I can't change the password
PHP:
<?php
session_start();
include('connect.php');
error_reporting(0);
if (strlen($_SESSION['vpmsaid']==0)) {
header('location:logout.php');
} else{
if(isset($_POST['submit']))
{
$adminid=$_SESSION['vpmsaid'];
$cpassword=md5($_POST['currentpassword']);
$newpassword=md5($_POST['newpassword']);
$query=mysqli_query($con,"select ID from tbladmin where ID='$adminid' and Password='$cpassword'");
$row=mysqli_fetch_array($query);
if($row>0){
$ret=mysqli_query($con,"update tbladmin set Password='$newpassword' where ID='$adminid'");
echo '<script>alert("Your password successully changed.")</script>';
} else {
echo '<script>alert("Your current password is wrong.")</script>';
}
}
?>
<head>
<title>BPMS - Change Password</title>
<script type="text/javascript">
function checkpass()
{
if(document.changepassword.newpassword.value!=document.changepassword.confirmpassword.value)
{
alert('New Password and Confirm Password field does not match');
document.changepassword.confirmpassword.focus();
return false;
}
return true;
}
</script>
</head>
<body>
<?php include_once('includes/header.php');?>
<?php include_once('includes/navbar.php');?>
<div class="container">
<div class="row">
<div class="col-lg-6">
<div class="card">
</div> <!-- .card -->
</div><!--/.col-->
<div class="col-lg-12">
<div class="card">
<div class="card-header">
<strong>Change </strong> Password
</div>
<div class="card-body card-block">
<form action="" method="post" enctype="multipart/form-data" class="user" name="changepassword" onsubmit="return checkpass();">
<?php
$email=$_SESSION['bpmsaid'];
$row=mysqli_query($con,"select * from login where Email='$email'");
$cnt=1;
while ($row=mysqli_fetch_array($result)) {
?>
<div class="row form-group">
<div class="col col-md-3"><label for="text-input" class=" form-control-label">Current Password</label></div>
<div class="col-12 col-md-9"><input type="password" name="currentpassword" class=" form-control" required= "true" value=""></div>
</div>
<div class="row form-group">
<div class="col col-md-3"><label for="email-input" class=" form-control-label">New Password</label></div>
<div class="col-12 col-md-9"><input type="password" name="newpassword" class="form-control" value="" required="true"></div>
</div>
<div class="row form-group">
<div class="col col-md-3"><label for="email-input" class=" form-control-label">Confirm Password</label></div>
<div class="col-12 col-md-9"><input type="password" name="confirmpassword" class="form-control" value="" required="true"></div>
</div>
<?php } ?>
<p style="text-align: center;"> <button type="submit" class="btn btn-primary btn-user btn-block" name="submit" >Change</button></p>
</form>
</div>
</div>
</div>
<div class="col-lg-6">
</div>
</div>
</div><!-- .animated -->
</div><!-- .content -->
</body>
</html>
<?php
include('includes/scripts.php');
include('includes/footer.php');
?>
<?php } ?>
PHP:
<?php
$host = "localhost";
$user = "root";
$password = "";
$db = "bpms2db";
session_start();
$data = mysqli_connect($host, $user, $password, $db);
if ($data === false) {
die("connection error");
}
if (isset($_POST['login'])) {
$email = $_POST["email"];
$password = $_POST["password"];
$sql = "select * from login where Email ='" . $email . "' AND password='" . $password . "' ";
$result = mysqli_query($data, $sql);
if($result) {
if (mysqli_num_rows($result) == 1) {
$row = mysqli_fetch_array($result);
$data->close();
if ($row["usertype"] == "user") {
$_SESSION["email"] = $email;
header("location:dashboarduser.php");
} elseif ($row["usertype"] == "admin") {
$_SESSION["email"] = $email;
header("location:admin/index.php");
} else {
echo "<script>alert('email or password incorrect');</script>";
}
} else {
echo "Query error: " . mysqli_error($data);
}
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
<meta name="description" content="">
<meta name="author" content="">
<title>BPMS - Login</title>
<!-- Custom fonts for this template-->
<link href="vendor/fontawesome-free/css/all.min.css" rel="stylesheet" type="text/css">
<link
href="https://fonts.googleapis.com/css?family=Nunito:200,200i,300,300i,400,400i,600,600i,700,700i,800,800i,900,900i"
rel="stylesheet">
<!-- Custom styles for this template-->
<link href="css/sb-admin-2.css" rel="stylesheet">
</head>
<body class="bg-gradient-primary">
<header>
<div class="logo">
<p>Bicycle Parking Management System</p>
