1 |
<?php |
2 |
$error = ""; |
3 |
if ($posalji) { |
4 |
if (!$error && !$password) $error = "Morate upisati Va¹u staru lozinku."; |
5 |
if (!$error) { |
6 |
include("inc/conn.php"); |
7 |
$sql = "SELECT password FROM users WHERE (username = '$PMusername')"; |
8 |
$sth = $dbh->prepare($sql); |
9 |
if (!$sth) error("Cannot prepare query: \"$sql\""); |
10 |
if (!$sth->execute()) error("Cannot execute query: \"$sql\""); |
11 |
$pass = $sth->fetchrow_array(); |
12 |
$sth->finish(); |
13 |
if ($pass) $pass = array_shift($pass); |
14 |
if (!$pass) $error = "Nepoznato korisnièko ime."; |
15 |
if (!$error && md5($password) != $pass) $error = "Niste pravilno upisali Va¹u staru lozinku."; |
16 |
} |
17 |
if (!$error && !$password1) $error = "Morate upisati novu lozinku."; |
18 |
if (!$error && $password1 != $password2) $error = "Lozinke se ne podudaraju."; |
19 |
if (!$error && strlen($password1) < 5) $error = "Lozinka mora biti najmanje 5 znakova."; |
20 |
if (!$error) { |
21 |
$pass = GeneratePassword(); |
22 |
$sql = "UPDATE users SET password = '".md5($password1)."' WHERE (username = '$PMusername')"; |
23 |
$dbh->dbh_do($sql); |
24 |
} |
25 |
} |
26 |
$tpl->assign("username", $PMusername); |
27 |
$tpl->assign("error", $error); |
28 |
$tpl->assign("done", !$posalji || $error ? false : true); |
29 |
?> |