db = \Config\Database::connect($this->con_name); } public function accountResetPassword($in) { return ['msg' => 'Profile Information']; } public function getProfileInfo($in) { return ['msg' => 'Profile Information']; } public function resetPassword($in){ $session_token= trim($in['session_token']); $member_uuid= trim($in['member_uuid']); $prev_pass= trim($in['prev_pass']); $new_pass= trim($in['new_pass']); $prev_pass='mermsemr'; $err_msg=''; $status = 0; $sqUP=''; $msg=''; $sqlQ = "SELECT s.*,m.id AS member_id,m.uuid AS member_uuid FROM members_session s LEFT JOIN members m ON m.id=s.member_id WHERE session='$session_token' AND m.uuid='$member_uuid' AND m.password=md5('$prev_pass')"; log_message('critical', "RST-PASS->". $sqlQ ); $query = $this->db->query($sqlQ); $row = $query->getRow(); if (isset($row) && $new_pass !='') { $sqUP= "UPDATE members SET password=md5('$new_pass') WHERE id = ".$row->member_id." AND uuid='".$row->member_uuid."' AND password=md5('$prev_pass') "; if( $this->db->query($sqUP)) { $status = 1; $msg = "Update Completed"; } else{ $status = -2; $err_msg = "Unable to compplete password reset"; } } else{ $err_msg = "Invalid Request"; $status = -1; } return [ 'status' => $status, 'msg' => $msg, 'error_msg' => $err_msg, ]; } } /* member_id' => string '16 ' (length=3) 'session_token' => string '67367112985210631610322406189043063617397600780394987864623852303749094839082445465537892414487 ' (length=96) 'member_uuid' => string 'd274dcd9-7f5d-4919-b284-2a0cf137302e' (length=36) 'sessionid' => string '67367112985210631610322406189043063617397600780394987864623852303749094839082445465537892414487 ' (length=96) '' => string 'previouspassword' (length=16) */