forked from InfraPM/regionalroads
-
Notifications
You must be signed in to change notification settings - Fork 0
/
reset.php
100 lines (100 loc) · 3.9 KB
/
reset.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
<?php
session_start();
require "../support/User.php";
require 'header.php';
if (isset($_POST['confirmpassword']) && isset($_POST['password']) && isset($_POST['token']) && isset($_POST['submitButton'])) {
$user = new User();
$dbCon = new DbCon($_ENV['host'], $_ENV['port'], $_ENV['db'], $_ENV['dbuser'], $_ENV['dbpassword']);
$user->setDbCon($dbCon);
$user->setTemporaryPasswordToken($_POST['token']);
try {
$user->getUserFromPasswordToken();
} catch (TypeError $e) {
$msg = '<div>Link has expired. Password not changed.</div>';
//header('Location: index.php');
}
if ($user->exists() == TRUE) {
$user->setPassword($_POST['password']);
$user->setPassword_db();
$user->setTemporaryPasswordToken("");
$user->setPasswordResetToken_db();
$_SESSION['status'] = 'reset';
header('Location: index.php');
} else {
$msg = '<div style="text-align: center; color: red; font-weight: bold;">Link has expired. Password not changed.</div>';
}
}
if (isset($_GET['token']) && strlen($_GET['token']) == 20) {
$token = $_GET['token'];
echo <<<EOT
<script
src="https://code.jquery.com/jquery-3.4.1.min.js"
integrity="sha256-CSXorXvZcTkaix6Yvo6HppcZGetbYMGWSFlBw8HfCJo="
crossorigin="anonymous"></script>
<script>
function checkPasswordMatch() {
var password = $("#password").val();
var confirmPassword = $("#confirmpassword").val();
if (password == confirmPassword && isStrong(password)){
$("button[name='submitButton']").prop("disabled", false);
$("#checkPasswordMatch").html("Passwords match and meet complexity standards.");
$("button[name='submitButton']").css("cursor","default");
}
else if (password == confirmPassword && isStrong(password)==false){
if (password.length==0){
var msg = "Please enter a password."
}
else{
var msg = "Passwords match but do not meet complexity standards.";
}
$("button[name='submitButton']").prop("disabled", true);
$("#checkPasswordMatch").html(msg);
$("button[name='submitButton']").css("cursor","not-allowed");
}
else if (password != confirmPassword && isStrong(password)){
$("button[name='submitButton']").prop("disabled", true);
$("#checkPasswordMatch").html("Passwords do not match!");
$("button[name='submitButton']").css("cursor","not-allowed");
}
else{
$("button[name='submitButton']").prop("disabled", true);
$("#checkPasswordMatch").html("Passwords do not match!");
$("button[name='submitButton']").css("cursor","not-allowed");
}
}
function isStrong(password){
var regExp = /(?=.*\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[!@#$%&*()]).{8,}/;
var validPassword = regExp.test(password);
return validPassword;
}
$(document).ready(function () {
$("button[name='submitButton']").prop("disabled", true);
$("button[name='submitButton']").css("cursor", "not-allowed");
$("#confirmpassword").keyup(checkPasswordMatch);
$("#password").keyup(checkPasswordMatch);
});
</script>
<div class="login fadein">
<h1>Reset Password</h1>
<form method="post">
<label for="password">Password:</label><br>
<input type="password" id="password" name="password" placeholder="password"><br>
<label for="confirmpassword">Confirm Password:</label><br>
<input type="password" id="confirmpassword" name="confirmpassword" placeholder="password"><br><br>
<input type="hidden" id="token" name="token" value="$token">
<button type="submit" class="btn btn-primary btn-block btn-large" value="Log In" name="submitButton">Change Password</button>
</form>
<div id="passwordInstructions">Passwords must:
<ul><li>Contain at least 1 uppercase letter</li>
<li>Contain at least 1 special character</li>
<li>Contain at least 1 number</li>
<li>Be at least 8 characters long</li>
</div>
<div id="checkPasswordMatch" style="text-align:center;"> </div>
EOT;
echo $msg;
echo "</div>";
} else {
header('Location: index.php');
}
require 'footer.php';