-
Notifications
You must be signed in to change notification settings - Fork 0
/
reset-password3.php
126 lines (110 loc) · 5.25 KB
/
reset-password3.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
<?php
include('config/db.php');
// Initialize the session
session_start();
$password = $repeatPassword = $msg = "";
if (isset($_POST, $_POST['resetPassword'])) {
if (isset($_POST['password'], $_POST['password-rep'])) {
if (isset($_SESSION, $_SESSION['RESET_EMAIL'])) {
$email = $_SESSION['RESET_EMAIL'];
$password = $_POST['password'];
$repeatPassword = $_POST['password-rep'];
if (empty($password) || empty($repeatPassword) || empty($email)) {
$msg = "<div class='alert alert-danger'>Please fill all the fields!</div>";
} else {
$password = trim(htmlspecialchars($password));
$repeatPassword = trim(htmlspecialchars($repeatPassword));
// validate password
if ($password != $repeatPassword) {
$msg = "<div class='alert alert-danger'>Passwords not match!</div>";
} elseif (strlen($password) < 6) {
$msg = "<div class='alert alert-danger'>Your password must be more than 6 character!</div>";
} else {
// insert into db
$updateQuery = "UPDATE t_user SET u_password=:password WHERE u_email=:email";
if ($stmtUpdate = $pdo->prepare($updateQuery)) {
$password = password_hash($password, PASSWORD_BCRYPT);
$execRes = $stmtUpdate->execute(['password' => $password, 'email' => $email]);
if ($execRes) {
$msg = "<div class='alert alert-danger'>Password Changed!</div>";
// Redirect to login page
header("location: login.php");
} else {
$msg = "<div class='alert alert-danger'>Something went wrong. Please try again!</div>";
}
unset($stmtUpdate);
}
}
// close the statement
unset($stmt);
}
}
// close connection to db
unset($pdo);
}
}
?>
<?php
$page_title = "Reset Password";
include('includes/head.php');
?>
<div class="container">
<div class="row m-auto col-sm-12 max-width-600">
<div class="col-sm-12 col-md">
<div class="card mt-5">
<div class="card-header text-center">
<h1>Reset Password</h1>
</div>
<div class="card-body">
<?php
if (!empty($_SESSION['RESET_EMAIL'])) {
echo "<div class='alert alert-info'>$_SESSION[RESET_EMAIL]</div>";
}
if (!empty($msg)) {
echo $msg;
}
?>
<form action="<?php echo $_SERVER['PHP_SELF'] ?>" method="post">
<?php
if (!empty($error)) {
echo " <div class='alert alert-danger text-center'>$error</div>";
}
?>
<div class="form-group">
<label for="password">New Password</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text">
<i class="fa fa-asterisk font-icon"></i>
</span>
</div>
<input class="form-control" type="password" id="password" name="password"
placeholder="New Password">
</div>
<span id="passwordAlert" class="alert-span"></span>
</div>
<div class="form-group">
<label for="password-rep">Confirm New Password</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text">
<i class="fa fa-repeat font-icon"></i>
</span>
</div>
<input class="form-control" type="password" id="password-rep" name="password-rep"
placeholder="Confirm New Password">
</div>
<span id="passwordRepAlert" class="alert-span"></span>
</div>
<button class="btn btn-dark btn-block font-weight-bold font-md mt-5" type="submit"
name="resetPassword" id="resetPassword">Reset Password
</button>
</form>
</div>
</div>
</div>
</div>
</div>
<?php
include('includes/tail.php');
?>