-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathreset_password.php
More file actions
60 lines (52 loc) · 1.58 KB
/
reset_password.php
File metadata and controls
60 lines (52 loc) · 1.58 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
<?php
require_once('./config/include.php');
require_once('./src/reset_pwd.php');
require_once('./src/validations.php');
$info = $err_pass = $err_conf = $error = '';
$submit = $password = $hash = $confirmation = '';
if (!isset($_SESSION['user_id_reset_pass'])) {
header('Location: login.php');
exit();
}
$user_id = $_SESSION['user_id_reset_pass'];
if (is_post_request()) {
//Validate password
try {
validate_password($_POST['password']);
$options = ['cost' => 12,];
$hash = password_hash($_POST['password'], PASSWORD_BCRYPT, $options);
} catch (ValidationException $e) {
$err_pass = $e->getMessage();
}
// Validate confirmation
try {
validate_confirmation($_POST['password'], $_POST['confirmation']);
} catch (ValidationException $e) {
$err_conf = $e->getMessage();
}
}
if(isset($_POST['submit'])) {
if ($error == '' && $err_pass == '' && $err_conf == '') {
try {
$user_id_reset_pass = $user_id;
reset_password($dbc, $user_id_reset_pass, $hash);
$qparam = http_build_query(array('info' => 'reset_success'));
header('Location: login.php?' . $qparam);
} catch (Exception $e) {
$error = 'Cannot change password. Check fields.';
}
}
else {
echo get_template('reset_password.php', array('error' => $error,
'err_pass' => $err_pass,
'err_conf' => $err_conf,
'info' => $info));
}
}
if (is_get_request()) {
echo get_template('reset_password.php', array('error' => $error,
'err_pass' => $err_pass,
'err_conf' => $err_conf,
'info' => $info));
}
?>