getUserArray($session, 1);
if (!$admin || (int)$admin['access'] !== 9) {
die('Access Denied: You are not Admin!
');
}
// ---------------------------------------------------------------------------
// Hash parolă
// ---------------------------------------------------------------------------
$pass = password_hash($newpw, PASSWORD_BCRYPT, ['cost' => 12]);
$passEsc = $database->escape($pass);
// ---------------------------------------------------------------------------
// Update
// ---------------------------------------------------------------------------
$database->query("UPDATE " . TB_PREFIX . "users SET password = '$passEsc' WHERE id = $id");
// ---------------------------------------------------------------------------
// Log admin
// ---------------------------------------------------------------------------
$adminId = (int)$_SESSION['id'];
$time = time();
$logText = "Changed password for user $id";
$logEsc = $database->escape($logText);
$database->query(
"INSERT INTO " . TB_PREFIX . "admin_log (`id`, `user`, `log`, `time`) " .
"VALUES (0, '$adminId', '$logEsc', $time)"
);
header("Location: ../../../Admin/admin.php?p=player&uid=" . $id . "&pw=1");
exit;
?>