PNG  IHDR pHYs   OiCCPPhotoshop ICC profilexڝSgTS=BKKoR RB&*! J!QEEȠQ, !{kּ> H3Q5 B.@ $pd!s#~<<+"x M0B\t8K@zB@F&S`cbP-`'{[! eDh;VEX0fK9-0IWfH  0Q){`##xFW<+*x<$9E[-qWW.(I+6aa@.y24x6_-"bbϫp@t~,/;m%h^ uf@Wp~<5j>{-]cK'Xto(hw?G%fIq^D$.Tʳ?D*A, `6B$BB dr`)B(Ͱ*`/@4Qhp.U=pa( Aa!ڈbX#!H$ ɈQ"K5H1RT UH=r9\F;2G1Q= C7F dt1r=6Ыhڏ>C03l0.B8, c˱" VcϱwE 6wB aAHXLXNH $4 7 Q'"K&b21XH,#/{C7$C2'ITFnR#,4H#dk9, +ȅ3![ b@qS(RjJ4e2AURݨT5ZBRQ4u9̓IKhhitݕNWGw Ljg(gwLӋT071oUX**| J&*/Tު UUT^S}FU3S ԖUPSSg;goT?~YYLOCQ_ cx,!k u5&|v*=9C3J3WRf?qtN (~))4L1e\kXHQG6EYAJ'\'GgSSݧ M=:.kDwn^Loy}/TmG X $ <5qo</QC]@Caaᄑ.ȽJtq]zۯ6iܟ4)Y3sCQ? 0k߬~OCOg#/c/Wװwa>>r><72Y_7ȷOo_C#dz%gA[z|!?:eAAA!h쐭!ΑiP~aa~ 'W?pX15wCsDDDޛg1O9-J5*>.j<74?.fYXXIlK9.*6nl {/]py.,:@LN8A*%w% yg"/6шC\*NH*Mz쑼5y$3,幄'L Lݛ:v m2=:1qB!Mggfvˬen/kY- BTZ(*geWf͉9+̳ې7ᒶKW-X潬j9(xoʿܔĹdff-[n ڴ VE/(ۻCɾUUMfeI?m]Nmq#׹=TR+Gw- 6 U#pDy  :v{vg/jBFS[b[O>zG499?rCd&ˮ/~јѡ򗓿m|x31^VwwO| (hSЧc3- cHRMz%u0`:o_F@8N ' p @8N@8}' p '#@8N@8N pQ9p!i~}|6-ӪG` VP.@*j>[ K^<֐Z]@8N'KQ<Q(`s" 'hgpKB`R@Dqj '  'P$a ( `D$Na L?u80e J,K˷NI'0eݷ(NI'؀ 2ipIIKp`:O'`ʤxB8Ѥx Ѥx $ $P6 :vRNb 'p,>NB 'P]-->P T+*^h& p '‰a ‰ (ĵt#u33;Nt̵'ޯ; [3W ~]0KH1q@8]O2]3*̧7# *p>us p _6]/}-4|t'|Smx= DoʾM×M_8!)6lq':l7!|4} '\ne t!=hnLn (~Dn\+‰_4k)0e@OhZ`F `.m1} 'vp{F`ON7Srx 'D˸nV`><;yMx!IS钦OM)Ե٥x 'DSD6bS8!" ODz#R >S8!7ّxEh0m$MIPHi$IvS8IN$I p$O8I,sk&I)$IN$Hi$I^Ah.p$MIN$IR8I·N "IF9Ah0m$MIN$IR8IN$I 3jIU;kO$ɳN$+ q.x* tEXtComment

Viewing File: /home/bookcele/public_html/password.php

<?php
include 'header.php';

ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);

// Initialize variables
$msg = "";
$err = "";

// Handle form submission
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
    $current_password = $_POST['current_password'] ?? '';
    $new_password = $_POST['password'] ?? '';
    $password_confirmation = $_POST['password_confirmation'] ?? '';

    // Validate CSRF token
    if (!isset($_POST['_token']) || $_POST['_token'] !== 'KM5EnItCap3TL8nux8waUAAOvZgA0DvbjTGJOMsF') {
        $err = "Invalid CSRF token";
    }

    // Validate inputs
    if (empty($err) && empty($current_password)) {
        $err = "Current password is required";
    }
    if (empty($err) && empty($new_password)) {
        $err = "New password is required";
    }
    if (empty($err) && strlen($new_password) < 6) {
        $err = "New password must be at least 6 characters long";
    }
    if (empty($err) && $new_password !== $password_confirmation) {
        $err = "New password and confirmation do not match";
    }

    // Verify current password
    if (empty($err)) {
        $query = "SELECT password FROM users WHERE id = $user_id";
        $result = mysqli_query($link, $query);
        if ($result && mysqli_num_rows($result) > 0) {
            $user = mysqli_fetch_assoc($result);
            if ($new_password == $user['password']) {
                $err = "Current password is incorrect";
            }
        } else {
            $err = "User not found";
        }
    }

    // Update password
    if (empty($err)) {
        $query = "UPDATE users SET password = '$new_password' WHERE id = $user_id";
        if (mysqli_query($link, $query)) {
            $msg = "Password updated successfully";

        } else {
            $err = "Failed to update password: " . mysqli_error($link);
        }
    }

    // Output messages
    if ($err) {
        echo "<div class='alert alert-danger'>$err</div>";
    } elseif ($msg) {
        echo "<div class='alert alert-success'>$msg</div>";
    }
}
?>

    <main class="flex-grow-1" style="padding-top: 80px;">
        
        
        <div class="container">
    <div class="row justify-content-center">
        <div class="col-md-8">
            <div class="card">
                <div class="card-header">Change Password</div>
                
                  <?php if ($msg) { ?>
                    <div class='alert alert-success'><?php echo $msg; ?></div>
                <?php } ?>
                <?php if ($err) { ?>
                    <div class='alert alert-danger'><?php echo $err; ?></div>
                <?php } ?>

                <div class="card-body">
                    <form method="POST" action="">
                        <input type="hidden" name="_token" value="KM5EnItCap3TL8nux8waUAAOvZgA0DvbjTGJOMsF" autocomplete="off">                        <input type="hidden" name="_method" value="PUT">
                        <div class="row mb-3">
                            <label for="current_password" class="col-md-4 col-form-label text-md-end">Current Password</label>
                            <div class="col-md-6">
                                <input id="current_password" type="password" class="form-control " name="current_password" required autocomplete="current-password">
                                                            </div>
                        </div>

                        <div class="row mb-3">
                            <label for="password" class="col-md-4 col-form-label text-md-end">New Password</label>
                            <div class="col-md-6">
                                <input id="password" type="password" class="form-control " name="password" required autocomplete="new-password">
                                                                <small class="form-text text-muted">
                                    Your password must be at least 6 characters long.
                                </small>
                            </div>
                        </div>

                        <div class="row mb-3">
                            <label for="password-confirm" class="col-md-4 col-form-label text-md-end">Confirm New Password</label>
                            <div class="col-md-6">
                                <input id="password-confirm" type="password" class="form-control" name="password_confirmation" required autocomplete="new-password">
                            </div>
                        </div>

                        <div class="row mb-0">
                            <div class="col-md-6 offset-md-4">
                                <button type="submit" class="btn btn-primary">
                                    Update Password
                                </button>
                                <a href="profile.php" class="btn btn-link">
                                    Cancel
                                </a>
                            </div>
                        </div>
                    </form>
                </div>
            </div>
        </div>
    </div>
</div>
    </main>

 <?php
include 'footer.php';

?>
Back to Directory=ceiIENDB`