-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathPassChanger.php
299 lines (258 loc) · 12.7 KB
/
PassChanger.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
<?php
//setting time zone.
date_default_timezone_set('Africa/Lagos');
include("/doc_cabinet_connect.php");
$dblink = dbconnect('doc_cabinet');
$errJar = "";
$errMsg = "";
$pwEmail = "";
$dispScript = "";
$actcode = "";
$NewPW = "";
$ReNewPw = "";
global $dispScript, $clonedEmail, $PEmail;
/*------------------------------------------------------------------------------------------------------------------------
Handles activation code generation.
--------------------------------------------------------------------------------------------------------------------------*/
if(isset($_POST['emailSubbtn']) == "change"){
if(!empty($_POST['pwEmail']))
{
global $clonedEmail;
$pwEmail = $_POST['pwEmail'];
$clonedEmail = $pwEmail;
//Generating of the activation code.
$babyACode = rand();
$aCode = "".$babyACode."";
$queryi = sprintf("SELECT users_details WHERE user_Email = '%s'",
mysqli_real_escape_string($dblink, $pwEmail));
$resulti = mysqli_query($dblink, $queryi);
if($resulti > 0){
$query = sprintf("UPDATE users_details SET act_code = '%s' WHERE user_Email ='%s'",
mysqli_real_escape_string($dblink, $aCode),
mysqli_real_escape_string($dblink, $pwEmail));
$result = mysqli_query($dblink, $query);
//Sending email with activation code to user.
if($result == TRUE){
$emailBody = "Hi,<br><br>
We got a <b>complaint</a> from you, of recent, <b>about forgetting the password</b> to your Pyruscape Account.<br><br>.
Use the Activation code below to change the password to your Account.<br><br>
The Activation code is : ".$aCode."<br><br>
If you have any problem using <b>Pyruscape</b>, you can reach us at <b>[email protected]</b><br><br>
Regards,<br><br><br>
The Pyruscape Team";
mail($pwEmail,"Keep Your Pyrusape Account Active", $emailBody, "From: Pyruscape");
//Preparing the new password change display page script.
$dispScript = '<div class = "row-fluid">
<div class = "span12"><h3 class = "docHeadr" style = "margin-left:auto; margin-right:auto; margin-top:1em;">We\'ve sent an Activation code to your email. Change your password here.</h3><hr></div>
</div>
<div class = "row-fluid">
<div class = "span3"></div>
<div class = "span6">
<div class="hero-unit" style = "margin-top:1.5em; margin-bottom:3em;">
<div style = "margin-left:6.5em;"><img src="img/pyruspix.jpg" width="150" height="113" alt="pyruspix"/></div>
<form method = "post" action = "PassChanger.php?PEmail='.$pwEmail.'" style = "margin-top:1em;">
<p>Use a password that can\'t be easily guessed by others.</p>
<input class = "span12" type = "text" name = "actcode" placeholder = "Enter the Activation Code here"/><br>
<input class = "span12" type = "password" name = "NewPW" placeholder = "Enter a new password here"/><br>
<input class = "span12" type = "password" name = "ReNewPw" placeholder = "Re-enter your new password here"/><br>
<button class = "btn btn-success" name = "PWchangebtn" value = "PWchange">Change Password</button>
</form>
</div>
</div>
<div class = "span3"></div>
</div>';
}
}else{
$dispScript = '<div class = "row-fluid">
<div class = "span12"><h3 class = "docHeadr" style = "margin-left:auto; margin-right:auto; margin-top:1em;">If you forgot your password, then you are on the right page.</h3><hr></div>
</div>
<div class = "row-fluid">
<div class = "span3"></div>
<div class = "span6">
<div class="hero-unit" style = "margin-top:1.5em; margin-bottom:3em;">
<div style = "margin-left:6.5em;"><img src="img/pyruspix.jpg" width="150" height="113" alt="pyruspix" style="opacity:0.4;filter:alpha(opacity=40)" /></div>
<form method = "post" action = "PassChanger.php" style = "margin-top:1em;">
<p>Enter your email address into the field below so that we can help you resolve the password issue you\'re having.</p>
<input class = "span12" type = "text" name = "pwEmail" placeholder = "Provide your email address here"/><br>
<button class = "btn btn-success" name = "emailSubbtn" value = "change">Submit</button>
</form>
</div>
</div>
<div class = "span3"></div>
</div>';
$errMsg = '<div class = "page-alert"><div class = "alert" style = "background-color:#ffcc99;"><div class = "redflag"><div class ="container"><div class = "row-fluid">
<div class = "errFlagMgr">There is <b>no Pyruscape Account that uses the email you provided</b>.Please gives us the email you used to register on Pyruscape.</div></div></div></div></div></div>';
}
}
else
{
$errMsg = '<div class = "page-alert"><div class = "alert" style = "background-color:#ffcc99;"><div class = "redflag"><div class ="container"><div class = "row-fluid">
<div class = "errFlagMgr">Please enter your <b>email address</b>.</div></div></div></div></div></div>';
}
}
/*-------------------------------------------------------------------------------------------------------------------------
Handling password change.
--------------------------------------------------------------------------------------------------------------------------*/
if(isset($_POST['PWchangebtn']) == 'PWchange'){
if(isset($_GET['PEmail']) !=""){
$PEmail = $_GET['PEmail'];
}
//Preparing the new password change display page script.
