SHARE
TWEET

Untitled

a guest Jan 22nd, 2018 70 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <?php require('includes/config.php');
  2.  
  3. //if logged in redirect to members page
  4. if( $user->is_logged_in() ){ header('Location: ../members.php'); }
  5.  
  6. //if form has been submitted process it
  7. if(isset($_POST['submit'])){
  8.  
  9.     //email validation
  10.     if(!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)){
  11.         $error[] = 'Please enter a valid email address';
  12.     } else {
  13.         $stmt = $db->prepare('SELECT email,username FROM users WHERE email = :email');
  14.         $stmt->execute(array(':email' => $_POST['email']));
  15.         $row = $stmt->fetch(PDO::FETCH_ASSOC);
  16.         $username = $row['username'];
  17.         if(empty($row['email'])){
  18.             $error[] = 'There is no account associated with this email address. If you believe this is an error please contact support.';
  19.         }
  20.  
  21.     }
  22.  
  23.     //if no errors have been created carry on
  24.     if(!isset($error)){
  25.  
  26.  
  27.         if (@array_key_exists('HTTP_X_FORWARDED_FOR', $_SERVER)) {
  28.         $ip = @array_pop(explode(',', $_SERVER['HTTP_X_FORWARDED_FOR']));
  29.         }
  30.         //create the activasion code
  31.                 $token = bin2hex(random_bytes(32));
  32.         try {
  33.  
  34.             $stmt = $db->prepare("UPDATE users SET resetToken = :token, resetComplete='No', reset_IP = :ip WHERE email = :email");
  35.             $stmt->execute(array(
  36.                 ':email' => $row['email'],
  37.                 ':token' => $token,
  38.                 ':ip' => $ip
  39.             ));
  40.            
  41.             //send email
  42.             $to = $row['email'];
  43.             $subject = "Password Reset";
  44.             $body = "<p>Someone requested that the password be reset for user $username.</p>
  45.             <p>If this was a mistake, just ignore this email and nothing will happen.</p>
  46.             <p>To reset your password, visit the following address: <a href='https://thedownliner.com/login/resetcomptest.php?key=$token'>https://thedownliner.com/login/resetPassword.php?key=$token</a></p>
  47.             <p>Accounts</p>
  48.             <p>The Downliner</p>";
  49.  
  50.             $mail = new Mail();
  51.             $mail->setFrom(SITEEMAIL);
  52.             $mail->addAddress($to);
  53.             $mail->subject($subject);
  54.             $mail->body($body);
  55.             $mail->send();
  56.  
  57.             //redirect to index page
  58.             header('Location: login.php?action=reset');
  59.             exit;
  60.  
  61.         //else catch the exception and show the error.
  62.         } catch(PDOException $e) {
  63.             $error[] = $e->getMessage();
  64.         }
  65.  
  66.     }
  67.  
  68. }
  69.  
  70. //define page title
  71. $title = 'Reset Account';
  72.  
  73. //include header template
  74. require('layout/header.php');
  75. ?>
  76. <div class="container" style="width: 932px;">
  77. <br><br>
  78. <div class="panel panel-default" style="padding: 10px;">
  79.     <div class="row">
  80.  
  81.         <div class="col-xs-12 col-sm-8 col-md-6 col-sm-offset-2 col-md-offset-3">
  82.             <form role="form" method="post" action="" autocomplete="off">
  83.                 <h2>Reset Password</h2>
  84.                
  85.                 <hr>
  86.  
  87.                 <?php
  88.                 //check for any errors
  89.                 if(isset($error)){
  90.                     foreach($error as $error){
  91.                         echo '<div class="alert alert-danger" align="center">'.$error.'</div>';
  92.                     }
  93.                 }
  94.  
  95.                 if(isset($_GET['action'])){
  96.  
  97.                     //check the action
  98.                     switch ($_GET['action']) {
  99.                         case 'active':
  100.                             echo "<div class='alert alert-success' align='center'>Your account is now active you may now log in.</div>";
  101.                             break;
  102.                         case 'reset':
  103.                             echo "<div class='alert alert-success' align='center'>Please check your inbox for a reset link.</div>";
  104.                             break;
  105.                     }
  106.                 }
  107.                 ?>
  108.  
  109.                 <div class="form-group">
  110.                     <input type="email" name="email" id="email" class="form-control input-lg" placeholder="Email" tabindex="1">
  111.                 </div>
  112.  
  113.                 <hr>
  114.                 <div class="row">
  115.                     <div class="col-xs-6 col-md-6"><input type="submit" name="submit" value="Send Reset Link" class="btn btn-success btn-block btn-lg" tabindex="2"></div>
  116.                     <div class="col-xs-6 col-md-6"><a href='login.php' class="btn btn-primary btn-block btn-lg">Back to login page</a></div>
  117.                 </div>
  118.             </form>
  119.             <br><br>
  120.         </div>
  121.     </div>
  122.  
  123. </div>
  124. </div>
  125.  
  126. <?php
  127. //include header template
  128. require('layout/footer.php');
  129. ?>
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!
 
Top