Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- // Include configuration
- require('include/config.php');
- // If logged in redirect to members page
- if( $user->is_logged_in() ){ header('Location: welcome.php'); }
- $stmt = $db->prepare('SELECT resetToken, resetComplete FROM members WHERE resetToken = :token');
- $stmt->execute(array(':token' => $_GET['key']));
- $row = $stmt->fetch(PDO::FETCH_ASSOC);
- // If no token from db then kill the page
- if(empty($row['resetToken'])){
- $stop = 'Invalid token provided, please use the link provided in the reset email.';
- } elseif($row['resetComplete'] == 'Yes') {
- $stop = 'Your password has already been changed!';
- }
- // If form has been submitted process it
- if(isset($_POST['submit'])){
- // Basic validation
- if(strlen($_POST['password']) < 3){
- $error[] = 'Password is too short.';
- }
- if(strlen($_POST['passwordConfirm']) < 3){
- $error[] = 'Confirm password is too short.';
- }
- if($_POST['password'] != $_POST['passwordConfirm']){
- $error[] = 'Passwords do not match.';
- }
- // If no errors have been created carry on
- if(!isset($error)){
- // Hash the password
- $hashedpassword = $user->password_hash($_POST['password'], PASSWORD_BCRYPT);
- try {
- $stmt = $db->prepare("UPDATE members SET password = :hashedpassword, resetComplete = 'Yes' WHERE resetToken = :token");
- $stmt->execute(array(
- ':hashedpassword' => $hashedpassword,
- ':token' => $row['resetToken']
- ));
- // Redirect to index page
- header('Location: login.php?action=resetAccount');
- exit;
- }
- // Else catch the exception and show the error
- catch(PDOException $e) {
- $error[] = $e->getMessage();
- }
- }
- }
- // Include header template
- require('layout/header.php');
- // Include navigation template
- require('layout/navigation.php');
- ?>
- <div id="navbarSpaceBottom"></div>
- <section id="about" class="bg-16 bg-cover bg-center">
- <div class="bg-filter">
- <div class="container section-lg">
- <h1 class="top-title">Construction</h1>
- </div>
- </div>
- </section>
- <div class="container">
- <div class="row">
- <div class="col-xs-12 col-sm-8 col-md-6 col-sm-offset-2 col-md-offset-3">
- <p class="big-subtitle text-center">Test</p>
- <?php
- if(isset($stop)){
- echo "<p class'alert alert-danger'>$stop</p>";
- } else {
- ?>
- <form role="form" method="post" action="" autocomplete="off">
- <?php
- // Check for any errors
- if(isset($error)){
- foreach($error as $error){
- echo '<p class="alert alert-danger">'.$error.'</p>';
- }
- }
- // Check the action
- switch ($_GET['action']) {
- case 'active':
- echo "<h2 class='alert alert-success'>Your account is now active and you may now log in.</h2>";
- break;
- case 'reset':
- echo "<h2 class='alert alert-success'>Please check your inbox for a reset link.</h2>";
- break;
- }
- ?>
- <div class="row">
- <div class="col-xs-6 col-sm-6 col-md-6">
- <div class="form-group">
- <input type="password" name="password" id="password" class="form-control input-lg" placeholder="Password" tabindex="1">
- </div>
- </div>
- <div class="col-xs-6 col-sm-6 col-md-6">
- <div class="form-group ">
- <input type="password" name="passwordConfirm" id="passwordConfirm" class="form-control input-lg" placeholder="Confirm Password" tabindex="2">
- </div>
- </div>
- </div>
- <hr>
- <div class="row">
- <div class="col-xs-6 col-md-6">
- <input type="submit" name="submit" value="Change Password" class="btn btn-primary btn-block btn-lg" tabindex="3">
- </div>
- </div>
- </form>
- <?php } ?>
- </div>
- </div>
- </div>
- <?php
- // Include footer template
- require('layout/footer.php');
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
