<?php session_start();
//include('../../includes/connect.php');
include('../../includes/function_db.php');
//echo '0';
//$_POST['stamp']=time();
switch ($_SESSION['login_userType']) {
	case 'students':
		$tbname = "students";
		break;
	case 'companys':
		$tbname = 'companys';
		break;
	default:
		$tbname = "member";
		break;
}
$cdb = new control_db();
switch ($_POST['form_action']) {

	case 9:
		//print_r($_POST);
		//0=แก้ไขสำเร็จ 1=รหัสผ่านเดิมไม่ถูกต้อง 2=รหัสผ่านใหม่ไม่ตรงกัน
		$json_data['tb'] = $tbname;
		$json_data['tb2'] = $_SESSION['login_userType'];

		$param['password'] = md5($_POST['password_old']);
		$param['id'] = $_SESSION['login_id'];
		$sql = "select id from $tbname where password=:password and id=:id";
		//print_r($_POST);
		$query = $cdb->conn->prepare($sql);
		try {
			$query->execute($param);
			$count = $query->rowCount();
			if ($count > 0) {
				unset($param['id']);
				$param['password'] = md5($_POST['password_new']);
				$cdb->update_data($tbname, $param, "id='$_SESSION[login_id]'");
				$json_data['result'] = 'true';
			} else {
				$json_data['result'] = 'false';
				$json_data['message'] = 'รหัสผ่านเดิมไม่ถูกต้อง';
			}
		} catch (PDOException $er) {
			echo 'Error :' . $er->getMessage();
		}
		echo json_encode($json_data);
		break;
}