public function motdepasseperdu()
{
$template = "";
if (isset($_POST['email'], $_POST['pseudo']) and !empty($_POST['email']) and !empty($_POST['pseudo'])) {
$email = $this->mysql->real_escape_string($_POST['email']);
$pseudo = $this->mysql->real_escape_string($_POST['pseudo']);
$sql = 'SELECT uid FROM utilisateurs WHERE UPPER(pseudo)=UPPER("' . $pseudo . '") AND LOWER(email)=LOWER("' . $email . '")';
$req = $this->mysql->query($sql);
if ($data = $req->fetch_row()) {
$user = new Utilisateurs($data[0]);
$hash = $user->genConfirmCode();
$sql = 'UPDATE utilisateurs SET cvalidation="' . $hash . '",uetat=3 WHERE uid=' . $user->getUid();
$this->mysql->query($sql);
$email = trim(file_get_contents(PARTIAL . 'mail_lostpassword'));
$email = str_replace('{{PSEUDO}}', $user->getLogin(), $email);
$email = str_replace('{{IP}}', $_SERVER['REMOTE_ADDR'], $email);
$email = str_replace('{{CONFIRMCODE}}', $hash, $email);
$mailo = new Email();
$mailo->send($user->getEmail(), "Redéfinition de votre mot de passe", $email, $user->getLogin());
$template = '<div class="message">Un e-mail avec les informations concernants la redéfinition de votre mot de passe vient de vous être envoyé</div>';
} else {
$template = '<div class="erreur">Utilisateur introuvable</div>';
}
} elseif (isset($_GET['confirmcode']) and !empty($_GET['confirmcode'])) {
$hash = $this->mysql->real_escape_string($_GET['confirmcode']);
$sql = 'SELECT uid FROM utilisateurs WHERE cvalidation="' . $hash . '"';
$req = $this->mysql->query($sql);
if ($data = $req->fetch_row()) {
$uid = $data[0];
$user = new Utilisateurs($uid);
if (isset($_POST['password'], $_POST['password2']) and !empty($_POST['password']) and !empty($_POST['password2'])) {
$user->updatePassword($uid, $_POST['password']);
$sql = 'UPDATE utilisateurs SET uetat=1,cvalidation="" WHERE uid=' . $uid;
$this->mysql->query($sql);
$template = "<div class='message'>Mot de passe mis à jour avec succès ! Vous pouvez maintenant vous connecter</div>";
} else {
$template = file_get_contents(PARTIAL . 'password_form.xhtml');
}
} else {
$template = "<div class='erreur'>Aucune demande de redéfinition de mot de passe trouvée pour ce code";
}
} else {
$template = file_get_contents(PARTIAL . 'motdepasseperdu.xhtml');
}
return $template;
}
<label for="">Prénom :</label> <input type="text" name="Userprenom" class="form-control" value="<?php echo isset($_POST['Userprenom']) ? $_POST['Userprenom'] : $us->getPrenom(); ?> " required/> <label for="">Mail :</label> <input type="email" name="Usermail" class="form-control" value="<?php echo isset($_POST['Usermail']) ? $_POST['Usermail'] : $us->getMail(); ?> " required/> <label for="">Pseudo :</label> <input type="text" name="Username" class="form-control" value="<?php echo isset($_POST['Username']) ? $_POST['Username'] : $us->getLogin(); ?> " required/> <label for="">Mot de passe :</label> <input type="password" name="Userpasswd" class="form-control" placeholder="Changer le mot de passe" /> <label for="">Confirmation de mot de passe :</label> <input type="password" name="Userpasswd_confirm" class="form-control" placeholder="Confirmer le mot de passe"/> <label for="">Profil :</label> <select name="UserProfil" class="form-control" required <?php echo $_SESSION['auth'][6] == 2 ? 'disabled="true"' : ''; ?> > <option value="1" <?php
