PDO::ERRMODE_EXCEPTION]
);
} catch (PDOException $e) {
die("Koneksi DB gagal: " . $e->getMessage() .
"
Edit variabel \$host, \$dbname, \$dbuser, \$dbpass di baris 15-18 file ini.");
}
// ── Proses form ───────────────────────────────────────────────
$message = '';
$newPassword = 'Admin123'; // password default
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$username = trim($_POST['username'] ?? '');
$newPassword = trim($_POST['new_password'] ?? '');
if ($username && $newPassword) {
// Cek user ada
$stmt = $pdo->prepare("SELECT id, username, password FROM users WHERE username = ?");
$stmt->execute([$username]);
$user = $stmt->fetch(PDO::FETCH_ASSOC);
if ($user) {
// Verifikasi apakah password lama cocok (info saja)
$testPasswords = ['password', 'admin', 'superadmin', '123456', 'Admin123', 'Password123', $newPassword];
$found = null;
foreach ($testPasswords as $p) {
if (password_verify($p, $user['password'])) {
$found = $p;
break;
}
}
// Reset password
$hash = password_hash($newPassword, PASSWORD_BCRYPT, ['cost' => 12]);
$pdo->prepare("UPDATE users SET password = ? WHERE username = ?")
->execute([$hash, $username]);
$message = "
| ID | Username | Aktif | Password Hash (30 char) | |
|---|---|---|---|---|
| = $u['id'] ?> | = htmlspecialchars($u['username']) ?> | = htmlspecialchars($u['email']) ?> | = $u['is_active'] ? '✅' : '❌' ?> | = htmlspecialchars($u['pass_preview']) ?>... |