forked from WWBN/AVideo
-
Notifications
You must be signed in to change notification settings - Fork 0
/
userRecoverPass.php
181 lines (155 loc) · 8.17 KB
/
userRecoverPass.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
<?php
global $global, $config;
if (!isset($global['systemRootPath'])) {
require_once '../videos/configuration.php';
}
require_once $global['systemRootPath'] . 'objects/user.php';
if (empty($_POST['user'])) {
$_POST['user'] = $_GET['user'];
}
$user = new User(0, $_POST['user'], false);
if (!(!empty($_GET['user']) && !empty($_GET['recoverpass']))) {
$obj = new stdClass();
header('Content-Type: application/json');
if (!empty($user->getEmail())) {
$recoverPass = md5(rand());
$recoverPass = $user->setRecoverPass($recoverPass);
if (!empty($_POST['captcha']) && $user->save()) {
require_once 'captcha.php';
$valid = Captcha::validation($_POST['captcha']);
if ($valid) {
require_once $global['systemRootPath'] . 'objects/PHPMailer/src/PHPMailer.php';
require_once $global['systemRootPath'] . 'objects/PHPMailer/src/SMTP.php';
require_once $global['systemRootPath'] . 'objects/PHPMailer/src/Exception.php';
//Create a new PHPMailer instance
$mail = new PHPMailer\PHPMailer\PHPMailer;
setSiteSendMessage($mail);
//Set who the message is to be sent from
$mail->setFrom($config->getContactEmail(), $config->getWebSiteTitle());
//Set who the message is to be sent to
$mail->addAddress($user->getEmail());
//Set the subject line
$mail->Subject = 'Recover Pass from ' . $config->getWebSiteTitle();
$msg = __("You asked for a recover link, click on the provided link") . " <a href='{$global['webSiteRootURL']}recoverPass?user={$_POST['user']}&recoverpass={$recoverPass}'>" . __("Reset password") . "</a>";
$mail->msgHTML($msg);
//send the message, check for errors
if (!$mail->send()) {
$obj->error = __("Message could not be sent") . " " . $mail->ErrorInfo;
} else {
$obj->success = __("Message sent");
}
} else {
$obj->error = __("Your code is not valid");
}
} else {
$obj->error = __("Recover password could not be saved!");
}
} else {
$obj->error = __("You do not have an e-mail");
}
die(json_encode($obj));
} else {
?>
<!DOCTYPE html>
<html lang="<?php echo $_SESSION['language']; ?>">
<head>
<title><?php echo $config->getWebSiteTitle(); ?> :: <?php echo __("Recover Password"); ?></title>
<?php
include $global['systemRootPath'] . 'view/include/head.php';
?>
</head>
<body class="<?php echo $global['bodyClass']; ?>">
<?php
include $global['systemRootPath'] . 'view/include/navbar.php';
?>
<div class="container">
<?php
if ($user->getRecoverPass() != $_GET['recoverpass']) {
?>
<div class="alert alert-danger"><?php echo __("The recover pass does not match!"); ?></div>
<?php
} else {
?>
<form class="well form-horizontal" action=" " method="post" id="recoverPassForm">
<fieldset>
<!-- Form Name -->
<legend><?php echo __("Recover password!"); ?></legend>
<div class="form-group">
<label class="col-md-4 control-label"><?php echo __("User"); ?></label>
<div class="col-md-8 inputGroupContainer">
<div class="input-group">
<span class="input-group-addon"><i class="glyphicon glyphicon-lock"></i></span>
<input name="user" class="form-control" type="text" value="<?php echo $user->getUser(); ?>" readonly >
</div>
</div>
</div>
<div class="form-group">
<label class="col-md-4 control-label"><?php echo __("Recover Password"); ?></label>
<div class="col-md-8 inputGroupContainer">
<div class="input-group">
<span class="input-group-addon"><i class="glyphicon glyphicon-lock"></i></span>
<input name="recoverPassword" class="form-control" type="text" value="<?php echo $user->getRecoverPass(); ?>" readonly >
</div>
</div>
</div>
<div class="form-group">
<label class="col-md-4 control-label"><?php echo __("New Password"); ?></label>
<div class="col-md-8 inputGroupContainer">
<div class="input-group">
<span class="input-group-addon"><i class="glyphicon glyphicon-lock"></i></span>
<input name="newPassword" placeholder="<?php echo __("New Password"); ?>" class="form-control" type="password" value="" >
</div>
</div>
</div>
<div class="form-group">
<label class="col-md-4 control-label"><?php echo __("Confirm New Password"); ?></label>
<div class="col-md-8 inputGroupContainer">
<div class="input-group">
<span class="input-group-addon"><i class="glyphicon glyphicon-lock"></i></span>
<input name="newPasswordConfirm" placeholder="<?php echo __("Confirm New Password"); ?>" class="form-control" type="password" value="" >
</div>
</div>
</div>
<!-- Button -->
<div class="form-group">
<label class="col-md-4 control-label"></label>
<div class="col-md-8">
<button type="submit" class="btn btn-primary" ><?php echo __("Save"); ?> <span class="glyphicon glyphicon-save"></span></button>
</div>
</div>
</fieldset>
</form>
<?php
}
?>
</div>
</div><!--/.container-->
<?php
include $global['systemRootPath'] . 'view/include/footer.php';
?>
<script>
$(document).ready(function () {
$('#recoverPassForm').submit(function (evt) {
evt.preventDefault();
modal.showPleaseWait();
$.ajax({
url: '<?php echo $global['webSiteRootURL']; ?>objects/userRecoverPassSave.json.php',
data: $('#recoverPassForm').serializeArray(),
type: 'post',
success: function (response) {
modal.hidePleaseWait();
if (!response.error) {
swal("<?php echo __("Congratulations!"); ?>", "<?php echo __("Your new password has been set!"); ?>", "success");
} else {
swal("<?php echo __("Your new password could not be set!"); ?>", response.error, "error");
}
}
});
return false;
});
});
</script>
</body>
</html>
<?php
}