-
Notifications
You must be signed in to change notification settings - Fork 0
/
forget.php
235 lines (176 loc) · 8.24 KB
/
forget.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
<?php session_start(); ?>
<!--
Author: Khalil Greenidge
Email: [email protected]
Created: 37/04/2015
-->
<!DOCTYPE html>
<html class="bg-black">
<head>
<meta charset="UTF-8">
<title>HEDU IMS | Reset Password</title>
<meta content='width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no' name='viewport'>
<link rel="shortcut icon" href="dist/img/logo.gif" />
<link href="dist/css/bootstrap.min.css" rel="stylesheet" type="text/css" />
<link href="https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css" rel="stylesheet" type="text/css" />
<!-- Theme style -->
<link href="dist/css/AdminLTE.min.css" rel="stylesheet" type="text/css" />
</head>
<body class="bg-black">
<div class="form-box" id="login-box">
<div class="header">Forgot your password?</div>
<form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]); ?>" method="post">
<div class="body bg-gray">
<div class="form-group">
<input type="email" name="email" class="form-control" placeholder="Account Email" autocomplete="on" required />
</div>
</div>
<div class="footer">
<button type="submit" class="btn bg-olive btn-block">Reset Password</button>
</div>
</form>
<?php
//DEFINE VARIABLES
$email = $hash = $dbemail = $dbuser = "";
if($_SERVER["REQUEST_METHOD"] == "POST" ){
$email = filter_var($_POST["email"], FILTER_SANITIZE_EMAIL);
function test_input($data){
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$emailErr = "Invalid email format";
}
else{
return data;
}
}
//GENERATE RANDOM LINK
$hash = md5($email.time());
//SET DATES TO EXPIRE
date_default_timezone_set("America/La_Paz");
$mkdate = getdate(date("U"));
$startDate = "$mkdate[year]"."-".date("m-d");
$endDate = date("Y-m-d", strtotime("today +7 days"));
//GET USERNAME FROM DATABASE
//ESTABLISH CONNECT
$con = mysqli_connect("localhost", "root", "");
//CONNECT TO DB
$db = mysqli_select_db($con, "heduis");
//MAKE QUERY
$rs = mysqli_query($con, "SELECT * FROM users WHERE email='$email' ") or die('Error: '.mysqli_error());
$rs1 = mysqli_query($con, "INSERT INTO activation_links VALUES('$hash', '$startDate', '$endDate')") or die('Error: '.mysqli_error());
if(!$con || !$db){
echo "Error: ".mysqli_error();
}
else{
if(mysqli_num_rows($rs) < 1){
//EMAIL ISNT FOUND
echo $email." is not found.";
exit;
}
else{
//EXTRACT DATABASE USER AND CREATE SESSION
while($row = mysqli_fetch_array($rs)){
$dbuser = $row["user"];
}
$rs2 = mysqli_query($con, "INSERT INTO password_reset(user, hash) VALUES('$dbuser', '$hash' )") or die('Error: '.mysqli_error());
$subject = "HEDU IMS | Password Reset Confirmation";
// the message
$msg ='
<!--BACKGROUND TABLE-->
<head>
<link href="http://fonts.googleapis.com/css?family=Source+Sans+Pro" rel="stylesheet" type="text/css">
</head>
<table width="100%" border="0" cellspacing="0" cellpadding="0" bgcolor="#ffffff" align="center" style="padding-top:0px;font-family:Arial,Helvetica,sans-serif;font-weight:normal;font-size:14px;line-height:19px;color:#444444;border-collapse:collapse;background-color:#ececec">
<tbody>
<tr>
<td width="100%">
<br>
<!--INNER TABLE-->
<table width="600" cellspacing="0" cellpadding="0" border="0" align="center" style="font-family: "Source Sans Pro","Helvetica Neue",Helvetica,Arial,sans-serif;">
<tbody>
<!--HEADER ROW-->
<tr style="background-color: #3c8dbc"; align="center">
<td width="100%\" height="75" border="0" cellspacing="0" cellpadding="0"
style="background-color: #3c8dbc;!important;font-family:
