admin/38350-vm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
38350-vm/security.php
Flatlogic Bot 396b0e8f02 Autosave: 20260211-081917
2026-02-11 08:19:17 +00:00

120 lines
6.4 KiB
PHP
Raw Blame History

<?php
include 'header.php';
if (!isset($_SESSION['user_id'])) {
header("Location: login.php");
exit;
}
require_once 'db/config.php';
$db = db();
$stmt = $db->prepare("SELECT * FROM users WHERE id = ?");
$stmt->execute([$_SESSION['user_id']]);
$user = $stmt->fetch();
$message = '';
$error = '';
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$type = $_POST['type']; // login or trading
$old_pass = $_POST['old_password'];
$new_pass = $_POST['new_password'];
$confirm_pass = $_POST['confirm_password'];
if ($new_pass !== $confirm_pass) {
$error = "New passwords do not match";
} else {
if ($type === 'login') {
if (password_verify($old_pass, $user['password'])) {
$hashed = password_hash($new_pass, PASSWORD_DEFAULT);
$stmt = $db->prepare("UPDATE users SET password = ? WHERE id = ?");
$stmt->execute([$hashed, $_SESSION['user_id']]);
$message = "Login password updated successfully";
} else {
$error = "Old login password incorrect";
}
} else {
// Trading password (simple for demo, but should be hashed in production)
if ($old_pass === $user['trading_password']) {
$stmt = $db->prepare("UPDATE users SET trading_password = ? WHERE id = ?");
$stmt->execute([$new_pass, $_SESSION['user_id']]);
$message = "Trading password updated successfully";
} else {
$error = "Old trading password incorrect";
}
}
}
}
?>
<main style="padding: 40px 20px; background: #0b0e11; min-height: 100vh;">
<div style="max-width: 600px; margin: 0 auto;">
<a href="profile.php" class="back-btn"><i class="fas fa-arrow-left"></i> Profile</a>
<h2 style="margin-bottom: 30px;">Security Settings</h2>
<?php if($message): ?>
<div style="background: rgba(14,203,129,0.1); color: var(--success-color); padding: 15px; border-radius: 8px; margin-bottom: 20px; border: 1px solid var(--success-color);">
<?php echo $message; ?>
</div>
<?php endif; ?>
<?php if($error): ?>
<div style="background: rgba(246,70,93,0.1); color: var(--danger-color); padding: 15px; border-radius: 8px; margin-bottom: 20px; border: 1px solid var(--danger-color);">
<?php echo $error; ?>
</div>
<?php endif; ?>
<!-- Login Password Form -->
<div style="background: var(--card-bg); padding: 30px; border-radius: 20px; border: 1px solid var(--border-color); margin-bottom: 30px;">
<h3 style="margin-bottom: 20px; display: flex; align-items: center; gap: 10px;">
<i class="fas fa-key" style="color: var(--primary-color);"></i> Change Login Password
</h3>
<form method="POST">
<input type="hidden" name="type" value="login">
<div style="margin-bottom: 20px;">
<label style="display: block; color: var(--text-muted); font-size: 14px; margin-bottom: 8px;">Old Password</label>
<input type="password" name="old_password" required style="width: 100%; padding: 12px; background: #161a1e; border: 1px solid var(--border-color); color: white; border-radius: 8px;">
</div>
<div style="margin-bottom: 20px;">
<label style="display: block; color: var(--text-muted); font-size: 14px; margin-bottom: 8px;">New Password</label>
<input type="password" name="new_password" required style="width: 100%; padding: 12px; background: #161a1e; border: 1px solid var(--border-color); color: white; border-radius: 8px;">
</div>
<div style="margin-bottom: 25px;">
<label style="display: block; color: var(--text-muted); font-size: 14px; margin-bottom: 8px;">Confirm New Password</label>
<input type="password" name="confirm_password" required style="width: 100%; padding: 12px; background: #161a1e; border: 1px solid var(--border-color); color: white; border-radius: 8px;">
</div>
<button type="submit" class="btn-primary" style="width: 100%; padding: 12px; border-radius: 8px;">Update Login Password</button>
</form>
</div>
<!-- Trading Password Form -->
<div style="background: var(--card-bg); padding: 30px; border-radius: 20px; border: 1px solid var(--border-color);">
<h3 style="margin-bottom: 20px; display: flex; align-items: center; gap: 10px;">
<i class="fas fa-shield-alt" style="color: var(--success-color);"></i> Change Trading Password
</h3>
<p style="font-size: 13px; color: var(--text-muted); margin-bottom: 20px;">Default trading password is <b>123456</b></p>
<form method="POST">
<input type="hidden" name="type" value="trading">
<div style="margin-bottom: 20px;">
<label style="display: block; color: var(--text-muted); font-size: 14px; margin-bottom: 8px;">Old Trading Password</label>
<input type="password" name="old_password" required style="width: 100%; padding: 12px; background: #161a1e; border: 1px solid var(--border-color); color: white; border-radius: 8px;">
</div>
<div style="margin-bottom: 20px;">
<label style="display: block; color: var(--text-muted); font-size: 14px; margin-bottom: 8px;">New Trading Password</label>
<input type="password" name="new_password" required style="width: 100%; padding: 12px; background: #161a1e; border: 1px solid var(--border-color); color: white; border-radius: 8px;">
</div>
<div style="margin-bottom: 25px;">
<label style="display: block; color: var(--text-muted); font-size: 14px; margin-bottom: 8px;">Confirm New Trading Password</label>
<input type="password" name="confirm_password" required style="width: 100%; padding: 12px; background: #161a1e; border: 1px solid var(--border-color); color: white; border-radius: 8px;">
</div>
<button type="submit" class="btn-primary" style="width: 100%; padding: 12px; border-radius: 8px; background: var(--success-color);">Update Trading Password</button>
</form>
</div>
</div>
</main>
<?php include 'footer.php'; ?>
Reference in New Issue View Git Blame Copy Permalink