</div>
<nav>
<ul>
<li><a href="#" class="navf">Home</a></li>
<li><a href="#" class="navf">About</a></li>
<li><a href="#" class="navf">Services</a></li>
</ul>
</nav>
</header>
<div class="container">
<!-- Outer Row -->
<div class="row justify-content-center">
<div class="col-xl-10 col-lg-12 col-md-9">
<div class="card o-hidden border-0 shadow-lg my-5">
<div class="card-body p-0">
<!-- Nested Row within Card Body -->
<div class="row">
<div class="col-lg-6 d-none d-lg-block bg-login-image"></div>
<div class="col-lg-6">
<div class="p-5">
<div class="text-center">
<h1 class="h4 text-gray-900 mb-4">Welcome To BPMS !</h1>
</div>
<form class="user" method="POST">
<div class="form-group">
<input type="email" class="form-control form-control-user"
id="exampleInputEmail" aria-describedby="emailHelp" name="email"
placeholder="Email Address..." required="true">
</div>
<div class="form-group">
<input type="password" class="form-control form-control-user"
id="exampleInputPassword" placeholder="Password" name="password" required="true">
</div>
<div class="form-group">
<div class="custom-control custom-checkbox small">
<input type="checkbox" class="custom-control-input" id="customCheck">
<label class="custom-control-label" for="customCheck">Remember
Me</label>
</div>
</div>
<button type="submit" name="login" class="btn btn-primary btn-user btn-block">
Login
</button>
<hr>
</form>
<hr>
<div class="text-center">
<a class="small" href="forgotpassword.php">Forgot Password?</a>
</div>
<div class="text-center">
<a class="small" href="signup.php">Create an Account!</a>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<!-- Bootstrap core JavaScript-->
<script src="vendor/jquery/jquery.min.js"></script>
<script src="vendor/bootstrap/js/bootstrap.bundle.min.js"></script>
<!-- Core plugin JavaScript-->
<script src="vendor/jquery-easing/jquery.easing.min.js"></script>
<!-- Custom scripts for all pages-->
<script src="js/sb-admin-2.min.js"></script>
</body>
</html>
SQL:
-- phpMyAdmin SQL Dump
-- version 5.2.0
-- https://www.phpmyadmin.net/
--
-- Host: 127.0.0.1
-- Generation Time: Apr 21, 2023 at 01:50 PM
-- Server version: 10.4.27-MariaDB
-- PHP Version: 8.2.0
SET SQL_MODE = "NO_AUTO_VALUE_ON_ZERO";
START TRANSACTION;
SET time_zone = "+00:00";
/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;
/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;
/*!40101 SET NAMES utf8mb4 */;
--
-- Database: `bpms2db`
--
-- --------------------------------------------------------
--
-- Table structure for table `login`
--
CREATE TABLE `login` (
`ID` int(11) NOT NULL,
`FullName` varchar(150) NOT NULL,
`RegAddress` varchar(150) NOT NULL,
`MobileNumber` bigint(10) NOT NULL,
`Email` varchar(120) NOT NULL,
`password` varchar(120) NOT NULL,
`RegDate` timestamp NOT NULL DEFAULT current_timestamp(),
`usertype` varchar(50) NOT NULL DEFAULT 'user'
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_general_ci;
--
-- Dumping data for table `login`
--
INSERT INTO `login` (`ID`, `FullName`, `RegAddress`, `MobileNumber`, `Email`, `password`, `RegDate`, `usertype`) VALUES
(1, 'John Doe', 'Rizal', 9563321234, 'jm@example.com', 'password123', '2023-04-13 01:22:32', 'admin'),
(2, 'Alie Son', 'Pasig City', 9567741506, 'alie@example.com', 'password123', '2023-04-13 01:22:32', 'user'),
(3, 'Janna Ang', 'Pasig City', 9455082124, 'Janna@example.com', 'Password123', '2023-04-13 01:25:15', 'user'),
(4, 'Ella Ang', 'Pasig CIty', 9764563213, 'Ella@example.com', 'password123', '2023-04-15 16:53:42', 'user'),
(5, 'Nath Ang', 'Pasig City', 9764545454, 'Nath@example.com', 'pass', '2023-04-16 04:45:53', 'user'),
(6, 'Tim Ang', 'Pasig City', 9898985445, 'tim@example.com', 'pasas', '2023-04-16 04:50:20', 'user'),
(7, 'hanna ang', 'Pasig City', 9564982333, 'hanna@example.com', 'pasassadsadas', '2023-04-16 04:53:44', 'user');
--
-- Indexes for dumped tables
--
--
-- Indexes for table `login`
--
ALTER TABLE `login`
ADD PRIMARY KEY (`ID`),
ADD KEY `MobileNumber` (`MobileNumber`);
--
-- AUTO_INCREMENT for dumped tables
--
--
-- AUTO_INCREMENT for table `login`
--
ALTER TABLE `login`
MODIFY `ID` int(11) NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=8;
COMMIT;
/*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;
/*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */;
/*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;