admin/38682-vm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
38682-vm/forgot_password.php
Flatlogic Bot 9b31c32aba smtp config
2026-02-27 06:54:46 +00:00

123 lines
4.9 KiB
PHP
Raw Blame History

<?php
require_once __DIR__ . '/db/config.php';
require_once __DIR__ . '/includes/functions.php';
require_once __DIR__ . '/mail/MailService.php';
init_session();
$baseUrl = get_base_url();
$settings = get_company_settings();
$error = '';
$success = '';
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$email = $_POST['email'] ?? '';
if (empty($email)) {
$error = 'Please enter your email address.';
} else {
$pdo = db();
$stmt = $pdo->prepare("SELECT id, username, full_name FROM users WHERE email = ? AND is_deleted = 0 LIMIT 1");
$stmt->execute([$email]);
$user = $stmt->fetch(PDO::FETCH_ASSOC);
if ($user) {
$token = bin2hex(random_bytes(32));
$expiry = date('Y-m-d H:i:s', strtotime('+1 hour'));
$stmt = $pdo->prepare("UPDATE users SET reset_token = ?, reset_token_expiry = ? WHERE id = ?");
$stmt->execute([$token, $expiry, $user['id']]);
$resetLink = $baseUrl . "reset_password.php?token=" . $token;
$subject = "Password Reset Request - " . $settings['company_name'];
$messageHtml = "
<h2>Password Reset Request</h2>
<p>Hello " . htmlspecialchars($user['full_name'] ?: $user['username']) . ",</p>
<p>We received a request to reset your password. Click the button below to set a new password:</p>
<p><a href='$resetLink' style='background: #0d6efd; color: white; padding: 10px 20px; text-decoration: none; border-radius: 5px; display: inline-block;'>Reset Password</a></p>
<p>If you did not request this, please ignore this email.</p>
<p>This link will expire in 1 hour.</p>
";
$messageTxt = "Hello, click here to reset your password: $resetLink. This link will expire in 1 hour.";
$res = MailService::sendMail($email, $subject, $messageHtml, $messageTxt);
if (!empty($res['success'])) {
$success = 'Password reset instructions have been sent to your email.';
} else {
$error = 'Failed to send reset email. Please contact administrator.';
// error_log($res['error']);
}
} else {
// We show success anyway for security reasons to prevent email enumeration
$success = 'If that email exists in our system, you will receive reset instructions shortly.';
}
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Forgot Password - <?= htmlspecialchars($settings['company_name']) ?></title>
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/bootstrap.min.css" rel="stylesheet">
<link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/bootstrap-icons@1.10.0/font/bootstrap-icons.css">
<link rel="stylesheet" href="<?= $baseUrl ?>assets/css/custom.css">
<style>
body {
background: linear-gradient(135deg, #f5f7fa 0%, #c3cfe2 100%);
height: 100vh;
display: flex;
align-items: center;
justify-content: center;
}
.login-card {
width: 100%;
max-width: 400px;
border-radius: 1.5rem;
box-shadow: 0 1rem 3rem rgba(0,0,0,0.1);
}
</style>
</head>
<body>
<div class="card login-card border-0">
<div class="card-body p-5">
<div class="text-center mb-4">
<h3 class="fw-bold">Forgot Password</h3>
<p class="text-muted small">Enter your email address to receive a reset link</p>
</div>
<?php if ($error): ?>
<div class="alert alert-danger small py-2"><?= $error ?></div>
<?php endif; ?>
<?php if ($success): ?>
<div class="alert alert-success small py-2"><?= $success ?></div>
<div class="text-center mt-3">
<a href="login.php" class="small text-decoration-none"><i class="bi bi-arrow-left"></i> Back to Login</a>
</div>
<?php else: ?>
<form method="POST">
<div class="mb-4">
<label class="form-label small fw-medium">Email Address</label>
<div class="input-group">
<span class="input-group-text bg-light border-0"><i class="bi bi-envelope"></i></span>
<input type="email" name="email" class="form-control bg-light border-0" required autofocus>
</div>
</div>
<button type="submit" class="btn btn-primary w-100 py-2 fw-bold mb-3">Send Reset Link</button>
<div class="text-center">
<a href="login.php" class="small text-decoration-none">Back to Login</a>
</div>
</form>
<?php endif; ?>
</div>
</div>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink