jpsagrisolution.com - UnknownSec 403

UnknownSec Bypass 403

: /var/www/zenithentcare/stmedicosoftware/prescription/ [ drwxrwxr-x ]
name : change_password.php
 <?php include "top1.php";?>
<!-- /inner_content-->
<div class="inner_content">
    <!-- /inner_content_w3_agile_info-->

    <!-- breadcrumbs -->
    <div class="w3l_agileits_breadcrumbs">
        <div class="w3l_agileits_breadcrumbs_inner">
            <ul>
                <li><a href="dashboard.php">Dashboard</a><span>«</span></li>
                <li>Change Password</li>
            </ul>
        </div>
    </div>
    <!-- //breadcrumbs -->

    <div class="inner_content_w3_agile_info two_in">
        <h2 class="w3_inner_tittle">Change Password</h2>

        <!--/forms-->
        <div class="forms-main_agileits">
            <!--/forms-inner-->
            <div class="forms-inner">
                <!--/set-1-->
                <div class="set-1_w3ls">

                    <div class="col-md-12 button_set_one agile_info_shadow graph-form">
                        <!-- <h3 class="w3_inner_tittle two">Change Password </h3> -->
                        <div class="form-body">
                            <!-- <input type="hidden" class="form-control1" id="hdid" name="hdid"> -->
                            <div class="form-group">
                                <label for="complain">User Name</label>
                                <input type="text" class="form-control" id="txtUserName" name="txtUserName" readonly value="<?php echo $_SESSION["username"];?>">
                            </div>
                            <div class="form-group">
                                <label for="complain">Old Password</label>
                                <input type="password" class="form-control" id="txtOldPassword" name="txtOldPassword"
                                    placeholder="">
                            </div>
                            <div class="form-group">
                                <label for="complain">New Password</label>
                                <input type="password" class="form-control" id="txtNewPassword" name="txtNewPassword"
                                    placeholder="">
                            </div>
                            <div class="form-group">
                                <label for="complain">Confirm Password</label>
                                <input type="password" class="form-control" id="txtConfirmPassword" name="txtConfirmPassword"
                                    placeholder="">
                            </div>
                            <button class="btn btn-default" onclick="changepassword();">Change Password</button>

                        </div>
                    </div>

                </div>
                <div class="clearfix"> </div>
            </div>
            <!--//set-1-->
        </div>
        <!--//forms-inner-->
    </div>
    <!--//forms-->
</div>
<!-- //inner_content_w3_agile_info-->
</div>
<!-- //inner_content-->
<?php include "footer.php";?>
<script>
function changepassword() {
    var flag = true;
    var inputField1 = document.getElementById("txtUserName");
    if (inputField1.value == "") {
        flag = false;
        alert("Please enter user name.");
        document.getElementById("txtUserName").focus();
        return false;
    }
    var inputField2 = document.getElementById("txtOldPassword");
    if (inputField2.value == "") {
        flag = false;
        alert("Please enter old password.");
        document.getElementById("txtOldPassword").focus();
        return false;
    }

    var inputField3 = document.getElementById("txtNewPassword");
    if (inputField3.value == "") {
        flag = false;
        alert("Please enter new password.");
        document.getElementById("txtNewPassword").focus();
        return false;
    }

    var inputField4 = document.getElementById("txtConfirmPassword");
    if (inputField4.value == "") {
        flag = false;
        alert("Please enter confirm password.");
        document.getElementById("txtConfirmPassword").focus();
        return false;
    }

    if (inputField3.value != inputField4.value) {
        flag = false;
        alert("New Password and Confirm Password not match.");
        document.getElementById("txtNewPassword").focus();
        return false;
    }
    var username = document.getElementById("txtUserName").value;
    var oldpassword = document.getElementById("txtOldPassword").value;
    var newpassword = document.getElementById("txtNewPassword").value;


    //var btntext = document.getElementById("btnuser").innerHTML;
    // var canteen = document.getElementById("hdcanteen").value;
    // var userid = document.getElementById("hduserid").value;

    var text = "Do you want change password?";

    if (confirm(text) == false) {

        flag = false;
        return false;
    }
    try {

        if (flag == true) {
            var urlgetcode = 'update_password.php';

            $.ajax({
                method: 'POST',
                url: urlgetcode,
                data: '&username=' + username + '&oldpassword=' + oldpassword + '&newpassword=' +
                    newpassword,
                dataType: 'json',
                async: true,
                cache: false,

                success: function(msg) {
                    if (msg == "1") {
                        alert("Password Changed Successfully.");

                        $('#txtOldPassword').val("");
                        $('#txtNewPassword').val("");
                        $('#txtConfirmPassword').val("");
                        window.location.href = "logout.php";
                    }
                },
                error: function(request) {

                    alert(request.responseText);
                }
            });
        }
    } catch (Error) {
        alert(Error);
    }

    return;
}
</script>