Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php require('../includes/config.php');
- //if logged in redirect to members page
- if( $user->is_logged_in() ){ header('Location: ../members.php'); }
- $stmt = $db->prepare('SELECT resetToken, resetComplete FROM users WHERE resetToken = :token');
- $stmt->execute(array(':token' => $_GET['key']));
- $row = $stmt->fetch(PDO::FETCH_ASSOC);
- //if no token from db then kill the page
- if(empty($row['resetToken'])){
- $stop = 'Invalid token provided, please use the link provided in the reset email.';
- } elseif($row['resetComplete'] == 'Yes') {
- $stop = 'Your password has already been changed!';
- }
- //if form has been submitted process it
- if(isset($_POST['submit'])){
- $password = strip_tags($_POST['password']);
- $passwordConfirm = strip_tags($_POST['passwordConfirm']);
- //basic validation
- if(strlen($password) < 3){
- $error[] = 'Password is too short.';
- }
- if(strlen($passwordConfirm) < 3){
- $error[] = 'Confirm password is too short.';
- }
- if($password != $passwordConfirm){
- $error[] = 'Passwords do not match.';
- }
- //if no errors have been created carry on
- if(!isset($error)){
- //hash the password
- $hashedpassword = $user->password_hash($password, PASSWORD_BCRYPT);
- try {
- $stmt = $db->prepare("UPDATE users SET pass = :hashedpassword, resetComplete = 'Yes', active='Yes' WHERE resetToken = :token");
- $stmt->execute(array(
- ':hashedpassword' => $hashedpassword,
- ':token' => $row['resetToken']
- ));
- //redirect to index page
- header('Location: login.php?action=resetAccount');
- exit;
- //else catch the exception and show the error.
- } catch(PDOException $e) {
- $error[] = $e->getMessage();
- }
- }
- }
- //define page title
- $title = 'Reset Account';
- //include header template
- require('layout/header.php');
- ?>
- <div class="container">
- <div class="row">
- <div class="col-xs-12 col-sm-8 col-md-6 col-sm-offset-2 col-md-offset-3">
- <?php if(isset($stop)){
- echo "<p>$stop</p>";
- } else { ?>
- <form role="form" method="post" autocomplete="off">
- <h2>Change Password</h2>
- <hr>
- <?php
- //check for any errors
- if(isset($error)){
- foreach($error as $error){
- echo '<p class="btn btn-warning">'.$error.'</p><br><br>';
- }
- }
- //check the action
- switch ($_GET['action']) {
- case 'active':
- echo "<h2 class='bg-success'>Your account is now active you may now log in.</h2>";
- break;
- case 'reset':
- echo "<h2 class='bg-success'>Please check your inbox for a reset link.</h2>";
- break;
- }
- ?>
- <div class="row">
- <div class="col-xs-6 col-sm-6 col-md-6">
- <div class="form-group">
- <input type="password" name="password" id="password" class="form-control input-lg" placeholder="Password" tabindex="1">
- </div>
- </div>
- <div class="col-xs-6 col-sm-6 col-md-6">
- <div class="form-group">
- <input type="password" name="passwordConfirm" id="passwordConfirm" class="form-control input-lg" placeholder="Confirm Password" tabindex="2">
- </div>
- </div>
- </div>
- <hr>
- <div class="row">
- <div class="col-xs-6 col-md-6"><input type="submit" name="submit" value="Change Password" class="btn btn-primary btn-block btn-lg" tabindex="3"></div>
- </div>
- </form>
- <?php } ?>
- </div>
- </div>
- </div>
- <?php
- //include header template
- require('layout/footer.php');
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement