-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathforgotPassword.php
92 lines (51 loc) · 2.6 KB
/
forgotPassword.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
<?php
include('templates/header.php');
include("database/connection.php");
include('database/polls_fetch.php');
include_once('PasswordHash.php');
// session_start();
if($_SERVER["REQUEST_METHOD"] == "POST")
{
if (isset($_POST['username']) && isset($_POST['email'])){
$username = $_POST['username'];
$email = $_POST['email'];
$stmt = $db->prepare('SELECT Email FROM Utilizador WHERE username = :user');
$stmt->bindParam(':user',$username, PDO::PARAM_STR);
$stmt->execute();
$result = $stmt->fetch();
if($result[0] == $email) {
// Generating Password
$chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%&*_";
/*$password = substr( str_shuffle( $chars ), 0, 8 );*/
$code = substr( str_shuffle( $chars ), 0, 8 );
$link = "http://".getUrlWithoutPage()."/change_password_vialink.php?username=".$username."&codePw=".$code;
/*
$stmt = $db->prepare('UPDATE Utilizador SET Pword= :temppw WHERE username = :user');
$stmt->bindParam(':temppw',create_hash($password), PDO::PARAM_STR);
$stmt->bindParam(':user',$username, PDO::PARAM_STR);
$stmt->execute();
*/
$stmt = $db->prepare('INSERT INTO resetPw (userId,tempCode) VALUES (?,?)');
$stmt->execute(array(getUserIDbyUsername($username), create_hash($code)));
echo $message = "Hello!\n
If you don't have an account on Polly or didn't ask for a new password please ignore this email. \n
Your new password: " . $password . "\n You can also click the following link to reset the password right now. Note that this link can only be used once, so if you don't reset your password you'll have to use the one we gave you in this email. \n LINK:" . $link;
mail($email,'New Password',$message,'From: polly@forms.com');
/// header('Location: polls_index.php');
}
}
}
?>
<center>
<div id="validatemodal" >
<h1>Recover your account</h1> <br>
<form id="loginform" name="loginform" method="POST" action="">
<label for="username"> Enter your username :</label>
<input type="text" name="username" id="username" class="txtfield" tabindex="1">
<label for="email"> Enter your email :</label>
<input type="text" name="email" id="email" class="txtfield" tabindex="2">
<div class="center"><input type="submit" name="submit" id="loginbtn" class="flatbtn-blu hidemodal" value="Validate" tabindex="2"></div>
</form>
</div>
</center>
<? include('templates/footer.php'); ?>