SHARE
TWEET

Untitled

a guest Jan 22nd, 2018 130 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <?php require('../includes/config.php');
  2.  
  3. //if logged in redirect to members page
  4. if( $user->is_logged_in() ){ header('Location: ../members.php'); }
  5.  
  6. $stmt = $db->prepare('SELECT resetToken, resetComplete FROM users WHERE resetToken = :token');
  7. $stmt->execute(array(':token' => $_GET['key']));
  8. $row = $stmt->fetch(PDO::FETCH_ASSOC);
  9.  
  10. //if no token from db then kill the page
  11. if(empty($row['resetToken'])){
  12.     $stop = 'Invalid token provided, please use the link provided in the reset email.';
  13. } elseif($row['resetComplete'] == 'Yes') {
  14.     $stop = 'Your password has already been changed!';
  15. }
  16.  
  17. //if form has been submitted process it
  18. if(isset($_POST['submit'])){
  19.    
  20.     $password = strip_tags($_POST['password']);
  21.     $passwordConfirm = strip_tags($_POST['passwordConfirm']);
  22.  
  23.     //basic validation
  24.     if(strlen($password) < 3){
  25.         $error[] = 'Password is too short.';
  26.     }
  27.  
  28.     if(strlen($passwordConfirm) < 3){
  29.         $error[] = 'Confirm password is too short.';
  30.     }
  31.  
  32.     if($password != $passwordConfirm){
  33.         $error[] = 'Passwords do not match.';
  34.     }
  35.  
  36.     //if no errors have been created carry on
  37.     if(!isset($error)){
  38.  
  39.         //hash the password
  40.         $hashedpassword = $user->password_hash($password, PASSWORD_BCRYPT);
  41.  
  42.         try {
  43.  
  44.             $stmt = $db->prepare("UPDATE users SET pass = :hashedpassword, resetComplete = 'Yes', active='Yes'  WHERE resetToken = :token");
  45.             $stmt->execute(array(
  46.                 ':hashedpassword' => $hashedpassword,
  47.                 ':token' => $row['resetToken']
  48.             ));
  49.  
  50.             //redirect to index page
  51.             header('Location: login.php?action=resetAccount');
  52.             exit;
  53.  
  54.         //else catch the exception and show the error.
  55.         } catch(PDOException $e) {
  56.             $error[] = $e->getMessage();
  57.         }
  58.  
  59.     }
  60.  
  61. }
  62.  
  63. //define page title
  64. $title = 'Reset Account';
  65.  
  66. //include header template
  67. require('layout/header.php');
  68. ?>
  69.  
  70. <div class="container">
  71.  
  72.     <div class="row">
  73.  
  74.         <div class="col-xs-12 col-sm-8 col-md-6 col-sm-offset-2 col-md-offset-3">
  75.  
  76.  
  77.             <?php if(isset($stop)){
  78.  
  79.                 echo "<p>$stop</p>";
  80.  
  81.             } else { ?>
  82.  
  83.                 <form role="form" method="post" autocomplete="off">
  84.                     <h2>Change Password</h2>
  85.                     <hr>
  86.  
  87.                     <?php
  88.                     //check for any errors
  89.                     if(isset($error)){
  90.                         foreach($error as $error){
  91.                             echo '<p class="btn btn-warning">'.$error.'</p><br><br>';
  92.                         }
  93.                     }
  94.  
  95.                     //check the action
  96.                     switch ($_GET['action']) {
  97.                         case 'active':
  98.                             echo "<h2 class='bg-success'>Your account is now active you may now log in.</h2>";
  99.                             break;
  100.                         case 'reset':
  101.                             echo "<h2 class='bg-success'>Please check your inbox for a reset link.</h2>";
  102.                             break;
  103.                     }
  104.                     ?>
  105.  
  106.                     <div class="row">
  107.                         <div class="col-xs-6 col-sm-6 col-md-6">
  108.                             <div class="form-group">
  109.                                 <input type="password" name="password" id="password" class="form-control input-lg" placeholder="Password" tabindex="1">
  110.                             </div>
  111.                         </div>
  112.                         <div class="col-xs-6 col-sm-6 col-md-6">
  113.                             <div class="form-group">
  114.                                 <input type="password" name="passwordConfirm" id="passwordConfirm" class="form-control input-lg" placeholder="Confirm Password" tabindex="2">
  115.                             </div>
  116.                         </div>
  117.                     </div>
  118.                    
  119.                     <hr>
  120.                     <div class="row">
  121.                         <div class="col-xs-6 col-md-6"><input type="submit" name="submit" value="Change Password" class="btn btn-primary btn-block btn-lg" tabindex="3"></div>
  122.                     </div>
  123.                 </form>
  124.  
  125.             <?php } ?>
  126.         </div>
  127.     </div>
  128.  
  129.  
  130. </div>
  131.  
  132. <?php
  133. //include header template
  134. require('layout/footer.php');
  135. ?>
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top