";
echo "Change thirdparty password";
echo"";
?>
here.";*/
////////////////////////////////////////////////FUNCTIONS
function change_3_password_form() {
global $PHP_SELF;
?>
Change your password!
";
//echo "user3passwd2A is " . $_POST['user3passwd2A'] . " ";
//echo "user3passwd2B is " . $_POST['user3passwd2B'] . " ";
if(empty($_SESSION['user3id1'])) error_message("Sorry, you're no longer logged in. Please refresh the page and log in using the link at the top.");
if(empty($_POST['user3passwd'])) error_message("Enter your old password.");
$conereg_user3password=$_POST['user3passwd'];
if(ereg("[^a-zA-Z0-9]", $conereg_user3password)) error_message("Only numbers and letters allowed in passwords");
if(empty($_POST['user3passwd2A'])) error_message("Enter your new password.");
$conereg_user3password2A=$_POST['user3passwd2A'];
if(ereg("[^a-zA-Z0-9]", $conereg_user3password2A)) error_message("Only numbers and letters allowed in passwords");
if(empty($_POST['user3passwd2B'])) error_message("Retype your new password.");
$conereg_user3password2B=$_POST['user3passwd2B'];
if(ereg("[^a-zA-Z0-9]", $conereg_user3password2B)) error_message("Only numbers and letters allowed in passwords");
if($_POST['user3passwd2A'] != $_POST['user3passwd2B']) error_message("Passwords don't match!");
if(empty($_POST['password_hint'])) error_message("Enter a hint for your password.");
if(ereg("[^a-zA-Z0-9\ '_-]", $_POST['password_hint'])) error_message("Only numbers, letters, dashes, underscores and spaces allowed in password hint");
$link_id = db_connect(); ///line 122
//UPDATE the thirdparty password
$tempuser3id1=$_SESSION['user3id1'];
$tempuser3passwd=$_POST['user3passwd'];
$tempuser3passwd2A=$_POST['user3passwd2A'];
$password_hint=$_POST['password_hint'];
$query="UPDATE thirdparty SET third_password = password('$tempuser3passwd2A')
WHERE third_id = '$tempuser3id1' AND third_password = password('$tempuser3passwd')";
$result=mysql_query($query);
if(!$result) {error_message(sql_error());}
$result2=mysql_affected_rows($link_id);
if($result2)
{
$hintQ="UPDATE hints_3 SET hint='$password_hint' WHERE user_id='$tempuser3id1'";
$hintR=mysql_query($hintQ);
if(!$hintR) error_message("Unable to record hint");
?>
, thanks for updating your password!
If you want to logout, click here.";
echo " If you want to check available appointments, click ";
echo "here.";
}
/////OMITTED THE DISPLAY INFO below////
?>No thirdparty logged in. If you are a thirdparty, log in here ";}
else {echo "If you want to logout, click here.";
change_3_password_form();
echo " If you wish to update your registration, click " . "here.";
echo " If you want to check available appointments, click ";
echo "here.";
}
break;
}
echo "