PK
<?php
include "include/session.php";
include "include/configure.php";
if(isset($_POST['submit']) && $_POST['submit']=="Submit"){
$error = "";
if($_POST['password']==$_POST['confirmPassword']){
$sql = mysql_query("SELECT * FROM admin WHERE pass='".md5($_POST['oldPassword'])."'");
$numRows = mysql_num_rows($sql);
if($numRows==1){
mysql_query("UPDATE admin SET pass='".md5($_POST['password'])."' where id='1'");
header("location: changePassword.php?act=1");
}else{
$error = 2;
}
}else{
$error = 3;
}
}
include "include/header.php";
?>
<div class="openHead">Chanage Password</div>
<div class="middleMainContainer">
<form method="post" action="<?=$siteUrl; ?>changePassword.php" >
<table border="1" width="100%" cellpadding="5" cellspacing="0" align="center" class="formTb changePasswordTb">
<?php
if(isset($_GET['act']) && $_GET['act']=="1"){
$error = 1;
}
if($error){
$message = "";
switch($error){
case "1":
$message = "Password changed sucessfully";
break;
case "2":
$message = "Old password is incorrect";
break;
case "3":
$message = "Password does not match";
break;
}
echo "<tr>
<td colspan='2' align='center'><span class='error'>".$message."</span></td>
</tr>";
}
?>
<tr>
<td width="50%" align="right">Username :: </td>
<td width="50%">Admin</td>
</tr>
<tr>
<td align="right">Old Password :: </td>
<td><input type="password" name="oldPassword" id="oldPassword" /></td>
</tr>
<tr>
<td align="right">Password :: </td>
<td><input type="password" name="password" id="password" /></td>
</tr>
<tr>
<td align="right">Confirm Password :: </td>
<td><input type="password" name="confirmPassword" id="confirmPassword" /></td>
</tr>
<tr>
<td align="right"> </td>
<td><input type="submit" name="submit" class="smtButton" value="Submit" /></td>
</tr>
</table>
</form>
</div>
<?php include "include/footer.php"; ?>
PK 99