<?php
require("sesionchk.php");
if(! isset($_SESSION['sectors'])){
session_start();
include 'library/config.php';
// $dbConf = new AAConf();
$databaseURL =$dbhost;// 'localhost';//$dbConf->get_databaseURL();
$databaseUName = $dbuser;//'root';//$dbConf->get_databaseUName();
$databasePWord = $dbpass;//'';//$dbConf->get_databasePWord();
$databaseName = $dbname;// 'addrnew';//$dbConf->get_databaseName();
//Set DB Info. in-session
/* $_SESSION['databaseURL']=$databaseURL;
$_SESSION['databaseUName']=$databaseUName;
$_SESSION['databasePWord']=$databasePWord;
$_SESSION['databaseName']=$databaseName;
*/
if (trim($_POST[user_password])!=trim($_POST[reuser_password]))
{
require("links.php");
echo "<center>Password Mismatch...<br>";
echo "<a href='resetmypasswd.php'>Go Back..</a></center>";
}
else
{
$connection = mysql_connect($databaseURL,$databaseUName,$databasePWord);
if (!$connection)
{
die('Could not connect: ' . mysql_error());
}
// or die ("Error while connecting to localhost");
$db = mysql_select_db($databaseName,$connection);
$query = "SELECT `pass` FROM cal_accounts where ID=" .$_SESSION['usr_id'];
mysql_query("SET NAMES 'utf8'");
mysql_query('SET CHARACTER SET utf8');
$result = mysql_query($query);
$row = mysql_fetch_array($result, MYSQL_ASSOC);
if (md5($_POST[cuser_password].CAL_SQL_PASSWD_SALT)==$row['pass'])
{
$sql="update cal_accounts set `pass`='".md5($_POST[user_password].CAL_SQL_PASSWD_SALT)."' where ID=" .$_SESSION['usr_id'];
mysql_query("SET NAMES 'utf8'");
mysql_query('SET CHARACTER SET utf8');
if (!mysql_query($sql,$connection))
{
die('Error: ' . mysql_error());
}
header('Location: resetmypasswd.php?showms=y');
}
else
{
session_start();
// if the user is logged in, unset the session
if (isset($_SESSION['db_is_logged_in'])) {
unset($_SESSION['db_is_logged_in']);
header('Location: index.php');
}
// now that the user is logged out,
// go to login page
}
//echo "1 record added";
//echo "<br>".$_GET['a']."<br>";
}
}
?>