Arial,Helvetica,sans-serif;font-weight:normal;font-size:20px;
line-height:19px;color: white;border-collapse:collapse">
<a href="http://localhost:8000/index.php" style="text-decoration:none;display:inline; color: white" target="_blank\">
<img alt="logo" border="0" style="vertical-align:middle;display:inline;
float:none" src="http://s14.postimg.org/ojywskxwt/logo.gif" width="80" height="75" class="CToWUd\">
HEDU IMS</a>
</td>
</tr><!--END HEADER ROW-->
<tr><!--CONTENT 1-->
<td width="100%" border="0" cellspacing="0" cellpadding="0" bgcolor="#ffffff" Height="100%" valign="top" style="padding:30px 68px 22px; font-family:Arial,Helvetica,sans-serif;font-weight:normal;font-size:14px;line-height:19px;color:#444444;background-color:#ffffff!important; border-bottom:0; "> <!--border-collapse:collapse;-->
<p style="line-height:24px!important;font-size:14px!important;margin-bottom:20px">
Hi '.$dbuser.',<br>
<br>
You recently requested to reset your HEDU IMS password.<br>
Please set a new password by clicking the link below:<br/>
<br/><br/>
<a href="http://localhost:8000/updatepwd.php?hash='.$hash.' ">http://localhost:8000/updatepwd.php?hash='.$hash.'</a><br/><br/>
Your link will expire in 7 days and on activation!
<br/><br/><br/>
<p style="font-family:Arial,Helvetica,sans-serif;font-weight:normal;font-size:14px;line-height:24px;margin-top:0!important;margin-bottom:0!important">
Thanks!<br/>
HEDU IMS
</p>
<p style="margin-bottom:6px">
<br/>
Have a question or query? <br/>Send an email to [email protected]
</p>
<br/>
</td>
</tr><!--END CONTENT-->
<!--FOOTER-->
<tr style="background: #3c8dbc">
<td width="100%" height="82" align="center" valign="middle" style="padding:0px 13px 12px; vertical-align:middle;height: 100%; line-height: 20px;text-align: center; color: #ccc;font-size: 11px;">
<br/>
<h3>H E D U I M S</h3>
<p>© 2015 - '.date("Y").',
Developed by: <a href="mailto:[email protected]" target="_blank">Khalil Greenidge</a> </p>
</td>
</tr>
</tbody>
</table><!--END INNER TABLE-->
<!--FINE LINES-->
<table width="100%" bgcolor="#ECECEC" border="0" cellspacing="0" cellpadding="0" style="font-family:Arial,Helvetica,sans-serif;font-weight:normal;font-size:14px;line-height:19px;color:#7e7e7e;border-collapse:collapse">
<tbody>
<tr>
<td width="100%" style="text-align:left;color:#7e7e7e!important;font-size:10px;line-height:14px;padding:10px 15px">
<p style="text-align:center;color:#a4a4a4">
Please do not reply directly to this email. This is an automated service.<br>
You can reach tech support by sending a message to <a href="mailto:[email protected]" target="_blank">techadmin@<span class="il">hedu</span>.edu.bb</a>.<br/><br/></p>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>';
// use wordwrap() if lines are longer than 70 characters
//$msg = wordwrap($msg,70);
$headers = "MIME-Version: 1.0" . "\r\n";
$headers .= "Content-type:text/html;charset=UTF-8" . "\r\n";
date_default_timezone_set("America/La_Paz");
$headers .= "Date: ".date("Y/m/d, h:i:sa")."\r\n";
$headers .= "From: HEDU IMS<[email protected]>";
// send email
if(mail($email,$subject,$msg, $headers)){
//SHOW MESSAGE
echo "<div id=\"ani\" class=\"success\">Mail Sent! <img src=\"dist/img/tick.png\"/></div>";
//NB *** THE BUTTON ONLY WORKS IN GMAIL AND NOT HOTMAIL!!
}
else {
//ERROR
echo "<div id=\"ani\" class=\"error\"><img src=\"dist/img/x.png\"/> Error! </div>";
}
}
}//END FOUND EMAIL
}//END POST
?>
</div>
<script src="http://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js"></script>
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.2.0/js/bootstrap.min.js" type="text/javascript"></script>
</body>
</html>