float-gate/app/Models/myfitUserProfile.php

<?php
namespace App\Models;

use CodeIgniter\Model;

class myfitUserProfile extends baseModel
{
  //  protected $db;
  //  public $con_name = 'mermsemr';

    public function __construct()
    {
        parent::__construct();
       // $this->db = \Config\Database::connect($this->con_name);
    }

    public function accountResetPassword($in)
    {
        return ['msg' => 'Profile Information'];
    }

    public function getProfileInfo($in)
    {
        return ['msg' => 'Profile Information'];
    }

    public function resetPassword($in){

        $session_token= trim($in['session_token']);
        $member_uuid= trim($in['member_uuid']);
        $prev_pass= trim($in['prev_pass']);
        $new_pass= trim($in['new_pass']);

        $prev_pass='mermsemr';
        $err_msg='';
        $status = 0;
        $sqUP='';
        $msg='';

        $sqlQ = "SELECT s.*,m.id AS member_id,m.uuid AS member_uuid 
        FROM members_session s 
        LEFT JOIN members m ON m.id=s.member_id 
        WHERE session='$session_token' 
        AND m.uuid='$member_uuid' 
        AND m.password=md5('$prev_pass')";
                log_message('critical', "RST-PASS->". $sqlQ );

        $query = $this->db->query($sqlQ);

        $row = $query->getRow();

        if (isset($row) &&  $new_pass !='') {
                       $sqUP= "UPDATE members SET password=md5('$new_pass') WHERE id = ".$row->member_id." AND uuid='".$row->member_uuid."' AND password=md5('$prev_pass') ";
           if( $this->db->query($sqUP)) {
                $status = 1;
                $msg =  "Update Completed";
           }
           else{
            $status = -2;
            $err_msg = "Unable to compplete password reset";
           }
        }
        else{
            $err_msg = "Invalid Request";
            $status = -1;
        }
        
        return [
            'status' => $status,
            'msg' => $msg,
            'error_msg' => $err_msg,
        ];

    }
}

/*

member_id' => string '16
' (length=3)
  'session_token' => string '67367112985210631610322406189043063617397600780394987864623852303749094839082445465537892414487
' (length=96)
  'member_uuid' => string 'd274dcd9-7f5d-4919-b284-2a0cf137302e' (length=36)
  'sessionid' => string '67367112985210631610322406189043063617397600780394987864623852303749094839082445465537892414487
' (length=96)
  '' => string 'previouspassword' (length=16)
  */