-
Notifications
You must be signed in to change notification settings - Fork 0
/
frgt_pwd.php
186 lines (160 loc) · 7 KB
/
frgt_pwd.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
<html>
<head>
<meta charset="utf-8">
<meta http-equiv="x-ua-compatible" content="ie=edge">
<title>Reset Password</title>
<meta name="description" content="">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="manifest" href="site.webmanifest">
<!-- Place favicon.ico in the root directory -->
<link rel="stylesheet" href="https://fonts.googleapis.com/icon?family=Material+Icons">
<link rel="stylesheet" href="https://code.getmdl.io/1.3.0/material.teal-amber.min.css"/>
<script defer src="https://code.getmdl.io/1.3.0/material.min.js"></script>
<!--<link rel="stylesheet" href="css/materialize.css" >-->
<link rel="stylesheet" type="text/css" href="font-awesome-4.7.0/css/font-awesome.css">
<link href="https://fonts.googleapis.com/icon?family=Material+Icons" rel="stylesheet">
<link type="text/css" rel="stylesheet" href="css/materialize.min.css" media="screen,projection"/>
<link rel="stylesheet" href="css/main.css">
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js"></script>
<script type="text/javascript" src="js/materialize.min.js"></script>
<style>
#login form {
display: inline-block;
position: fixed;
left: 0;
right: 0;
margin: auto;
}
.error {
color: red;
}
</style>
<script>
$(document).ready(function () {
$(".button-collapse").sideNav();
});
</script>
</head>
<body>
<nav>
<div class="nav-wrapper">
<a href="#" data-activates="slide-out" class="button-collapse"><i class="material-icons">menu</i></a>
<a href="index.php" class="brand-logo"> hack_it</a>
<ul id="slide-out" class="side-nav">
<li><a href="lboard.php">Leaderboard</a></li>
<li><a href="https://www.reddit.com/r/hack_it/" target="_blank">r/hack_it</a></li>
<li><a href="about.php">About</a></li>
</ul>
<ul id="nav-mobile" class="right hide-on-med-and-down">
<li><a href="lboard.php">Leaderboard</a></li>
<li><a href="https://www.reddit.com/r/hack_it/" target="_blank">r/hack_it</a></li>
<li><a href="about.php">About</a></li>
</ul>
</div>
</nav>
<script>
function check() {
var x = document.getElementById('password1').value;
var y = document.getElementById('password2').value;
pat = /^(?=.*[A-Za-z])(?=.*\d)(?=.*[$@!%*#?&])[A-Za-z\d$@!%*#?&]{8,}$/;
if (!pat.test(x)) {
document.getElementById('passwordE').innerHTML =
'Password must be atleast minimum eight characters(at least one letter, one number and one special character)';
return false;
}
if (x === y) {
document.getElementById('passwordE').innerHTML = "";
return true;
}
else {
document.getElementById('passwordE').innerHTML = "";
document.getElementById('passwordE').innerHTML = "Passwords do not match.<br>Try Again!";
return false;
}
}
</script>
<?php
function test_input($data)
{
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
require 'variables.php';
require 'com/config/DBHelper.php';
$email = test_input($_POST['email']);
$password = test_input($_POST['password']);
$password = hash("sha512", $password);
$q1 = "SELECT * FROM `users` WHERE email='$email'";
$db = new DBHelper();
$conn = $db->getConnection();
$result = $conn->query($q1);
//or die($conn->error);
//print_r($result);
$r = $result->fetch_assoc();
$hash = uniqid(rand());
if ($result->num_rows > 0) {
$q2 = "UPDATE `users` SET temp_pwd='$password', hash='$hash' WHERE email='$email'";
if ($conn->query($q2) == false) {
//die($conn->connect_error);
die("Error occured while sending link to Email");
}
// email id found
try {
//Recipients
//$mail->setFrom('[email protected]', 'hack_it, LCC SJCE');
//$mail->addAddress($r['email']); // Name is optional
//Content
//$mail->isHTML(true); // Set email format to HTML
//$mail->Subject = 'Password Reset Confirmation Link';
//$mail->Body = 'A Password recovery attempt was made on your account.<br>
// Click on this <a href="' . $root_path . 'confirm.php?m=r&u=' . $r['username'] . '&h=' . $hash . '"><b>link</b></a>
// to confirm password change';
//$mail->AltBody = 'A Password recovery attempt was made on your account.Click on this link to confirm
// password change in a HTML-enabled mail service';
//$mail->send();
$to = $r['email'];
$subject = 'Password Reset Confirmation Link';
$body = 'A Password recovery attempt was made on your account.<br>
Click on this <' . $root_path . 'confirm.php?m=r&u=' . $r['username'] . '&h=' . $hash . ' link to confirm password change';
mail($to, $subject, $body);
echo 'Message has been sent.<br>';
echo 'Access your mail to confirm Password Reset.<br>';
echo '<a href="' . $root_path . '"><b>Go Back</b></a>';
} catch (Exception $e) {
echo 'Message could not be sent. Mailer Error: ', $mail->ErrorInfo;
}
} else {
echo "<p>Email-ID not found. Try Again.</p>";
}
} else {
echo '
<div class="row card" id="login">
<form class="col m6 s12" action = "' . htmlspecialchars($_SERVER["PHP_SELF"]) . '" method = "post" onsubmit="return check()">
<div class="row">
<div class="input-field col s12">
<i class="material-icons prefix">email</i>
<input id = "email" name = "email" type = "email" placeholder = "Email-ID" required ><br >
</div>
<div class="input-field col s12">
<i class="material-icons prefix">vpn_key</i>
<input id = "password1" name = "password" type = "password" placeholder = "New Password" required ><br>
</div>
<div class="input-field col s12">
<i class="material-icons prefix">done_all</i>
<input id = "password2" name = "password" type = "password" placeholder = "Confirm New Password" required ><br>
</div>
<div class="input-field col s12">
<button type = "submit" class="btn" > Reset Password </button >
</div>
</div>
</form >
</div>
<span class="error" id="passwordE"></span> ';
}
?>
</body>
<footer class="footer footer-copyright"><div></div><div><p>© 2018 Made by <a href="https://github.com/OpenWeavers" target="_blank"><img src="img/OpenWeavers-01.png" alt="OpenWeavers" width="30" height="30"></a></p></div></footer>
</html>