<?php

    include($_SERVER['DOCUMENT_ROOT'] . "/_ps2020/config/connect.php");

    session_start();

    if(isset($_SESSION['user_id'])){
        $user_id = $_SESSION['user_id'];
    }

    $user_id = $_SESSION['user_id'];
    $password = hash('sha256', mysqli_real_escape_string($conn,$_REQUEST['pass']), false);
    
    $verifyCode = "0";

    $result = $conn->query("UPDATE user_account SET password = '$password', verifyCode = '0' WHERE user_id = '$user_id'");
    if($result){
        //So this would mean that the update of password was a success
        //Now we just send them back to sign-in.php pages

        //Basically stop user from resetting his/her password when he/she gets back

        unset($_SESSION['user_id']);

        echo "1";

    }else{
        //Fix this line to forget password page
        echo "0";
    }

?>