File manager

File manager - Edit - /home/autoph/public_html/connectv1/app/employee/recover_password.php

Back
<?php include_once("../../cfg/db.php"); include_once("../../api/controllers/utility.php"); $utility = new Utility(); $return_arr["status"]=0; $return_arr["message"]=" No Action."; // echo $_POST['old-password'];return; if(isset( $_POST['employee_id'], $_POST['input_code'], $_POST['account_key'], $_POST['newpassword'], $_POST['cpassword'] )){ $post_accountkey = $db -> escape(trim($_POST['account_key'])); $post_inputcode = $db -> escape(trim($_POST['input_code'])); $account_information = $db -> sql_query("SELECT e.asa_id,ea.`employee_id`, ea.`account_key`, ea.`account_code`,ea.date_start,ea.date_expire , ec.contact_number, ea.status FROM `employee_account_key` ea INNER JOIN employee_contact ec ON ea.employee_id=ec.employee_id INNER JOIN employee e ON ec.employee_id = e.employee_id WHERE ea.account_key = '$post_accountkey' AND status = 1"); $account_information_count = $account_information -> num_rows; while($row = $account_information->fetch_assoc()) { $employee_id = $row['employee_id']; $asa_id = $row['asa_id']; $account_key = $row['account_key']; $account_code = $row['account_code']; $contact_number = $row['contact_number']; $date_start = $row['date_start']; $date_expire = $row['date_expire']; } if($post_inputcode != $account_code ){ $return_arr["status"]=0; $return_arr["message"]=" Invalid activation code."; echo json_encode($return_arr); return; } $employee_id=$db -> escape(trim($_POST['employee_id'])); $post_password =$db -> escape(trim($_POST['newpassword'])); $post_cpassword =$db -> escape(trim($_POST['cpassword'])); $bcrypt_pass = $db -> b_crypt(md5($post_password)); $query_employee_account_info = "UPDATE `employee_account` SET `password`='$bcrypt_pass' WHERE employee_id = '$employee_id'"; $db -> sql_query($query_employee_account_info); $url = 'https://www.autohub.ph/connect/home/update_my_password.php'; $params = array('done' => true, 'passA' => $post_password, 'passB' => $post_password, 'RecordID' => $asa_id); $utility->curl_me($url,$params,'POST') ; //IF EMPLOYEE ID CHANGE, CHANGE ALSO ALL CONNECTED EMPLOYEE ID $return_arr["status"]=1; $return_arr["message"]=" Password successfully updated."; $db -> sql_query("UPDATE `employee_account_key` SET `status`= 0 WHERE `employee_id` = '$employee_id' AND account_key = '$post_accountkey' "); }else{ $return_arr["status"]=0; $return_arr["message"]=" Invalid Request. Please try again."; } function isNotEmpty($data){ return preg_match('/\S/', $data); } echo json_encode($return_arr); ?>

| ver. 1.4 | . | PHP 7.3.33 | Generation time: 0 | proxy | phpinfo | Settings