-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathdata-reset.php
79 lines (54 loc) · 1.58 KB
/
data-reset.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
<?php
/**
* @package
*
* @copyright Copyright (C) 2019, All rights reserved.
* @license MIT License version or later; see licensing/LICENSE.txt
*/
session_start(); // Starting Session
require_once("class.user.php");
$auth_user = new USER();
if (isset($_POST['operation'])) {
if ($_POST['operation'] == "submit_resetpass") {
$output = array();
$user_ID = strip_tags($_POST['user_ID']);
$reset_pass = strip_tags($_POST['reset_pass']);
$reset_cpass = strip_tags($_POST['reset_cpass']);
if($reset_pass === $reset_cpass)
{
$stmt = $auth_user->runQuery("SELECT * FROM `user_account` WHERE user_ID = :user_ID
LIMIT 1");
$stmt->execute(array(':user_ID'=>$user_ID));
$userRow=$stmt->fetch(PDO::FETCH_ASSOC);
if($stmt->rowCount() == 1)
{
$user_Reset = $userRow['user_Reset'];
if($user_Reset === 0 || $user_Reset < 1)
{
$output['error'] = "Password Change Limit Reach";
}
else
{
$user_Reset--;
$new_password = password_hash($reset_cpass, PASSWORD_DEFAULT);
$stmt = $auth_user->runQuery("UPDATE `user_account`
SET
`user_Pass` = :user_Pass ,
`user_Reset` = :user_Reset
WHERE `user_account`.`user_ID` = :user_ID");
$stmt->bindparam(":user_ID", $user_ID);
$stmt->bindparam(":user_Pass", $new_password);
$stmt->bindparam(":user_Reset", $user_Reset);
$stmt->execute();
$output['success'] = "Password successfully change";
}
}
}
else
{
$output['error'] = "Password not match";
}
echo json_encode($output,true);
}
}
?>