From b12392e74b46cecd22dff1f1e372974cbb4205c8 Mon Sep 17 00:00:00 2001
From: mauirixxx <mauirixx@paytonohana.net>
Date: Wed, 8 Aug 2018 15:31:33 -1000
Subject: [PATCH] finished code to update a users password

---
 includes/update-password.php | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)
 create mode 100644 includes/update-password.php

diff --git a/includes/update-password.php b/includes/update-password.php
new file mode 100644
index 0000000..4ced42b
--- /dev/null
+++ b/includes/update-password.php
@@ -0,0 +1,21 @@
+<?php
+include_once ('verifications.php');
+$verifypass = $con->prepare("SELECT userpass FROM userinfo WHERE userid = ?");
+$verifypass->bind_param("i", $_SESSION['userid']);
+$verifypass->execute();
+$result = $verifypass->get_result();
+while ($row = $result->fetch_assoc()) {
+	$vp = password_verify ($_POST['oldpass'],$row['userpass']);
+	if ($vp) {
+		$hp = password_hash($_POST['userpass1'], PASSWORD_DEFAULT);
+		echo 'Verified old password, updating to new password!<br />';
+		$updpass = $con->prepare("UPDATE userinfo SET userpass = ? WHERE userid = ?");
+		$updpass->bind_param("si", $hp, $_SESSION['userid']);
+		$updpass->execute();
+		echo 'Password updated!<br />';
+		$updpass->close();
+	} else {
+		echo 'Old password doesn\'t match, password is NOT updated!<br />';
+	}
+}
+?>
\ No newline at end of file