admin/37684-vm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

LPA-Health V1.2

Browse Source
This commit is contained in:
Flatlogic Bot 2026-03-01 00:19:57 +00:00
parent efd6077fc9
commit 8b1250d5af
4 changed files with 11 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
forgot-password.php
View File

@ -26,8 +26,8 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$update = db()->prepare('UPDATE users SET reset_token = ?, reset_expires_at = ? WHERE id = ?'); $update = db()->prepare('UPDATE users SET reset_token = ?, reset_expires_at = ? WHERE id = ?');
$update->execute([$token, $expiry, $user['id']]); $update->execute([$token, $expiry, $user['id']]);
$host = $_SERVER['HTTP_HOST']; $host = $_SERVER['HTTP_HOST'] ?? 'localhost';
$protocol = isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on' ? 'https' : 'http'; $protocol = (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on') || (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https') ? 'https' : 'http';
$reset_link = "$protocol://$host/reset-password.php?token=$token"; $reset_link = "$protocol://$host/reset-password.php?token=$token";
$subject = 'Reset Your Password'; $subject = 'Reset Your Password';

7
resend-verification.php
View File

@ -28,8 +28,8 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST' || isset($_GET['email'])) {
$stmt = $db->prepare('UPDATE users SET verification_token = ? WHERE id = ?'); $stmt = $db->prepare('UPDATE users SET verification_token = ? WHERE id = ?');
if ($stmt->execute([$token, $user['id']])) { if ($stmt->execute([$token, $user['id']])) {
// Send verification email // Send verification email
$proto = isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on' ? 'https' : 'http'; $proto = (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on') || (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https') ? 'https' : 'http';
$host = $_SERVER['HTTP_HOST']; $host = $_SERVER['HTTP_HOST'] ?? 'localhost';
$verify_link = "$proto://$host/verify.php?token=$token"; $verify_link = "$proto://$host/verify.php?token=$token";
$subject = "Verify your account - $project_name"; $subject = "Verify your account - $project_name";
@ -56,9 +56,6 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST' || isset($_GET['email'])) {
} }
} }
} else { } else {
// We don't want to reveal if an email exists, but in this specific context (resend activation),
// it's usually okay or we can say "If an account exists, a link was sent".
// However, the original signup reveals it, so let's just say not found for simplicity here.
$error = 'No account found with this email address.'; $error = 'No account found with this email address.';
} }
} }

4
signup.php
View File

@ -37,8 +37,8 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$stmt = $db->prepare('INSERT INTO users (name, email, password, is_verified, verification_token) VALUES (?, ?, ?, 0, ?)'); $stmt = $db->prepare('INSERT INTO users (name, email, password, is_verified, verification_token) VALUES (?, ?, ?, 0, ?)');
if ($stmt->execute([$name, $email, $hashed_password, $token])) { if ($stmt->execute([$name, $email, $hashed_password, $token])) {
// Send verification email // Send verification email
$proto = isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on' ? 'https' : 'http'; $proto = (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on') || (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https') ? 'https' : 'http';
$host = $_SERVER['HTTP_HOST']; $host = $_SERVER['HTTP_HOST'] ?? 'localhost';
$verify_link = "$proto://$host/verify.php?token=$token"; $verify_link = "$proto://$host/verify.php?token=$token";
$subject = "Verify your account - $project_name"; $subject = "Verify your account - $project_name";