/
forgot_password.php
185 lines (167 loc) · 7.61 KB
/
forgot_password.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
<?php
require 'settings/tracy-2.6.2/src/tracy.php';
use Tracy\Debugger;
if (session_status() == PHP_SESSION_NONE) {
session_start();
}
if( isset($_SESSION['user_id']) ){
if($_SESSION['rederect_url'] == "main_page"){
header("Location: index.php");
}else if($_SESSION['rederect_url'] == "form_admin"){
header("Location: formadmin.php");
}else{
header("Location: /");
}
}
require 'settings/database.login.php';
$message = '';
$isValidLink = false;
////////get settings ///////
if(!isset($isGetSetting)){
require 'get_setting_data.php';
}
$isPassRecoveryEnabled = getSetting("", "enableUserPasswordRecovery");
if($isPassRecoveryEnabled == "0"){
die("Password Recovery not allowed!");
}
$emailSetting = getSetting("email", "");
if(empty($emailSetting)){
die("Error getting email server setting!");
}
$appMode = getSetting("", "appMode");
if($appMode == "0"){
//Debug mode
Debugger::enable();
}
if(!empty($_POST['email'])){
$isValidLink = false;
$query = "SELECT * FROM users WHERE email = :user_email";
$statement = $conn->prepare($query);
$statement->execute(array(':user_email' => $_POST['email']));
$count = $statement->rowCount();
if($count > 0){
$result = $statement->fetchAll();
$userName = "";
foreach($result as $row){
$userName = $row['username'];
}
$forgot_verify_code = md5(rand());
$eMail = $_POST['email'];
$update_query = "UPDATE users SET forgot_verify = '$forgot_verify_code' WHERE email = '$eMail'";
$statement = $conn->prepare($update_query);
$statement->execute();
$sub_result = $statement->fetchAll();
if(isset($sub_result)){
$base_url = getBaseUrl();
$mail_body = "<p>Hi $userName,</p>
<p>Please Open this link to reset your password - ".$base_url."password_reset.php?verify_code=".$forgot_verify_code."
<p>Best Regards,";
$to_email = $eMail;
$from_email = $emailSetting["from_email"];//"info@local.test";
$subject = $emailSetting["reset_pass_mail_subject"];//"Reset password";
require 'settings/mail/phpmailer/class/class.phpmailer.php';
$mail = new PHPMailer(true);
try {
$mail->IsSMTP(); //Sets Mailer to send message using SMTP
$mail->Host = $emailSetting["SMTP_host"]; //'localhost'; //Sets the SMTP hosts of your Email hosting, this for Godaddy
$mail->Port = $emailSetting["SMTP_port"]; //'25'; //Sets the default SMTP server port
$mail->SMTPAuth = ($emailSetting["SMTP_Auth"]=="1")?true:false; //false; //Sets SMTP authentication. Utilizes the Username and Password variables
$mail->Username = $emailSetting["SMTP_Username"]; //Sets SMTP username
$mail->Password = $emailSetting["SMTP_Password"]; //Sets SMTP password
$mail->SMTPSecure = $emailSetting["SMTP_Secure"]; //Sets connection prefix. Options are "", "ssl" or "tls"
$mail->From = $from_email; //'info@webslesson.info'; //Sets the From email address for the message
$mail->FromName = $emailSetting["from_name"];//'localhost'; //Sets the From name of the message
$mail->AddAddress($to_email, $userName); //Adds a "To" address
$mail->WordWrap = 200; //Sets word wrapping on the body of the message to a given number of characters
$mail->IsHTML(true); //Sets message type to HTML
$mail->Subject = $subject; //Sets the Subject of the message
$mail->Body = $mail_body; //An HTML or plain text message body
if($mail->Send()){ //Send an Email. Return true on success or false on error
$message = '<label class="text-success">Register Done, Please check your mail.</label>';
}else{
$message = "<label class='text-danger'>Email sending failed: " . $mail->ErrorInfo ." (phpmailer error)</label>";
}
}catch(phpmailerException $e) {
$message = "<label class='text-danger'>Email sending failed: ".$e->errorMessage()." (phpmailer error)</label>";
}catch(Exception $e) {
$message = "<label class='text-danger'>Email sending failed: " . $e->getMessage() ." (general error)</label>";
}
}else{
$message = '<label class="text-danger">Sorry there must have been an issue reading data from database.</label>';
}
}else{
$message = '<label class="text-danger">Email Not Exits</label>';
}
}else{
$isValidLink = true;
}
function getBaseUrl(){
if(isset($_SERVER['HTTPS'])){
$protocol = ($_SERVER['HTTPS'] && $_SERVER['HTTPS'] != "off") ? "https" : "http";
}
else{
$protocol = 'http';
}
$host = $_SERVER['HTTP_HOST'];
$host_upper = strtoupper($host);
$path = rtrim(dirname($_SERVER['PHP_SELF']), '/\\');
return $protocol . "://" . $host . $path . "/";
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Forgot password</title>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<!--===============================================================================================-->
<link rel="icon" type="image/png" href="images/icons/favicon.ico"/>
<!--===============================================================================================-->
<link rel="stylesheet" href="./include/bootstrap/css/bootstrap.min.css">
<!--===============================================================================================-->
<link rel="stylesheet" type="text/css" href="./include/fonts/font-awesome-4.7.0/css/font-awesome.min.css">
<!--===============================================================================================-->
<link rel="stylesheet" type="text/css" href="css/util.css">
<link rel="stylesheet" type="text/css" href="css/main.css">
<!--===============================================================================================-->
</head>
<body>
<?php if(!$isValidLink){ ?>
<div class="limiter">
<div class="container-login100" style="background-image: url('images/bg05.jpg');">
<div class="wrap-login100 p-b-100">
<h1>Forgot password</h1>
<?php if(!empty($message)): ?>
<p class=" p-t-20 p-b-20" style = "text-align:center;background-color:white;"><?= $message ?></p>
<?php endif; ?>
</div>
</div>
</div>
<?php }else{ ?>
<div class="limiter">
<div class="container-login100" style="background-image: url('images/bg05.jpg');">
<div class="wrap-login100 p-b-100">
<h1>Forgot password</h1>
<form class="login100-form validate-form" action="forgot_password.php" method="POST">
<span class="login100-form-title p-t-20 p-b-45"></span>
<div class="wrap-input100 validate-input m-b-10" data-validate = "Enter your email (format: xxx@xxx.xxx)">
<input class="input100" type="text" name="email" placeholder="email">
<span class="focus-input100"></span>
<span class="symbol-input100">
<i class="fa fa-user"></i>
</span>
</div>
<div class="container-login100-form-btn p-t-10">
<input type="submit" class="login100-form-btn" value="submit" />
</div>
</form>
</div>
</div>
</div>
<!--===============================================================================================-->
<script src="./include/jquery/jquery-1.12.4.min.js"></script>
<!--===============================================================================================-->
<script src="js/main.js"></script>
<?php }?>
</body>
</html>