forked from hammadshahir/PHP-MySQL-ecommerce-website
-
Notifications
You must be signed in to change notification settings - Fork 0
/
customer-password-update.php
97 lines (82 loc) · 3.58 KB
/
customer-password-update.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
<?php require_once('header.php'); ?>
<?php
// Check if the customer is logged in or not
if(!isset($_SESSION['customer'])) {
header('location: '.BASE_URL.'logout.php');
exit;
} else {
// If customer is logged in, but admin make him inactive, then force logout this user.
$statement = $pdo->prepare("SELECT * FROM tbl_customer WHERE cust_id=? AND cust_status=?");
$statement->execute(array($_SESSION['customer']['cust_id'],0));
$total = $statement->rowCount();
if($total) {
header('location: '.BASE_URL.'logout.php');
exit;
}
}
?>
<?php
if (isset($_POST['form1'])) {
$valid = 1;
if( empty($_POST['cust_password']) || empty($_POST['cust_re_password']) ) {
$valid = 0;
$error_message .= LANG_VALUE_138."<br>";
}
if( !empty($_POST['cust_password']) && !empty($_POST['cust_re_password']) ) {
if($_POST['cust_password'] != $_POST['cust_re_password']) {
$valid = 0;
$error_message .= LANG_VALUE_139."<br>";
}
}
if($valid == 1) {
// update data into the database
$password = strip_tags($_POST['cust_password']);
$statement = $pdo->prepare("UPDATE tbl_customer SET cust_password=? WHERE cust_id=?");
$statement->execute(array(md5($password),$_SESSION['customer']['cust_id']));
$_SESSION['customer']['cust_password'] = md5($password);
$success_message = LANG_VALUE_141;
}
}
?>
<div class="page">
<div class="container">
<div class="row">
<div class="col-md-12">
<?php require_once('customer-sidebar.php'); ?>
</div>
<div class="col-md-12">
<div class="user-content">
<h3 class="text-center">
<?php echo LANG_VALUE_99; ?>
</h3>
<form action="" method="post">
<?php $csrf->echoInputField(); ?>
<div class="row">
<div class="col-md-4"></div>
<div class="col-md-4">
<?php
if($error_message != '') {
echo "<div class='error' style='padding: 10px;background:#f1f1f1;margin-bottom:20px;'>".$error_message."</div>";
}
if($success_message != '') {
echo "<div class='success' style='padding: 10px;background:#f1f1f1;margin-bottom:20px;'>".$success_message."</div>";
}
?>
<div class="form-group">
<label for=""><?php echo LANG_VALUE_100; ?> *</label>
<input type="password" class="form-control" name="cust_password">
</div>
<div class="form-group">
<label for=""><?php echo LANG_VALUE_101; ?> *</label>
<input type="password" class="form-control" name="cust_re_password">
</div>
<input type="submit" class="btn btn-primary" value="<?php echo LANG_VALUE_5; ?>" name="form1">
</div>
</div>
</form>
</div>
</div>
</div>
</div>
</div>
<?php require_once('footer.php'); ?>