-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathpasswordreset1.php
More file actions
57 lines (50 loc) · 1.6 KB
/
passwordreset1.php
File metadata and controls
57 lines (50 loc) · 1.6 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
<?php
require_once "templates/page_setup.php";
$page_name = "forgot_pass";
include "templates/header.php";
include "templates/jumbotron.php";
?>
<?php
if (isset($_GET['key']) && $_GET['key'] != $_SESSION['token']){
echo '<h2 align="center">You arrived here by accident, please return to <a href="index.php">home page</a>.</h2>';
include 'templates/footer.php';
die();
}
function resetUserPassword($email, $newpwhash){
$input = fopen('lib/users.csv', 'r') or die ("Can't open file");
$output = fopen('lib/temp.csv', 'w+');
while(!feof($input)){
$line = fgets($input, 2048);
$data = str_getcsv($line, ",");
if(isset($data[3]) and $data[3] == $email){
$data[1] = $newpwhash;
}
fputcsv($output,$data,",");
}
fclose($input);
fclose($output);
unlink('lib/users.csv');
rename('lib/temp.csv','lib/users.csv');
}
?>
<div class="contents">
<?php
if (isset($_POST['new']) && isset($_POST['confirm'])){
if ($_POST['new'] != $_POST['confirm']){
echo '<h2 align="center">The entered passwords are not the same</h2>';
}
else{
$new_pass = password_hash(strip_tags($_POST['new']), PASSWORD_BCRYPT);
$email = $_SESSION['email'];
resetUserPassword($email, $new_pass);
echo '<h2 align="center">Password changed! <a href="login.php">Login</a></h2>';
}
}
?>
<form action="#" method="post">
New Password: <input type="password" name="new"><br/><br/>
Confirm Password: <input type="password" name="confirm"><br/><br/>
<input type="submit" value="Submit">
</form>
</div>
<?php require 'templates/footer.php';?>