admin/38682-vm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
38682-vm/reset_password.php
Flatlogic Bot 9b31c32aba smtp config
2026-02-27 06:54:46 +00:00

111 lines
4.0 KiB
PHP
Raw Blame History

<?php
require_once __DIR__ . '/db/config.php';
require_once __DIR__ . '/includes/functions.php';
init_session();
$baseUrl = get_base_url();
$settings = get_company_settings();
$error = '';
$token = $_GET['token'] ?? '';
$user = null;
if (empty($token)) {
header("Location: login.php");
exit;
}
$pdo = db();
$stmt = $pdo->prepare("SELECT id, username, reset_token_expiry FROM users WHERE reset_token = ? AND is_deleted = 0 LIMIT 1");
$stmt->execute([$token]);
$user = $stmt->fetch(PDO::FETCH_ASSOC);
if (!$user || strtotime($user['reset_token_expiry']) < time()) {
$error = "This password reset link is invalid or has expired.";
}
if ($_SERVER['REQUEST_METHOD'] === 'POST' && !$error) {
$password = $_POST['password'] ?? '';
$confirmPassword = $_POST['confirm_password'] ?? '';
if (empty($password)) {
$error = "Please enter a new password.";
} elseif ($password !== $confirmPassword) {
$error = "Passwords do not match.";
} elseif (strlen($password) < 6) {
$error = "Password must be at least 6 characters long.";
} else {
$hashedPassword = password_hash($password, PASSWORD_DEFAULT);
$stmt = $pdo->prepare("UPDATE users SET password = ?, reset_token = NULL, reset_token_expiry = NULL WHERE id = ?");
$stmt->execute([$hashedPassword, $user['id']]);
header("Location: login.php?reset=success");
exit;
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Reset Password - <?= htmlspecialchars($settings['company_name']) ?></title>
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/bootstrap.min.css" rel="stylesheet">
<link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/bootstrap-icons@1.10.0/font/bootstrap-icons.css">
<link rel="stylesheet" href="<?= $baseUrl ?>assets/css/custom.css">
<style>
body {
background: linear-gradient(135deg, #f5f7fa 0%, #c3cfe2 100%);
height: 100vh;
display: flex;
align-items: center;
justify-content: center;
}
.login-card {
width: 100%;
max-width: 400px;
border-radius: 1.5rem;
box-shadow: 0 1rem 3rem rgba(0,0,0,0.1);
}
</style>
</head>
<body>
<div class="card login-card border-0">
<div class="card-body p-5">
<div class="text-center mb-4">
<h3 class="fw-bold">Set New Password</h3>
<p class="text-muted small">Choose a secure password for your account</p>
</div>
<?php if ($error): ?>
<div class="alert alert-danger small py-2"><?= $error ?></div>
<div class="text-center mt-3">
<a href="forgot_password.php" class="small text-decoration-none">Request a new reset link</a>
</div>
<?php else: ?>
<form method="POST">
<div class="mb-3">
<label class="form-label small fw-medium">New Password</label>
<div class="input-group">
<span class="input-group-text bg-light border-0"><i class="bi bi-lock"></i></span>
<input type="password" name="password" class="form-control bg-light border-0" required autofocus>
</div>
</div>
<div class="mb-4">
<label class="form-label small fw-medium">Confirm New Password</label>
<div class="input-group">
<span class="input-group-text bg-light border-0"><i class="bi bi-lock-fill"></i></span>
<input type="password" name="confirm_password" class="form-control bg-light border-0" required>
</div>
</div>
<button type="submit" class="btn btn-primary w-100 py-2 fw-bold">Reset Password</button>
</form>
<?php endif; ?>
</div>
</div>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink