public function motdepasseperdu() { $template = ""; if (isset($_POST['email'], $_POST['pseudo']) and !empty($_POST['email']) and !empty($_POST['pseudo'])) { $email = $this->mysql->real_escape_string($_POST['email']); $pseudo = $this->mysql->real_escape_string($_POST['pseudo']); $sql = 'SELECT uid FROM utilisateurs WHERE UPPER(pseudo)=UPPER("' . $pseudo . '") AND LOWER(email)=LOWER("' . $email . '")'; $req = $this->mysql->query($sql); if ($data = $req->fetch_row()) { $user = new Utilisateurs($data[0]); $hash = $user->genConfirmCode(); $sql = 'UPDATE utilisateurs SET cvalidation="' . $hash . '",uetat=3 WHERE uid=' . $user->getUid(); $this->mysql->query($sql); $email = trim(file_get_contents(PARTIAL . 'mail_lostpassword')); $email = str_replace('{{PSEUDO}}', $user->getLogin(), $email); $email = str_replace('{{IP}}', $_SERVER['REMOTE_ADDR'], $email); $email = str_replace('{{CONFIRMCODE}}', $hash, $email); $mailo = new Email(); $mailo->send($user->getEmail(), "Redéfinition de votre mot de passe", $email, $user->getLogin()); $template = '<div class="message">Un e-mail avec les informations concernants la redéfinition de votre mot de passe vient de vous être envoyé</div>'; } else { $template = '<div class="erreur">Utilisateur introuvable</div>'; } } elseif (isset($_GET['confirmcode']) and !empty($_GET['confirmcode'])) { $hash = $this->mysql->real_escape_string($_GET['confirmcode']); $sql = 'SELECT uid FROM utilisateurs WHERE cvalidation="' . $hash . '"'; $req = $this->mysql->query($sql); if ($data = $req->fetch_row()) { $uid = $data[0]; $user = new Utilisateurs($uid); if (isset($_POST['password'], $_POST['password2']) and !empty($_POST['password']) and !empty($_POST['password2'])) { $user->updatePassword($uid, $_POST['password']); $sql = 'UPDATE utilisateurs SET uetat=1,cvalidation="" WHERE uid=' . $uid; $this->mysql->query($sql); $template = "<div class='message'>Mot de passe mis à jour avec succès ! Vous pouvez maintenant vous connecter</div>"; } else { $template = file_get_contents(PARTIAL . 'password_form.xhtml'); } } else { $template = "<div class='erreur'>Aucune demande de redéfinition de mot de passe trouvée pour ce code"; } } else { $template = file_get_contents(PARTIAL . 'motdepasseperdu.xhtml'); } return $template; }
<label for="">Prénom :</label> <input type="text" name="Userprenom" class="form-control" value="<?php echo isset($_POST['Userprenom']) ? $_POST['Userprenom'] : $us->getPrenom(); ?> " required/> <label for="">Mail :</label> <input type="email" name="Usermail" class="form-control" value="<?php echo isset($_POST['Usermail']) ? $_POST['Usermail'] : $us->getMail(); ?> " required/> <label for="">Pseudo :</label> <input type="text" name="Username" class="form-control" value="<?php echo isset($_POST['Username']) ? $_POST['Username'] : $us->getLogin(); ?> " required/> <label for="">Mot de passe :</label> <input type="password" name="Userpasswd" class="form-control" placeholder="Changer le mot de passe" /> <label for="">Confirmation de mot de passe :</label> <input type="password" name="Userpasswd_confirm" class="form-control" placeholder="Confirmer le mot de passe"/> <label for="">Profil :</label> <select name="UserProfil" class="form-control" required <?php echo $_SESSION['auth'][6] == 2 ? 'disabled="true"' : ''; ?> > <option value="1" <?php