die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('WRONG_USERNAME') . "\n" . $user->lang('CHAR_NOT_ALLOWED') . ': +')); } if (is_numeric(strpos($userData['username'], '&'))) { die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('WRONG_USERNAME') . "\n" . $user->lang('CHAR_NOT_ALLOWED') . ': &')); } if (is_numeric(strpos($userData['username'], '%'))) { die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('WRONG_USERNAME') . "\n" . $user->lang('CHAR_NOT_ALLOWED') . ': %')); } if (filter_var($userData['username'], FILTER_VALIDATE_EMAIL)) { die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('WRONG_USERNAME') . "\n" . $user->lang('USERNAME_CANT_BE_EMAIL'))); } if ($userData['username'] !== Messages::stripTags($userData['username'])) { die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('WRONG_USERNAME') . "\n" . $user->lang('CHAR_NOT_ALLOWED') . ': BBCode or [ ]')); } } switch (Security::passwordControl($userData['password'])) { case 'PASSWORD_SHORT': die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('PASSWORD_SHORT') . "\n" . $user->lang('MIN_LENGTH') . ': ' . Config\MIN_LENGTH_PASS)); case 'PASSWORD_LONG': if (!$user->isLogged() || $updatedPassword) { die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('PASSWORD_LONG'))); } } if (mb_strlen($userData['name'], 'UTF-8') < Config\MIN_LENGTH_NAME) { die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('NAME_SHORT') . "\n" . $user->lang('MIN_LENGTH') . ': ' . Config\MIN_LENGTH_NAME)); } if (mb_strlen($userData['surname'], 'UTF-8') < Config\MIN_LENGTH_SURNAME) { die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('SURNAME_SHORT') . "\n" . $user->lang('MIN_LENGTH') . ': ' . Config\MIN_LENGTH_SURNAME)); } if (false === filter_var($userData['email'], FILTER_VALIDATE_EMAIL)) { die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('MAIL_NOT_VALID')));
$mail->Subject = $user->lang('RESET_YOUR_PASSWORD'); $user->getTPL()->assign($vals); $mail->MsgHTML($user->getTPL()->draw("langs/{$user->getLanguage()}/reset-mail", true)); $mail->AddAddress($email); if ($mail->Send()) { die(NERDZ\Core\Utils::jsonResponse('ok', 'OK')); } die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('ERROR') . ': ' . $mail->ErrorInfo)); } catch (phpmailerException $e) { die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('ERROR') . ': ' . $e->errorMessage() . "\n contact support@nerdz.eu or retry")); } die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('ERROR') . ': contact support@nerdz.eu or retry')); } else { if ($password !== false && $token !== false && $key !== false) { //3rd step switch (Security::passwordControl($password)) { case 'PASSWORD_SHORT': die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('PASSWORD_SHORT') . "\n" . $user->lang('MIN_LENGTH') . ': ' . Config\MIN_LENGTH_PASS)); case 'PASSWORD_LONG': die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('PASSWORD_LONG'))); } if (!($obj = Db::query(['SELECT r.*, u.username FROM reset_requests r JOIN users u ON r.to = u.counter WHERE r.counter = :key', [':key' => $key]], Db::FETCH_OBJ))) { die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('ERROR') . '(2): ' . $user->lang('TRY_LATER'))); } if ($obj->token !== $token) { die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('ERROR') . ': Token')); } if (Db::NO_ERRNO != Db::query(['DELETE FROM reset_requests WHERE "to" = :to AND counter <= :key', [':to' => $obj->to, ':key' => $key]], Db::FETCH_ERRNO)) { die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('ERROR') . '(3): ' . $user->lang('TRY_LATER'))); } if (Db::NO_ERRNO != Db::query(['UPDATE "users" SET "password" = crypt(:pass, gen_salt(\'bf\', 7)) WHERE "counter" = :id', [':pass' => $password, ':id' => $obj->to]], Db::FETCH_ERRNO)) {