Autosave: 20260225-075148

2026-02-25 07:51:48 +00:00 · 2026-02-25 07:51:48 +00:00 · 5122560397
commit 5122560397
parent d516502011
2 changed files with 48 additions and 2 deletions
--- a/auth/forgot.php
+++ b/auth/forgot.php
@ -57,6 +57,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {

 // API for sending code
 if (isset($_GET['action']) && $_GET['action'] === 'send_code') {
+    ob_start();
    header('Content-Type: application/json');
    $account = $_GET['account'] ?? '';
    $type = $_GET['type'] ?? 'email';
@ -66,6 +67,7 @@ if (isset($_GET['action']) && $_GET['action'] === 'send_code') {
    
    if ($type === 'email') {
        if (!filter_var($account, FILTER_VALIDATE_EMAIL)) {
+            ob_clean();
            echo json_encode(['success' => false, 'error' => __('invalid_email')]);
            exit;
        }
@ -75,6 +77,7 @@ if (isset($_GET['action']) && $_GET['action'] === 'send_code') {
        $content = __('verification_code') . ": $code";
        $res = MailService::sendMail($account, $subject, $content, $content);
        if (!$res['success']) {
+            ob_clean();
            echo json_encode(['success' => false, 'error' => $res['error'] ?? __('send_failed')]);
            exit;
        }
@ -83,6 +86,7 @@ if (isset($_GET['action']) && $_GET['action'] === 'send_code') {
        // SMS logic here if needed
    }
    
+    ob_clean();
    echo json_encode(['success' => true]);
    exit;
 }
@ -241,13 +245,25 @@ function sendCode() {
    }
    
    const btn = document.getElementById('sendBtn');
+    const oldText = btn.innerText;
    btn.disabled = true;
    
    fetch('?action=send_code&account=' + encodeURIComponent(account) + '&type=' + type)
-        .then(res => res.json())
+        .then(res => {
+            if (!res.ok) throw new Error('Network error: ' + res.status);
+            return res.text().then(text => {
+                try {
+                    return JSON.parse(text);
+                } catch(e) {
+                    console.error('Raw response:', text);
+                    throw new Error('Invalid JSON response');
+                }
+            });
+        })
        .then(data => {
            if (data.success) {
                let seconds = 60;
+                btn.innerText = seconds + 's';
                const timer = setInterval(() => {
                    seconds--;
                    btn.innerText = seconds + 's';
@ -260,7 +276,14 @@ function sendCode() {
            } else {
                alert(data.error || '<?= __('send_failed') ?>');
                btn.disabled = false;
+                btn.innerText = oldText;
            }
+        })
+        .catch(err => {
+            console.error(err);
+            alert('Error: ' + err.message);
+            btn.disabled = false;
+            btn.innerText = oldText;
        });
 }
 </script>
--- a/auth/register.php
+++ b/auth/register.php
@ -80,12 +80,14 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {

 // Add API for sending verification code
 if (isset($_GET['action']) && $_GET['action'] === 'send_code') {
+    ob_start();
    header('Content-Type: application/json');
    $account = $_GET['account'] ?? '';
    $type = $_GET['type'] ?? 'email';
    
    if ($type === 'email') {
        if (!filter_var($account, FILTER_VALIDATE_EMAIL)) {
+            ob_clean();
            echo json_encode(['success' => false, 'error' => __('invalid_email')]);
            exit;
        }
@ -102,6 +104,7 @@ if (isset($_GET['action']) && $_GET['action'] === 'send_code') {
        $res = MailService::sendMail($account, $subject, $content, $content);
        
        if (!$res['success']) {
+            ob_clean();
            echo json_encode(['success' => false, 'error' => $res['error'] ?? __('send_failed')]);
            exit;
        }
@ -111,6 +114,7 @@ if (isset($_GET['action']) && $_GET['action'] === 'send_code') {
        // For now, we just store it in session.
    }
    
+    ob_clean();
    echo json_encode(['success' => true]);
    exit;
 }
@ -296,13 +300,25 @@ function sendCode() {
    }
    
    const btn = document.getElementById('sendBtn');
+    const oldText = btn.innerText;
    btn.disabled = true;
    
    fetch('?action=send_code&account=' + encodeURIComponent(account) + '&type=' + type)
-        .then(res => res.json())
+        .then(res => {
+            if (!res.ok) throw new Error('Network error: ' + res.status);
+            return res.text().then(text => {
+                try {
+                    return JSON.parse(text);
+                } catch(e) {
+                    console.error('Raw response:', text);
+                    throw new Error('Invalid JSON response');
+                }
+            });
+        })
        .then(data => {
            if (data.success) {
                let seconds = 60;
+                btn.innerText = seconds + 's';
                const timer = setInterval(() => {
                    seconds--;
                    btn.innerText = seconds + 's';
@ -315,7 +331,14 @@ function sendCode() {
            } else {
                alert(data.error || '<?= __('send_failed') ?>');
                btn.disabled = false;
+                btn.innerText = oldText;
            }
+        })
+        .catch(err => {
+            console.error(err);
+            alert('Error: ' + err.message);
+            btn.disabled = false;
+            btn.innerText = oldText;
        });
 }
 </script>