD_DATABASE;
}
}
|
