MOON
Server: Apache
System: Linux ip-208-109-13-31.ip.secureserver.net 3.10.0-1160.119.1.el7.tuxcare.els4.x86_64 #1 SMP Sat Aug 31 06:58:57 UTC 2024 x86_64
User: durgeshpandey215 (1013)
PHP: 8.1.29
Disabled: NONE
$ pwd: /home/durgeshpandey215/public_html/zeeroprice.skilladders.com/
Upload Files
File: /home/durgeshpandey215/public_html/zeeroprice.skilladders.com/changepassword.php
<? require "application_top.php";
	
	if(isset($_SESSION['token']) && isset($_POST['token']) && ($_POST['token']==$_SESSION['token'])){
		$curpassword = md5($_POST['curpassword']);
		$db->where('userid',$_SESSION['useridsess']);
		$db->where('ipassword',$curpassword);
		$rowu = $db->getOne('register');
		if($rowu){
		$newpassword = md5($_POST['newpassword']);
		$updatedata = array('ipassword'=>$newpassword);
		$db->where('userid',$_SESSION['useridsess']);
		$db->update('register',$updatedata);
		$_SESSION['msg'] = "Password changed successfully";
		}else{
			$_SESSION['msg'] = "Error! Wrong current password entered.";
		}
		header("Location:".$_SERVER['HTTP_REFERER']);
		exit;
	}

//form token below
$token = md5(uniqid(rand(), true));
$_SESSION['token'] = $token;

$db->where("userid",$_SESSION['useridsess']);
$rowcust = $db->getOne('register');

?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta charset="utf-8">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title></title>
<? require "scripts.php";?>
</head>
<body>

<? $pagename = "register"; require "header.php";?>

<h1>Change Password</h1>
<br/>
<div class="w3-card w3-white" style="max-width:600px;margin:0 auto;">
	<div class="w3-blue w3-container w3-padding">Change Your Password</div>
	<form action="<?=$_SERVER['PHP_SELF'];?>" method="post" id="commonform" enctype="multipart/form-data">		
	<div class="w3-padding" style="margin:0 auto;max-width:400px;">
		<br/>
		Enter Current Password* :
			<input type="password" name="curpassword" id="curpassword" class="w3-input number masterTooltip" maxlength="10" autocomplete="off" required/><div id="mobnoDiv"></div>
		New Password* :<br/>
		<input type="password" name="newpassword" id="newpassword"  maxlength="40" class="w3-input" required/></td>
		Retype New Password :<br/>
		<input type="password" oninput="check();" name="retypepassword" id="retypepassword" class="w3-input email" required/>
		<br/>
		<input type="hidden" name="token" value="<?=$token?>"/>
		<center><input type="submit" class="w3-btn w3-pink" id="submitbutton" value="Submit"/></center>
		<br/><br/>
		</div>
	</form>
	<script>
	function check() {
		var input = document.getElementById('retypepassword');
		if (input.value != document.getElementById('newpassword').value) {
			input.setCustomValidity('New Password and Retype password Must be Matching.');
		} else {
			// input is valid -- reset the error message
			input.setCustomValidity('');
		}
	}
	</script>
</div>
<br/><br/>

	<? include "footer.php";?>
</body>
</html>
@ Telegram