public function resetPWD($user, $type) { $this->type = $type; if ($this->type == 'username') { $this->username = $user; global $isv_db; //select email from the db $stmt = $isv_db->prepare("SELECT email FROM users WHERE username=?"); $stmt->bind_param('s', $this->username); $stmt->execute(); $stmt->store_result(); $stmt->bind_result($userEmail); $stmt->fetch(); if ($stmt->num_rows() < 1) { $stmt->close(); $_SESSION['isv_error'] = 'No such user found in our database'; header('location:' . ISVIPI_URL . 'forgot'); exit; } $this->email = $userEmail; //check if a validation code already exists in our db if (valid_codeExists($this->email, 'email')) { global $exstCode; $newCode = $exstCode; //update our query time $stmt->prepare("UPDATE user_validations SET time=UTC_TIMESTAMP() WHERE code=?"); $stmt->bind_param('s', $newCode); $stmt->execute(); $stmt->close(); } else { //generate validation code $newCode = randomCode($this->email, '25'); //save in our db $stmt->prepare("INSERT INTO user_validations (email,code,time) VALUES (?,?,UTC_TIMESTAMP())"); $stmt->bind_param('ss', $this->email, $newCode); $stmt->execute(); $stmt->close(); } } else { if ($this->type == 'email') { $this->email = $user; //check if a user with this email exists global $isv_db; $stmt = $isv_db->prepare("SELECT id FROM users WHERE email=?"); $stmt->bind_param('s', $this->email); $stmt->execute(); $stmt->store_result(); $stmt->bind_result($userID); $stmt->fetch(); if ($stmt->num_rows() < 1) { $stmt->close(); $_SESSION['isv_error'] = 'No such user found in our database'; header('location:' . ISVIPI_URL . 'forgot'); exit; } //check if a validation code already exists in our db if (valid_codeExists($this->email, 'email')) { global $exstCode; $newCode = $exstCode; //update our query time $stmt->prepare("UPDATE user_validations SET time=UTC_TIMESTAMP() WHERE code=?"); $stmt->bind_param('s', $newCode); $stmt->execute(); $stmt->close(); } else { //generate validation code $newCode = randomCode($this->email, '25'); //save in our db $stmt = $isv_db->prepare("INSERT INTO user_validations (email,code,time) VALUES (?,?,UTC_TIMESTAMP())"); $stmt->bind_param('ss', $this->email, $newCode); $stmt->execute(); $stmt->close(); } } } /* include our email functions file */ require_once ISVIPI_FUNCTIONS_BASE . 'emails/resetPWD_email.php'; // send our email $siteInfo = new siteManager(); $isv_siteSettings = $siteInfo->getSiteSettings(); $isv_siteDetails = $siteInfo->getSiteInfo(); sendResetPWDEmail($this->email, $newCode, $isv_siteDetails['s_email'], $isv_siteDetails['s_title'], $isv_siteDetails['s_url'], $isv_siteSettings['logo']); //redirect with a success message $_SESSION['isv_success'] = 'An email with your password reset link has been sent to ' . $this->email . '. Follow instructions in the email to change your password.'; header('location:' . ISVIPI_URL . 'forgot'); exit; }
public function __construct($_code) { $this->code = $_code; //check if the code is valid if (!valid_codeExists($this->code, 'code')) { $_SESSION['isv_error'] = 'Invalid validation code. Check your email for the correct validation code.'; notFound404Err(); exit; } //activate user global $isv_db, $exstEmail; $newStatus = 1; $stmt = $isv_db->prepare("UPDATE users SET status=? where email=?"); $stmt->bind_param('is', $newStatus, $exstEmail); $stmt->execute(); //delete code $stmt->prepare("DELETE from user_validations where code=?"); $stmt->bind_param('s', $this->code); $stmt->execute(); $stmt->close(); //redirect to index page with success message $_SESSION['isv_success'] = 'Account Activated. Please sign in to proceed.'; header('location:' . ISVIPI_URL . ''); exit; }
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. ******************************************************/ require_once ISVIPI_PAGES_BASE . 'base.php'; if (!isset($PAGE[1]) || empty($PAGE[1])) { $_SESSION['isv_error'] = 'Password reset code not found'; header('location:' . ISVIPI_URL . '404/'); exit; } $rCode = cleanGET($PAGE[1]); //check to see if the reset code exists if (!valid_codeExists($rCode, 'code')) { $_SESSION['isv_error'] = 'No such password reset code found in our database'; header('location:' . ISVIPI_URL . '404/'); exit; } $_SESSION['isv_pwd_change_eml'] = $exstEmail; $_SESSION['isv_pwd_code'] = $rCode; include_once ISVIPI_ACT_THEME . 'reset.php';