admin/34968-vm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
34968-vm/reset_password.php
Flatlogic Bot e98192b894 V11
2025-10-15 04:36:26 +00:00

90 lines
3.4 KiB
PHP
Raw Permalink Blame History

<?php
session_start();
require_once 'db/config.php';
$page_title = "Reset Password";
$token = $_GET['token'] ?? null;
$message = '';
$error = '';
$show_form = false;
if (!$token) {
$error = "Invalid password reset token.";
} else {
$db = db();
$stmt = $db->prepare("SELECT * FROM password_resets WHERE token = :token AND created_at > NOW() - INTERVAL 1 HOUR");
$stmt->bindParam(':token', $token);
$stmt->execute();
$reset_request = $stmt->fetch(PDO::FETCH_ASSOC);
if (!$reset_request) {
$error = "Invalid or expired password reset token.";
} else {
$show_form = true;
$email = $reset_request['email'];
if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['password']) && isset($_POST['password_confirm'])) {
$password = $_POST['password'];
$password_confirm = $_POST['password_confirm'];
if ($password !== $password_confirm) {
$error = "Passwords do not match.";
} else {
// Update user's password
$hashed_password = password_hash($password, PASSWORD_DEFAULT);
$stmt = $db->prepare("UPDATE users SET password = :password WHERE email = :email");
$stmt->bindParam(':password', $hashed_password);
$stmt->bindParam(':email', $email);
$stmt->execute();
// Delete the reset token
$stmt = $db->prepare("DELETE FROM password_resets WHERE email = :email");
$stmt->bindParam(':email', $email);
$stmt->execute();
$message = "Your password has been reset successfully. You can now log in with your new password.";
$show_form = false;
}
}
}
}
include 'header.php';
?>
<div class="container mt-5">
<div class="row justify-content-center">
<div class="col-md-6">
<div class="card">
<div class="card-header">
<h4>Reset Password</h4>
</div>
<div class="card-body">
<?php if ($message): ?>
<div class="alert alert-success"><?php echo $message; ?></div>
<a href="login.php" class="btn btn-primary">Go to Login</a>
<?php elseif ($error): ?>
<div class="alert alert-danger"><?php echo $error; ?></div>
<?php endif; ?>
<?php if ($show_form): ?>
<form action="reset_password.php?token=<?php echo htmlspecialchars($token); ?>" method="post">
<div class="form-group mb-3">
<label for="password">New Password</label>
<input type="password" class="form-control" id="password" name="password" required>
</div>
<div class="form-group mb-3">
<label for="password_confirm">Confirm New Password</label>
<input type="password" class="form-control" id="password_confirm" name="password_confirm" required>
</div>
<button type="submit" class="btn btn-primary">Reset Password</button>
</form>
<?php endif; ?>
</div>
</div>
</div>
</div>
</div>
<?php include 'footer.php'; ?>
Reference in New Issue View Git Blame Copy Permalink