View sourcecode

The following files exists in this folder. Click to view.

`change_password.php`

23 lines UTF-8 Unix (LF)

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23


<?php
    session_start();
    include('check_login.php');

    $file_in = "accounts/users.json";
    $users = json_decode(file_get_contents($file_in), true);

    if(isset($_POST['username']) and isset($_POST['password'])){
        foreach ($users['users'] as &$a){ #Loopar igenom users.json
            if($_POST['username'] == $a['user'] and sha1("LBM".$_POST['password']."Banking") == $a['password'] and $a['active']){ #Ifall POST matchar med accounts.json
                $a['password'] = sha1("LBM".$_POST['newpassword']."Banking"); //Byter lösen
                $file = fopen($file_in, "w");
                fwrite($file, json_encode($users, JSON_UNESCAPED_UNICODE | JSON_PRETTY_PRINT));
                fclose($file);

                header('location: logout.php?action=password_change'); 
                exit();
            }
        }
    }
    header('location: password_form.php?mess=wrong');
    exit();
?>