/
home
/
efamember
/
domains
/
efa-member.com
/
public_html
/
ajax
/
forget_password
/
up file
home
<?php include('../../config/main_function.php'); require("../../PHPMailer/class.phpmailer.php"); $secure = "cAh3DrJACzw4RbU"; $connection = connectDB($secure); $forget_id = mysqli_real_escape_string($connection, $_POST['forget_id']); $password = mysqli_real_escape_string($connection, md5($_POST['password'])); $sql_member = "SELECT a.member_id as member_id, b.username as username, b.secure_text as secure_text, b.secure_pointer as secure_pointer FROM tbl_change_password a LEFT JOIN tbl_member b ON b.member_id = a.member_id WHERE id ='$forget_id'"; $res_mem = mysqli_query($connection, $sql_member); $row_mem = mysqli_fetch_assoc($res_mem); $email = $row_mem['username']; $secure_text = $row_mem['secure_text']; $secure_pointer = $row_mem['secure_pointer']; $mypassword = stringInsert($password, $secure_text, $secure_pointer); if ($email) { $date_now = date('Y-m-d H:i:s'); ///// get member_id $sql_update = "UPDATE tbl_member SET password = '$mypassword' WHERE username = '$email'"; $res_update = mysqli_query($connection, $sql_update); if ($res_update) { $sql_update = "UPDATE tbl_change_password SET used_datetime = '$date_now' WHERE id = '$forget_id'"; $res_update = mysqli_query($connection, $sql_update); $arr['result'] = 1; }else{ $arr['result'] = 0; //Update ไม่สำเร็จ } }else { $arr['result'] = 9; // ไม่พบ email } echo json_encode($arr); mysqli_close($connection);