forked from rajbdilip/treasherlocked
-
Notifications
You must be signed in to change notification settings - Fork 0
/
reset-password.php
117 lines (98 loc) · 4.3 KB
/
reset-password.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
<?php
require( 'config/consts.php' );
$page = NON_NAV;
session_start();
require_once( DOCUMENT_ROOT . 'classes/LoginHelper.php' );
require_once( DOCUMENT_ROOT . 'config/db.php' );
/* Check if the user is logged in */
$loginHelper = new LoginHelper($db);
if ( $loginHelper->IsLoggedIn() ) {
header( 'Location: ' . SITE_URL );
exit;
}
if ( isset( $_GET['id'] ) && isset( $_GET['auth_code'] ) ) {
$id = $db->escape( $_GET['id'] );
$auth_code = $db->escape( $_GET['auth_code'] );
// Check the validityof the authorization code
$db->where( 'id', $id )->where( 'auth_code', $auth_code );
$user = $db->getOne( 'users', 'id' );
if ( $db->count > 0 ) {
// Valid authorization code
// Set Session variables for verification in AJAX request later
$_SESSION['reset_verified'] = true;
$_SESSION['reset_id'] = $user['id'];
// To prevent form spoofing
$spoof_proof = sha1( time() . chr( mt_rand( 97, 122 ) ) );
$_SESSION['spoof_proof'] = $spoof_proof;
} else {
$invalid_request = true;
}
} else {
$invalid_request = true;
}
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no" />
<link rel="shortcut icon" href="<?php echo SSTATIC; ?>favicon.png" type="image/png">
<link rel="icon" href="<?php echo SSTATIC; ?>favicon.png" type="image/png">
<title>Forgot password - Treasherlocked 2.0, because the hunt is on</title>
<meta name="description" content="Forgot your password? Reset it here." />
<meta name="keywords" content="Forgot your password? Reset it here." />
<link href="<?php echo SSTATIC; ?>css/bootstrap.css" rel="stylesheet" />
<link href="<?php echo SSTATIC; ?>css/animate.css" rel="stylesheet" />
<link href="<?php echo SSTATIC; ?>css/base.css" rel="stylesheet" />
<link href="<?php echo SSTATIC; ?>css/social.css" rel="stylesheet" />
<link href="<?php echo SSTATIC; ?>css/queries.css" rel="stylesheet" />
<!--[if lt IE 9]>
<script src="https://oss.maxcdn.com/libs/html5shiv/3.7.0/html5shiv.js"></script>
<script src="https://oss.maxcdn.com/libs/respond.js/1.4.2/respond.min.js"></script>
<![endif]-->
</head>
<body id="top">
<?php require( DOCUMENT_ROOT . 'includes/html/header.php' ); ?>
<section class="page section-padding">
<div class="container">
<div class="row">
<div class="social">
<div class="treasherlocked">
<?php if ( isset( $invalid_request ) ) : ?>
<p>Invalid request!</p>
<?php else: ?>
<h3>Reset your password</h3>
<form id="reset">
<div class="row">
<input type="password" class="text" id="new_password" name="new_password" placeholder="New password" maxlength="30" />
<p class="error" id="e_new_password"><span>Password</span> must be 6 to 30 characters long.</p>
<input type="password" class="text" id="new_password2" name="new_password2" placeholder="Confirm password" maxlength="30" />
<p class="error" id="e_new_password2">Passwords do not match.</p>
</div>
<div class="row">
<input type="hidden" name="spoof_proof" value="<?php echo $spoof_proof; ?>" />
<p class="error spaced" id="submit_error"></p>
<a class="btn btn-effect btn-block" id="submit">Reset Password</a>
</div>
</form>
<?php endif; ?>
</div>
</div>
</div>
</div>
</section>
<!--FOOTER-->
<?php require('includes/html/footer.php'); ?>
<!-- /FOOTER -->
<script type="text/javascript" src="<?php echo SSTATIC; ?>js/jquery-1.11.0.min.js"></script>
<script type="text/javascript" src="<?php echo SSTATIC; ?>js/jquery-ui-1.10.4.min.js"></script>
<script type="text/javascript" src="<?php echo SSTATIC; ?>js/bootstrap.min.js" ></script>
<script type="text/javascript" src="<?php echo SSTATIC; ?>js/smooth-scroll.js"></script>
<script type="text/javascript" src="<?php echo SSTATIC; ?>js/jquery.nicescroll.js"></script>
<script type="text/javascript" src="<?php echo SSTATIC; ?>js/wow.min.js"></script>
<script type="text/javascript" src="<?php echo SSTATIC; ?>js/validator.js"></script>
<script type="text/javascript" src="<?php echo SSTATIC; ?>js/init.js"></script>
<script type="text/javascript" src="<?php echo SSTATIC; ?>js/init_pass_reset.js"></script>
<?php require('includes/html/tracking.php'); ?>
</body>
</html>