Location: PHPKode > scripts > WH Board > wh_board/password.php
<?php require('style/layout/header.php'); ?>

    <div class="content_left">
        <ul id="breadcrumbs">
            <li><a href="index.php"><?php echo $lang['main_page']; ?></a></li>
            <li><a href="myprofile.php"><?php echo $lang['user_area']; ?></a></li>
            <li><a href="password.php" class="actual"><?php echo $lang['change_password']; ?></a></li>
        </ul>
    </div>
    <div class="content_right"><form method="post" id="search" action="search.php?search">
        <input type="text" name="search" placeholder="<?php echo $lang['enter_search_term']; ?>..." class="searchfield">
        <input type="hidden" name="submit" value="<?php echo $lang['search']; ?>" alt="<?php echo $lang['search']; ?>">
        </form>
    </div>

    <div class="clear"></div>

    <div id="headline">&nbsp;</div>

    <?php

        if(!isset($_SESSION['signed_in'])) {

		echo '<p class="false">' . $lang['only_for_registered'] . '</p>
        <p>' . $lang['you_have_to'] . ' <a href="signin.php">' . $lang['small_signin'] . '</a>. ' . $lang['not_yet'] . ' <a href="signup.php">' . $lang['registered'] . '</a>?</p>';

		}else{
		
		echo '<h1>' . $lang['my_login_informations'] . '</h1>';

			if($_SERVER['REQUEST_METHOD'] != 'POST') {

			echo '<form id="password" name="password" method="post" action="">
			<p><input type="password" name="old_password" class="textfields" size="40"> <span class="green">' . $lang['actual_password'] . '</span>
            <br><small>' . $lang['confirm_password'] . '</small></p>
            <p><input type="password" name="password" class="textfields" size="40"> ' . $lang['new_password'] . '</p>
            <p><input type="password" name="password_check" class="textfields" size="40"> ' . $lang['password_repeat'] . '</p>
            <p><input type="submit" name="submit" value="' . $lang['change_password'] . '" alt="' . $lang['change_password'] . '" class="buttons"></p>
            </form>';

			}else{

            $check_pw = "SELECT
                             user_id,
                             user_pass
                         FROM
                             users
                         WHERE
                             user_id = " . (int)$_SESSION['user_id'];

            $verified_pw = mysql_query($check_pw) OR die(mysql_error());

            while($check_row = mysql_fetch_assoc($verified_pw)) {

                $dp = mysql_real_escape_string($check_row['user_pass']);
                $tp = htmlentities($_POST['old_password']);
                }

			$errors = array();

			if(isset($_POST['password'])) {
			if(trim($_POST['password']) == "") {
			$errors[] = $lang['not_enter_pass'];
			}

			if($_POST['password'] != $_POST['password_check']) {
			$errors[] = $lang['no_pass_match'];
			}

				}else{
				$errors[] = $lang['not_enter_pass'];
				}

            if(isset($_POST['old_password'])) {
		    if(trim($_POST['old_password']) == "") {
		    $errors[] = $lang['enter_actual_pass'];
		    }

		    if($_POST['old_password'] != $tp) {
		    $errors[] = $lang['actual_pass_false'];
		    }

                }else{
                $errors[] = $lang['enter_actual_pass'];
                }

			if(!empty($errors)) {

			echo '<p class="false">' . $lang['not_filled_all'] . '</p>
			<p><a href="javascript:history.back();">' . $lang['back'] . '</a></p>';
			echo '<ul>';

			foreach($errors as $key => $value) {
			echo '<li>&#8226; ' . $value . '</li>'; 
			}
			echo '</ul>';

			}else{

			$pass = "UPDATE 
						users     
					 SET
						user_pass = '" . sha1(mysql_real_escape_string($_POST['password'])) . "'
					 WHERE
						user_id = " . (int)$_SESSION['user_id'];

			mysql_query($pass) OR die(mysql_error());

		if(mysql_affected_rows() == 1) {

		echo '<p class="success">' . $lang['password_changed'] . '!</p>';

			}else{

			echo '<p class="false">' . $lang['password_not_changed'] . '</p>';
            }

        }}}

	?>

<?php require('style/layout/footer.php'); ?>
Return current item: WH Board