<?php include_once "inc/constants.inc.php"; $pageTitle = "Choose password"; include_once "inc/header.php"; //if page loads and BOTH "v" and "e" variables are passed. E.g.: http://localhost/custom_pool_site/accountverify.php?v=ec731d77113c284d&e=test@test444.com //NOTE - MAKE SURE TO HASH EMAIL //NOTE IF A USER ENTERS URL WITH THEIR V AND E VALUES SPECIFIED, THEY WILL BE ABLE TO CHANGE THE ACCT'S PASSWORD if (isset($_GET['v']) && isset($_GET['e'])) { //store variables from URL: $verification_value = $_GET['v']; $user_id = $_GET['e']; include_once "inc/class.users.inc.php"; $user = new SiteUser(); $verify_account_result = $user->verifyAccount($verification_value, $user_id); if ($verify_account_result[0] > 3) { //if verifyAccount result is greater than 3 and we don't want the user to enter a new password: echo $verify_account_result[1]; } } //if form is submitted and the input passwords are correct length and match each other: if (isset($_POST['form_sent']) && strlen($_POST['p']) > 7 && $_POST['p'] === $_POST['r']) { include_once "inc/class.users.inc.php"; $user = new SiteUser(); //$username_entry = $_POST['username']; $password_entry1 = $_POST['p']; $password_entry2 = $_POST['r']; $user_id = $_POST['form_sent']; //store user ID from hidden field in form as $user_id variable (hidden field value comes from URL) //store entered password in database: $updatePassword_result = $user->updatePassword($password_entry1, $password_entry2, $user_id);
<?php include_once "inc/constants.inc.php"; $pageTitle = "Reset Password"; if (isset($_GET['v']) && isset($_GET['user_id'])) { //if the user arrives here with the v and user_id variables properly set, we want to set their 'Account Activated' field in the user table to 1, so we run the verifyAccount method: //NOTE: the below code gets called before the user enters their new password: include_once "inc/class.users.inc.php"; $user = new SiteUser(); $ret = $user->verifyAccount($_GET['v'], $_GET['user_id']); } else { //redirect to home page if "v" and "user id" variables are not properly set in URL header("Location: home.php"); exit; } include_once "inc/header.php"; ?> <br> <div style="margin-left:20px;"> <h2>Reset Your Password</h2> <form method="post" action="accountverify.php?e=<?php echo $_GET['user_id']; ?> "> <div> <label for="p">Choose a New Password:</label> <input type="password" name="p" id="p" /><br /> <label for="r">Re-Type Password:</label> <input type="password" name="r" id="r" /><br /> <input type="hidden" name="v" value="<?php
<?php include_once "constants.inc.php"; $pageTitle = "TEST VERIFY"; include_once "header.php"; //if page loads and form is not blank: if (!empty($_POST['email']) and !empty($_POST['verification'])) { //JUST FOR TESTING PURPOSES: set entered verification code as $verification_value variable $verification_value = $_POST['verification']; $email_value = $_POST['email']; include_once "class.users.inc.php"; $user = new SiteUser(); $user->verifyAccount($verification_value, $email_value); //if page loads and form is blank: } else { ?> <h2>TEST PAGE: Please Verify your account</h2> <form method="post" action="accountverify_test.php"> <div> <!--Email input below is just for test purposes--> <label for="p">Enter your email address here</label> <input type="text" name="email" id="email" /><br /> <!--Verification code input below is just for test purposes--> <label for="p">Enter your verification code here</label> <input type="text" name="verification" id="verification" /><br /> <input type="hidden" name="form_sent" value="<?php echo $_GET['form_sent'];