", print_r($_POST, true), ""; // If the user is logged in, he or she will have a cookie. // If no cookie exists, redirect user to login page. if(!isset($_COOKIE['user_id']) OR !isset($_COOKIE['first_name']) OR !isset($_COOKIE['sessionID']) ){ redirect_user(); exit(); } $sessionID = $_COOKIE['sessionID']; // Set the database access information as constants: DEFINE ('DB_USER', 'rcfraley'); DEFINE ('DB_PASSWORD', '*PASSWORD*'); DEFINE ('DB_HOST', 'yourpersonality.netfirmsmysql.com'); DEFINE ('DB_NAME', 'ullman'); // Make the connection: $dbc = @mysqli_connect (DB_HOST, DB_USER, DB_PASSWORD, DB_NAME) OR die ('Could not connect to MySQL: ' . mysqli_connect_error() ); // Include external style sheet print " "; print "
"; print "
"; #------------------------ # Check to see if two passwords match # And, if so, update database with new password #------------------------ if($submit_change == 1){ // Make sure the two entries of the new password are idential $validated = 0; $sessionID = $_COOKIE['sessionID']; $id = $_COOKIE['user_id']; $q= "SELECT session, user_id FROM users WHERE user_id='$id' AND session='$sessionID' LIMIT 1"; $r = @mysqli_query ($dbc, $q); // Run the query. if($r){ $validated = 1; } if($password1 == $password2 AND $validated == 1){ $pp = SHA1($password1); //$q= "UPDATE users SET pass='$pp' WHERE user_id='$id' LIMIT 1"; didn't work $q= "UPDATE users SET pass='$pp' WHERE user_id='$id' AND session='$sessionID' LIMIT 1"; $r = @mysqli_query ($dbc, $q); // Run the query. if ($r) { // If it ran OK. print "Your password was updated. Please note that you are still logged into the system. The next time you login you will need to use your new password.
"; print "Return to menu
"; }else{ print "The password was unable to update correctly. Please try again or contact the web administrator.
"; } }else{ $error[] = "The passwords you entered do not match."; print "The passwords do not match. Please try again.
"; } } # end $create_account == 1 && $submit_create == 1 #------------------------ # Obtain new password information #------------------------ if($submit_change == 0){ print "
Change your Password

Please verify your e-mail address
My e-mail address is:

"; print "
Please choose a new password

Please type the new password again to protect against errors.


"; } # end print "
"; mysqli_close($dbc); // Close the database connection. ?>