File: /srv/www/rectt-csmcri.res.in/admin_html/change_password.php
<?php
session_start();
require_once dirname(__DIR__) . '/public_html/sites/config/config.php';
if (!isset($_SESSION['admin_logged_in']) || $_SESSION['admin_logged_in'] !== true || $_SESSION['admin_role'] !== 'superadmin') {
header("Location: admin_dashboard.php");
exit;
}
// 1) basic session checks
if (
empty($_SESSION['admin_id']) || empty($_SESSION['session_token'])
) {
header("Location: admin_login.php");
exit;
}
// 2) pull the token (and role) from the database
$stmt = $conn->prepare("SELECT session_token FROM admin_users WHERE id = ?");
$stmt->bind_param("i", $_SESSION['admin_id']);
$stmt->execute();
$result = $stmt->get_result()->fetch_assoc();
$stmt->close();
// 3) if the DB token is gone or doesn’t match the session’s, force logout
if (
! $result || $result['session_token'] !== $_SESSION['session_token']
) {
session_unset();
session_destroy();
header("Location: admin_login.php?error=" . urlencode("Your session has expired."));
exit;
}
// CSRF Token
if (!isset($_SESSION['csrf_token'])) {
$_SESSION['csrf_token'] = bin2hex(random_bytes(32));
}
$errors = [];
$success = '';
// Handle POST
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
if (!hash_equals($_SESSION['csrf_token'], $_POST['csrf_token'] ?? '')) {
$errors[] = "Invalid CSRF token.";
}
$user_id = intval($_POST['user_id'] ?? 0);
$new_password = $_POST['new_password'] ?? '';
$confirm_password = $_POST['confirm_password'] ?? '';
if ($user_id <= 0) $errors[] = "Invalid user.";
if (strlen($new_password) < 6) $errors[] = "Password must be at least 6 characters.";
if ($new_password !== $confirm_password) $errors[] = "Passwords do not match.";
if (empty($errors)) {
$hashed = password_hash($new_password, PASSWORD_BCRYPT);
$stmt = $conn->prepare("UPDATE admin_users SET password_hash = ? WHERE id = ?");
$stmt->bind_param("si", $hashed, $user_id);
if ($stmt->execute()) {
$success = "Password updated successfully.";
} else {
$errors[] = "Database update failed.";
}
$stmt->close();
}
}
// Fetch all users
$user_result = $conn->query("SELECT id, username FROM admin_users ORDER BY username ASC");
$users = $user_result->fetch_all(MYSQLI_ASSOC);
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Change Admin Password</title>
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/css/bootstrap.min.css" rel="stylesheet">
</head>
<body class="bg-light">
<div class="container py-5">
<div class="card mx-auto shadow-sm" style="max-width: 500px;">
<div class="card-body">
<h4 class="mb-4 text-center">🔐 Change Admin Password</h4>
<?php if (!empty($errors)): ?>
<div class="alert alert-danger">
<ul class="mb-0">
<?php foreach ($errors as $e): ?>
<li><?= htmlspecialchars($e) ?></li>
<?php endforeach; ?>
</ul>
</div>
<?php elseif ($success): ?>
<div class="alert alert-success"><?= htmlspecialchars($success) ?></div>
<?php endif; ?>
<form method="post">
<input type="hidden" name="csrf_token" value="<?= $_SESSION['csrf_token'] ?>">
<div class="mb-3">
<label class="form-label">Select Admin User</label>
<select name="user_id" class="form-select" required>
<option value="" disabled selected>-- Choose --</option>
<?php foreach ($users as $u): ?>
<option value="<?= $u['id'] ?>"><?= htmlspecialchars($u['username']) ?></option>
<?php endforeach; ?>
</select>
</div>
<div class="mb-3">
<label class="form-label">New Password</label>
<input type="password" name="new_password" class="form-control" required>
</div>
<div class="mb-3">
<label class="form-label">Confirm Password</label>
<input type="password" name="confirm_password" class="form-control" required>
</div>
<button type="submit" class="btn btn-primary w-100">Update Password</button>
</form>
<a href="admin_dashboard.php" class="btn btn-link mt-3 w-100">← Back to Dashboard</a>
</div>
</div>
</div>
</body>
</html>