die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('WRONG_USERNAME') . "\n" . $user->lang('CHAR_NOT_ALLOWED') . ': +'));
}
if (is_numeric(strpos($userData['username'], '&'))) {
die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('WRONG_USERNAME') . "\n" . $user->lang('CHAR_NOT_ALLOWED') . ': &'));
}
if (is_numeric(strpos($userData['username'], '%'))) {
die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('WRONG_USERNAME') . "\n" . $user->lang('CHAR_NOT_ALLOWED') . ': %'));
}
if (filter_var($userData['username'], FILTER_VALIDATE_EMAIL)) {
die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('WRONG_USERNAME') . "\n" . $user->lang('USERNAME_CANT_BE_EMAIL')));
}
if ($userData['username'] !== Messages::stripTags($userData['username'])) {
die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('WRONG_USERNAME') . "\n" . $user->lang('CHAR_NOT_ALLOWED') . ': BBCode or [ ]'));
}
}
switch (Security::passwordControl($userData['password'])) {
case 'PASSWORD_SHORT':
die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('PASSWORD_SHORT') . "\n" . $user->lang('MIN_LENGTH') . ': ' . Config\MIN_LENGTH_PASS));
case 'PASSWORD_LONG':
if (!$user->isLogged() || $updatedPassword) {
die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('PASSWORD_LONG')));
}
}
if (mb_strlen($userData['name'], 'UTF-8') < Config\MIN_LENGTH_NAME) {
die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('NAME_SHORT') . "\n" . $user->lang('MIN_LENGTH') . ': ' . Config\MIN_LENGTH_NAME));
}
if (mb_strlen($userData['surname'], 'UTF-8') < Config\MIN_LENGTH_SURNAME) {
die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('SURNAME_SHORT') . "\n" . $user->lang('MIN_LENGTH') . ': ' . Config\MIN_LENGTH_SURNAME));
}
if (false === filter_var($userData['email'], FILTER_VALIDATE_EMAIL)) {
die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('MAIL_NOT_VALID')));
$mail->Subject = $user->lang('RESET_YOUR_PASSWORD');
$user->getTPL()->assign($vals);
$mail->MsgHTML($user->getTPL()->draw("langs/{$user->getLanguage()}/reset-mail", true));
$mail->AddAddress($email);
if ($mail->Send()) {
die(NERDZ\Core\Utils::jsonResponse('ok', 'OK'));
}
die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('ERROR') . ': ' . $mail->ErrorInfo));
} catch (phpmailerException $e) {
die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('ERROR') . ': ' . $e->errorMessage() . "\n contact support@nerdz.eu or retry"));
}
die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('ERROR') . ': contact support@nerdz.eu or retry'));
} else {
if ($password !== false && $token !== false && $key !== false) {
//3rd step
switch (Security::passwordControl($password)) {
case 'PASSWORD_SHORT':
die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('PASSWORD_SHORT') . "\n" . $user->lang('MIN_LENGTH') . ': ' . Config\MIN_LENGTH_PASS));
case 'PASSWORD_LONG':
die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('PASSWORD_LONG')));
}
if (!($obj = Db::query(['SELECT r.*, u.username FROM reset_requests r JOIN users u ON r.to = u.counter WHERE r.counter = :key', [':key' => $key]], Db::FETCH_OBJ))) {
die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('ERROR') . '(2): ' . $user->lang('TRY_LATER')));
}
if ($obj->token !== $token) {
die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('ERROR') . ': Token'));
}
if (Db::NO_ERRNO != Db::query(['DELETE FROM reset_requests WHERE "to" = :to AND counter <= :key', [':to' => $obj->to, ':key' => $key]], Db::FETCH_ERRNO)) {
die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('ERROR') . '(3): ' . $user->lang('TRY_LATER')));
}
if (Db::NO_ERRNO != Db::query(['UPDATE "users" SET "password" = crypt(:pass, gen_salt(\'bf\', 7)) WHERE "counter" = :id', [':pass' => $password, ':id' => $obj->to]], Db::FETCH_ERRNO)) {
