Viewing File: /home/quiczmwg/bitmaven.org/admin/password-process.php

<?php 
session_start();
include 'config.php';

if($_SERVER['REQUEST_METHOD']=="POST"){
     $pass = md5(cleaninput($_POST['pass']));
     $newpassword = md5(cleaninput($_POST['newpassword']));
     $confirmnewpassword = md5(cleaninput($_POST['confirmnewpassword']));
   

     echo $email = $_SESSION['email'];
     echo $userid = $_SESSION['userid'];
 
    $sql = $conn->query("SELECT * FROM dlogin WHERE demail='$email' AND userid ='$userid' AND dpass='$pass'");
   
    if($sql->num_rows > 0){
        if($newpassword == $confirmnewpassword){
        
        
        $sql = $conn->query("UPDATE dlogin SET dpass='$newpassword' WHERE userid='$userid'");
    }    
    }
    header("Location: profile.php");
   

    

}