-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathpasswordRecoveryQuestion.php
49 lines (35 loc) · 1.36 KB
/
passwordRecoveryQuestion.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
<?php
session_start();
$_SESSION['message']= "No Errors!!";
require 'connectDB.php';
if(isset($_POST['submit'])){
//check whether email is empty
if(!empty($_POST['email'])){
//check whether user exists in the database
$email = $_POST['email'];
$question = $_POST['securityQuestion'];
$answer = $_POST['answer'];
$result = mysqli_query($conn, "SELECT * FROM users WHERE email='$email'");
$numRows = mysqli_num_rows($result);
if($numRows > 0){
$userDetails = mysqli_fetch_assoc($result);
if($userDetails['securityques']==$question && $userDetails['answer']==$answer){
header("Location: resetPassword.php?em=".$email."&fp_code=0");
exit();
}else{
$_SESSION['message'] = 'error!<br>'.'Security Question or Answer is not Matched!!';
header("Location: message.php");
exit();
}
}else{
$_SESSION['message'] = 'error!<br>'.'Given email is not associated with any account.';
header("Location: message.php");
exit();
}
}else{
$_SESSION['message'] = 'error!<br>'.'Enter email to create a new password for your account.';
header("Location: message.php");
exit();
}
}
?>