MOON
Server: Apache
System: Linux smtp.modiva.org 3.10.0-862.14.4.el7.x86_64 #1 SMP Wed Sep 26 15:12:11 UTC 2018 x86_64
User: rtbrisc (1005)
PHP: 8.1.34
Disabled: NONE
Upload Files
File: /home/rtbrisc/public_html/admin/account/server/password/reset.php
<?php
session_start();

require_once('db.php');

if(isset($_POST)) {

	//Escape Special Characters In String First
	$Email = mysqli_real_escape_string($conn, $_POST['txtEmail']);
	$Password = mysqli_real_escape_string($conn, $_POST['txtPassword']);
	$ConfirmPassword = mysqli_real_escape_string($conn, $_POST['txtConfirmPassword']);

	if(empty($Email) || empty($Password) || empty($ConfirmPassword)){
		$_SESSION['res_err'] = "All fields are required!!!";
		header("Location:../reset.php?email=$Email");
	}else{
		$check = mysqli_query($conn, "SELECT * FROM tblcustomer WHERE Email = '$Email'");
		if($check_row = mysqli_fetch_assoc($check)){
			$pword = crypt($Password,"qis");
			$reset = mysqli_query($conn, "UPDATE tbluser SET Password = '$pword' WHERE Username = '$Email'");
			if($reset){
				$_SESSION['res_suc'] = "Password reset was successful!!!";
				header("Location:../reset.php?email=$Email");
			}else{
				$_SESSION['res_err'] = "Password reset was not successful!!!";
				header("Location:../reset.php?email=$Email");
			}
		}else{	
			//Don't Send
			$_SESSION['res_err'] = "The email you supplied doesn't exist with us, Please check again";
			header("Location:../reset.php?email=$Email");
		}
	}
}
?>