<?php/*UserSpice 4An Open Source PHP User Management Systemby the UserSp

1. <?php
2. /*
3. UserSpice 4
4. An Open Source PHP User Management System
5. by the UserSpice Team at http://UserSpice.com
6.  
7. This program is free software: you can redistribute it and/or modify
8. it under the terms of the GNU General Public License as published by
9. the Free Software Foundation, either version 3 of the License, or
10. (at your option) any later version.
11.  
12. This program is distributed in the hope that it will be useful,
13. but WITHOUT ANY WARRANTY; without even the implied warranty of
14. MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15. GNU General Public License for more details.
16.  
17. You should have received a copy of the GNU General Public License
18. along with this program. If not, see <http://www.gnu.org/licenses/>.
19. */
20. ?>
21. <?php require_once 'init.php'; ?>
22. <?php require_once $abs_us_root.$us_url_root.'users/includes/header.php'; ?>
23. <?php require_once $abs_us_root.$us_url_root.'users/includes/navigation.php'; ?>
24. <?php if (!securePage($_SERVER['PHP_SELF'])){die();} ?>
25. <?php
26. $error_message = null;
27. $errors = array();
28. $email_sent=FALSE;
29.  
30. $token = Input::get('csrf');
31. if(Input::exists()){
32. if(!Token::check($token)){
33. die('Token doesn\'t match!');
34. }
35. }
36.  
37. if (Input::get('forgotten_password')) {
38. $email = Input::get('email');
39. $fuser = new User($email);
40. //validate the form
41. $validate = new Validate();
42. $validation = $validate->check($_POST,array('email' => array('display' => 'Email','valid_email' => true,'required' => true,),));
43.  
44. if($validation->passed()){
45. if($fuser->exists()){
46. //send the email
47. $options = array(
48. 'fname' => $fuser->data()->fname,
49. 'email' => rawurlencode($email),
50. 'vericode' => $fuser->data()->vericode,
51. );
52. $subject = 'Password Reset';
53. $encoded_email=rawurlencode($email);
54. $body = email_body('_email_template_forgot_password.php',$options);
55. $email_sent=email($email,$subject,$body);
56. if(!$email_sent){
57. $errors[] = 'Email NOT sent due to error. Please contact site administrator.';
58. }
59. }else{
60. $errors[] = 'That email does not exist in our database';
61. }
62. }else{
63. //display the errors
64. $errors = $validation->errors();
65. }
66. }
67. ?>
68. <?php
69. if ($user->isLoggedIn()) {
70. Redirect::to('account.php');
71. }
72. ?>
73.  
74. <div id="page-wrapper">
75. <div class="container">
76. <?php
77.  
78. if($email_sent){
79. require 'views/_forgot_password_sent.php';
80. }else{
81. require 'views/_forgot_password.php';
82. }
83.  
84. ?>
85. </div><!-- /.container-fluid -->
86. </div><!-- /#page-wrapper -->
87. <script src="https://www.google.com/recaptcha/api.js" async defer></script>
88. <!-- footer -->
89. <!-- footers -->
90. <?php require_once $abs_us_root.$us_url_root.'users/includes/page_footer.php'; // the final html footer copyright row + the external js calls ?>
91.  
92. <!-- Place any per-page javascript here -->
93.  
94. <?php require_once $abs_us_root.$us_url_root.'users/includes/html_footer.php'; // currently just the closing /body and /html ?>