The following files exists in this folder. Click to view.
change_password.php23 lines ASCII Unix (LF)
<?php
session_start();
include('check_login.php');
$file_in = "accounts/accounts.json";
$accounts = json_decode(file_get_contents($file_in), true);
if(isset($_POST['username']) and isset($_POST['password'])){
foreach ($accounts['accounts'] as &$a){ #Loopar igenom accounts.json
if($_POST['username'] == $a['user'] and sha1("LBM".$_POST['password']."Banking") == $a['password']){ #Ifall POST matchar med accounts.json
$a['password'] = sha1("LBM".$_POST['newpassword']."Banking");
$file = fopen($file_in, "w");
fwrite($file, json_encode($accounts, JSON_UNESCAPED_UNICODE | JSON_PRETTY_PRINT));
fclose($file);
header('location: logout.php?action=password_change');
exit();
}
}
}
header('location: password_form.php?mess=wrong');
exit();
?>