/
reset_password.php
63 lines (60 loc) · 2.71 KB
/
reset_password.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
<?php
$page_title = "TutorMe Reset Profile";
require_once("html/html_header.html"); ?>
<div id="content">
<div id="main-content">
<h4 class="text-center"><span class="title">TutorMe</span> Account Activation</h4>
<?php
require_once(CLASSES_PATH . "InfoManager.php");
$false_info = "<p> This account does not exist in our system! </p>" . $redirect_script;
# requested password reset...
if (isset($_POST["user_email"])) {
$email = $_POST["user_email"];
if (userExists($email) === true) {
$user_id = getUserIdByEmail($email);
sendResetMail($email, $user_id, updateCode($user_id));
echo "<p> An email with instructions to reset your password was sent to your inbox. </p>";
} else {
echo $false_info;
}
} else if (isset($_GET["id"], $_GET["code"])) { # checking reset password link...
$id = $_GET["id"];
$code = $_GET["code"];
$u = getFullUserById($id);
$valid = true;
if ($u === null) {
echo $false_info;
$valid = false;
}
if ($code !== $u["activation_code"]) {
echo $FALSE_INFO_ERR;
} else if ($valid) {
require_once("views/change_password_form.html");
}
} else if (isset($_POST["password"], $_POST["confirm_password"], $_POST["id"])) { # resetting password...
$id = $_POST["id"];
$password = trim($_POST["password"]);
$confirm_password = trim($_POST["confirm_password"]);
$valid = true;
if (!isValidPassword($password)) {
echo "<p>" . INVALID_PASSWORD_ERR . "</p>" . $back_script;
$valid = false;
} else if ($password !== $confirm_password) {
echo "<p>" . INVALID_CONFIRM_PASS_ERR . "</p>" . $back_script;
$valid = false;
}
$u = getUserById($id);
if (is_null($u)) { # TODO: && isValidCode($u["activation_code"]) # no?
echo $FALSE_INFO_ERR;
} else if ($valid) {
changePassword($id, hashPassword($password));
activateAccount($id);
echo "<p> Password successfully changed! </p>" . $redirect_script;
}
} else {
echo $redirect_script;
}
?>
</div>
</div>
<?php require_once("html/html_footer.html"); ?>