<?php 
include '../function/connect.php';
if (isset($_POST['submit'])) {
	$id = $_POST['id'];

	$password_lama = md5($_POST['password_lama']);
	$password_baru = md5($_POST['password_baru']);
	$konfirmasi_password_baru = md5($_POST['konfirmasi_password_baru']);
	$captcha = $_POST['captcha'];
	$captcha_asli = $_POST['captcha_asli'];

	$query = mysqli_query($koneksi, "SELECT * FROM tb_user WHERE id = '$id' ");
	$cek = mysqli_fetch_array($query);

	$pass_lama = $cek['password'];

	if ($captcha != $captcha_asli) {
		header("Location:?page=password&pesan=2");
	}else{
		if ($password_baru == $konfirmasi_password_baru) {
			if ($pass_lama == $password_lama) {
				$query1 = mysqli_query($koneksi, "UPDATE tb_user SET password = '$konfirmasi_password_baru' WHERE id = '$id'  ");

				if ($query1) {
					header("Location:?page=password&pesan=1");
				}else{
					header("Location:?page=password&pesan=0");
				}
			}else{
				header("Location:?page=password&pesan=3");
			}
		}else{
			header("Location:?page=password&pesan=4");
		}
		
	}

	
}

?>