diff --git a/public/nollaa.php b/public/nollaa.php
new file mode 100644
index 0000000..802e241
--- /dev/null
+++ b/public/nollaa.php
+<?php
+include "../src/connect.php";
+
+$nimi = mysqli_real_escape_string($conn, $_POST["nimi"]);
+$salasana = mysqli_real_escape_string($conn, $_POST["salasana"]);
+$vsalasana = mysqli_real_escape_string($conn, $_POST["vahvista-salasana"]);
+
+if (isset($_POST['nimi']) && $_SERVER['REQUEST_METHOD'] === 'POST') {
+ $sql = "SELECT * FROM `kayttajat` WHERE nimi='{$nimi}';";
+ $kayttaja = $conn->query($sql)->fetch_assoc(); // Aja komento
+
+ if ($kayttaja['salasana'] !== "0") {
+ echo "Et ole saanut lupaa nollata salasanaa";
+ die();
+ }
+
+ if ($salasana === $vsalasana) {
+ $suolattusalasana = password_hash($salasana, PASSWORD_DEFAULT); // password default = bcrypt
+ $sql = "UPDATE kayttajat SET salasana='{$suolattusalasana}' WHERE nimi='{$nimi}'; ";
+ $conn->query($sql);
+ }
+ else {
+ echo "";
+ }
+
+ $conn->close();
+ // Redirect
+ $newURL = "../public/index.php";
+ header('Location: '.$newURL);
+ die();
+}
+?>
+
+
+<html lang="en">
+<head>
+ <meta charset="UTF-8">
+ <meta name="viewport" content="width=device-width, initial-scale=1.0">
+ <title>Nollaa salasana</title>
+ <link rel="stylesheet" type="text/css" href="../css/style.css">
+
+</head>
+<body>
+ <?php include "../src/header.php" ?>
+ <main>
+ <section>
+ <form action="" method="POST">
+ <fieldset>
+ <legend>Nollaa salasana</legend>
+ <label for="nimi">Nimi:</label>
+ <input type="text" id="nimi" name="nimi">
+ <label for="salasana">Uusi salasana:</label>
+ <input type="password" id="salasana" name="salasana">
+ <label for="vahvista-salasana">Vahvista salasana:</label>
+ <input type="password" id="vahvista-salasana" name="vahvista-salasana">
+ <button type="submit" name="submit">
+ Vaihda uusi salasana
+ </button>
+ </fieldset>
+ </form>
+ </section>
+ </main>
+ <?php include "../src/footer.php"; ?>
+</body>
+</html>