Server IP : 184.154.167.98 / Your IP : 18.219.245.127 Web Server : Apache System : Linux pink.dnsnetservice.com 4.18.0-553.22.1.lve.1.el8.x86_64 #1 SMP Tue Oct 8 15:52:54 UTC 2024 x86_64 User : puertode ( 1767) PHP Version : 8.2.26 Disable Function : NONE MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : ON | Pkexec : ON Directory : /home/puertode/public_html/oficios/sis/ |
Upload File : |
<?php require('includes/config.php'); //if logged in redirect to members page if( $user->is_logged_in() ){ header('Location: memberpage.php'); exit(); } $resetToken = hash('SHA256', ($_GET['key'])); $stmt = $db->prepare('SELECT resetToken, resetComplete FROM members WHERE resetToken = :token'); $stmt->execute(array(':token' => $resetToken)); $row = $stmt->fetch(PDO::FETCH_ASSOC); //if no token from db then kill the page if(empty($row['resetToken'])){ $stop = 'Token no válido proporcionado, por favor utilice el enlace proporcionado en el correo electrónico de restablecimiento.'; } elseif($row['resetComplete'] == 'Yes') { $stop = 'Su contraseña ya ha sido cambiada!'; } //if form has been submitted process it if(isset($_POST['submit'])){ if (!isset($_POST['password']) || !isset($_POST['passwordConfirm'])) $error[] = 'Ambos campos de contraseña deben introducirse'; //basic validation if(strlen($_POST['password']) < 3){ $error[] = 'La contraseña es demasiado corta.'; } if(strlen($_POST['passwordConfirm']) < 3){ $error[] = 'Confirme que la contraseña es demasiado corta.'; } if($_POST['password'] != $_POST['passwordConfirm']){ $error[] = 'Las contraseñas no coinciden.'; } //if no errors have been created carry on if(!isset($error)){ //hash the password $hashedpassword = $user->password_hash($_POST['password'], PASSWORD_BCRYPT); try { $stmt = $db->prepare("UPDATE members SET password = :hashedpassword, resetComplete = 'Yes' WHERE resetToken = :token"); $stmt->execute(array( ':hashedpassword' => $hashedpassword, ':token' => $row['resetToken'] )); //redirect to index page header('Location: index.php?action=resetAccount'); exit; //else catch the exception and show the error. } catch(PDOException $e) { $error[] = $e->getMessage(); } } } //define page title $title = 'Reset Account'; //include header template require('layout/header.php'); ?> <div class="container"> <div class="row"> <div class="col-xs-12 col-sm-8 col-md-6 col-sm-offset-2 col-md-offset-3"> <?php if(isset($stop)){ echo "<p class='bg-danger'>$stop</p>"; } else { ?> <form role="form" method="post" action="" autocomplete="off"> <h2>Cambiar Password</h2> <hr> <?php //check for any errors if(isset($error)){ foreach($error as $error){ echo '<p class="bg-danger">'.$error.'</p>'; } } //check the action switch ($_GET['action']) { case 'active': echo "<h2 class='bg-success'>Ahora tu cuenta está activa, ya que puedes iniciar sesión.</h2>"; break; case 'reset': echo "<h2 class='bg-success'>Por favor revise su bandeja de entrada para un enlace de restablecimiento.</h2>"; break; } ?> <div class="row"> <div class="col-xs-6 col-sm-6 col-md-6"> <div class="form-group"> <input type="password" name="password" id="password" class="form-control input-lg" placeholder="Password" tabindex="1"> </div> </div> <div class="col-xs-6 col-sm-6 col-md-6"> <div class="form-group"> <input type="password" name="passwordConfirm" id="passwordConfirm" class="form-control input-lg" placeholder="Confirmar Password" tabindex="1"> </div> </div> </div> <hr> <div class="row"> <div class="col-xs-6 col-md-6"><input type="submit" name="submit" value="Cambiar Password" class="btn btn-primary btn-block btn-lg" tabindex="3"></div> </div> </form> <?php } ?> </div> </div> </div> <?php //incluimos el pie de pagina require('layout/footer.php'); ?>