Show sourcecode
The following files exists in this folder. Click to view.
Webserver1/Ovningar/Slutprojekt/
.env
DEBUG/
Media/
account.js
account.php
callback_log.txt
change_account_details.php
composer.json
composer.lock
forgot_pass.php
forgot_pass_new_pass.php
header.php
index.php
login.php
mediaplayer.php
node_modules/
package-lock.json
package.json
signup.php
style.css
upload.js
upload_callback.php
upload_callback_simulated.php
upload_chunk.php
upload_errors.log
upload_form.php
upload_handler.php
upload_success.log
vendor/
verify_file.php
verifypage.php
forgot_pass_new_pass.php
121 lines UTF-8 Windows (CRLF)
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121
<?php
session_start();
$user_id = $_SESSION["userId"] ?? null;
if (!$user_id) {
header("Location:login.php");
}
/**
* @var PDO $dbconn
* @var bool $local
* @var class DBManager
*/
include('../../incl/dbconnection.php');
$dbmanager = new DBManager();
$cur_pas = $_POST['current-password-input'] ?? null;
$new_pas = $_POST['new-password-input'] ?? null;
$check_pas = $_POST['new-password-check-input'] ?? null;
function verifyDetails($cur_pas, $new_pas, $check_pas) : bool {
global $dbmanager, $user_id;
$actual_pass = $dbmanager->fetch_from_table(["password"], "bay_users", ["id" => $user_id])[0]['password'] ?: null;
// Kolla om rätt nuvarande lösenord
if (!password_verify($cur_pas, $actual_pass)) {
$_SESSION['flash_msg'] = "Fel nuvarande lösenord!";
return false;
}
if ($new_pas != $check_pas) {
$_SESSION['flash_msg'] = "Nytt lösenord matchar inte med kontrollrutan!";
return false;
}
return true;
}
if ($cur_pas && $new_pas && $check_pas) {
if (verifyDetails($cur_pas, $new_pas, $check_pas)) {
$hashed_pass = password_hash($new_pas, PASSWORD_BCRYPT);
$dbmanager->update_table_values(
"bay_users",
[
"password" => $hashed_pass
],
[
"id" => $user_id
]
);
$_SESSION['flash_msg'] = "Ditt lösenord har uppdaterats.";
header("Location: account.php");
exit;
}
}
?>
<!DOCTYPE html>
<html lang="sv">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Ändra kontouppgifter</title>
<link rel="stylesheet" href="style.css">
<link href="https://fonts.googleapis.com/icon?family=Material+Icons" rel="stylesheet">
<style>
form {
display: grid;
justify-items: center;
}
form .row {
margin: 1rem;
}
</style>
</head>
<body>
<?php include("./header.php") ?>
<form method="post">
<h1>Ändra lösenord</h1>
<?php
if (isset($_SESSION['flash_msg'])) {
echo "<p>" . $_SESSION['flash_msg'] . "</p>";
unset($_SESSION['flash_msg']);
}
?>
<div class="row">
<label for="new-password-input">Nytt lösenord:</label>
<input required type="password" name="new-password-input" id="new-password-input" autocomplete="new-password">
</div>
<div class="row">
<label for="new-password-check-input">Nytt lösenord (igen):</label>
<input required type="password" name="new-password-check-input" id="new-password-check-input" autocomplete="new-password">
</div>
<input disabled id="submit-button" type="submit" value="Byt lösenord">
</form>
<script>
const submitBtn = document.getElementById("submit-button");
const curPas = document.getElementById("current-password-input");
const newPas = document.getElementById("new-password-input");
const checkPas = document.getElementById("new-password-check-input");
function validate() {
if (checkPas.value != newPas.value) {
checkPas.style.outline = "1px solid red";
submitBtn.disabled = true;
}
else {
checkPas.style.outline = "1px solid lime";
submitBtn.disabled = false;
}
}
checkPas.addEventListener("input", validate);
</script>
</body>
</html>