Skip to content
Snippets Groups Projects
Select Git revision
  • d17188d89529187fa3b45e47b55cd48deac3f1be
  • main default protected
2 results

forgotpassword.php

Blame
    • forgotpassword.php 3.23 KiB 
    <?php
require_once 'header.php';
$provided_email = '';
$provided_password = '';
$errors = null;
$message = null;




if (isset($_POST['email']) && !empty($_POST['email'])) {
    $provided_email = htmlspecialchars($_POST['email']);
}
if (isset($_POST['email']) && empty($_POST['email'])) {
    $errors = 'email should\'nt be empty';

}


if (isset($_POST['password']) && !empty($_POST['password'])) {
    $provided_password = htmlspecialchars($_POST['password']);
}
if (isset($_POST['password']) && empty($_POST['password'])) {
    $errors = 'password is required';
}


if (!empty($_POST['email']) && !empty($_POST['password'])) {

    $result = $obj->getUserByEmail($obj, $provided_email);

    if (!empty($result)) {

        // hashed password 
        $hashed_password = password_hash($provided_password, PASSWORD_BCRYPT);

        // reset token 
        $token = hash('sha256', time() . $provided_email . $obj->getENV()['SECRET']);


        $message = ['email' => $provided_email, 'token' => $token, 'validat_until' => time() + ($obj->getENV()['token_validation_time'] * 60)];

        $verification_token = ['message' => $message, 'reset' => 1, 'hash_of_message' => $obj->encrypt(json_encode($message))];


        $encrypted_token = $obj->encrypt(json_encode($verification_token));


        $query = "update users set email_verified= 0 , password='$hashed_password', password_reset_token = '$token', verified_at = current_timestamp where email='$provided_email';";
        $result = $obj->executeQuery($query);
        if ($result) {
            $body = '
            <p>click on this link below to reset password</p>
            <p><b><a href="https://x2-secure-app.switzerlandnorth.cloudapp.azure.com/verifyAcount.php?token=' . $encrypted_token . '">confirm reset password</a></b></p>
        ';

            $sended = $obj->sendMail($provided_email, 'confirm reset password', $body);

            if ($sended) {
                $message = "your password has been changed please verify your email";
            }
        }

    } else {
        $errors = 'email doesn\'t exists ';
    }



}
    ?>

<div class="forgot_password">
    <h4 class='text-center'>Reset Password</h4>
    <text class='text-danger text-center'>
        <?php
        if ($errors != null) {
            echo $errors;
        }
        ?>
    </text>

    <text class='text-success text-center'>
        <?php
        if ($message != null) {
            echo $message;
        }
        ?>
    </text>
    <form action='' method='POST'>
        <div class="mb-3">
            <label for="exampleInputEmail1" class="form-label">Email address</label>
            <input type="text" name="email" value="<?php echo $provided_email ?>" class="form-control"
                id="exampleInputEmail1" aria-describedby="emailHelp">
        </div>

        <div class="mb-3">
            <label for="exampleInputPassword1" class="form-label">new password</label>
            <input type="password" name="password" value="<?php echo $provided_password ?>" class="form-control"
                id="exampleInputPassword1">
        </div>

        <div class="d-flex justify-content-between">
            <button type="submit" class="btn btn-primary btn-sm">Reset</button>
        </div>
    </form>
</div>


<?php
include_once 'footer.php';
?>