$dispScript = '<div class = "row-fluid">
<div class = "span12"><h3 class = "docHeadr" style = "margin-left:auto; margin-right:auto; margin-top:1em;">We\'ve sent an Activation code to your email. Change your password here.</h3><hr></div>
</div>
<div class = "row-fluid">
<div class = "span3"></div>
<div class = "span6">
<div class="hero-unit" style = "margin-top:1.5em; margin-bottom:3em;">
<div style = "margin-left:6.5em;"><img src="img/pyruspix.jpg" width="150" height="113" alt="pyruspix"/></div>
<form method = "post" action = "PassChanger.php?PEmail='.$PEmail.'" style = "margin-top:1em;">
<p>Use a password that can\'t be easily guessed by others.</p>
<input class = "span12" type = "text" name = "actcode" placeholder = "Enter the Activation Code here"/><br>
<input class = "span12" type = "password" name = "NewPW" placeholder = "Enter a new password here"/><br>
<input class = "span12" type = "password" name = "ReNewPw" placeholder = "Re-enter your new password here"/><br>
<button class = "btn btn-success" name = "PWchangebtn" value = "PWchange">Change Password</button>
</form>
</div>
</div>
<div class = "span3"></div>
</div>';
if(!empty($_POST['actcode'])){
$actcode = $_POST['actcode'];
}else{
$errJar = '<li>Please enter your <b>Activation code</b>.</li>';
}
if(!empty($_POST['NewPW'])){
$NewPW = $_POST['NewPW'];
}else{
$errJar .= '<li>Please enter your <b>New Password</b>.</li>';
}
if(!empty($_POST['ReNewPw'])){
$ReNewPw = $_POST['ReNewPw'];
}else{
$errJar .= '<li>Please <b>verify</b> your <b>New Password</b>.</li>';
}
if($NewPW != $ReNewPw){
$errMsg = '<div class = "page-alert"><div class = "alert" style = "background-color:#ffcc99;">
<div class = "redflag"><div class ="container"><div class = "row-fluid">
<div class = "errFlagMgr">Looks like the <b>Passwords</b> you entered don\'t match.</div></div></div></div></div></div>';
}
if(($NewPW == $ReNewPw) && $actcode !="" && $errJar == "" && $errMsg == ""){
//Verifying Activation code.
$query2 = sprintf("SELECT * FROM users_details WHERE user_Email ='%s' AND act_code ='%s'",
mysqli_real_escape_string($dblink, $PEmail),
mysqli_real_escape_string($dblink, $actcode));
$result2 = mysqli_query($dblink, $query2);
if(mysqli_num_rows($result2)> 0){
//Carrying out the actual change of password.
$query3 = sprintf("UPDATE users_details SET user_PW = '%s' WHERE user_Email ='%s'",
md5(mysqli_real_escape_string($dblink, $NewPW)),
mysqli_real_escape_string($dblink, $PEmail));
$result3 = mysqli_query($dblink, $query3);
if($result3 == TRUE){
//creating notification on password change
$passCngNotif = "Your <b>password</b> was <b>sucessfully changed</b>.
You can now Sign In and start using you account.";
header("Location:signin.php?pNote=".$passCngNotif);
exit;
}
}
}
if(!empty($errJar)){
$errMsg = '<div class = "page-alert"><div class = "alert" style = "background-color:#ffcc99;">
<div class = "redflag"><div class ="container"><div class = "row-fluid">
<div class = "errFlagMgr"><ul>'.$errJar.'</ul></div></div></div></div></div></div>';
}
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Change of Password - Pyruscape™</title>
<link rel = "stylesheet" type ="text/css" href = "css/bootstrap.min.css">
<link rel = "stylesheet" type = "text/css" href = "css/codedoc.css">
<link rel = "stylesheet" type ="text/css" href = "css/bootstrap-fileupload.min.css">
</head>
<body>
<script src="js/jquery-1.8.1.js"></script>
<script src="js/bootstrap.min.js"></script>
<!--HEADER SECTION-->
<div class="headr">
<div class="container">
<div class="span12">
<div class="row-fluid">
<!--SITE LOGO-->
<div class="span4"><img src = "img/pyrusclogo v4.gif"></div>
<!--LOGIN FORM ON HEADER-->
<div class="span8">
<form class="form-inline" method="post" action="signin.php">
<div id ="headr-login">
<input type="text" class="input-small" placeholder="Email" name = "uEmail" >
<input type="password" class="input-small" placeholder="Password" name = "uPassword">
<label class="checkbox" style = "color:#ffffff;">
<input type="checkbox"> Remember me
</label>
<button type="submit" class="btn" name = "SigninSubmit" value = "Sign in">Sign in</button>
<button type="submit" class="btn" name ="SignUp" value = "SignUp">Register</button><br><br>
</div>
</form>
</div>
</div>
</div>
</div>
</div>
<!--FLAG SECTION-->
<?php
if(!empty($errMsg)){
echo $errMsg; //('<div class = "redflag"><div class ="container"><div class = "row-fluid"><div class = "errFlagMgr">'.$errorMsg.'</div></div></div></div>');
}
?>
<!--CONTENT SECTION-->
<div class = "container">
<div class = "span12">
<?php
if($dispScript == ""){
echo '<div class = "row-fluid">
<div class = "span12"><h3 class = "docHeadr" style = "margin-left:auto; margin-right:auto; margin-top:1em;">If you forgot your password, then you are on the right page.</h3><hr></div>
</div>
<div class = "row-fluid">
<div class = "span3"></div>
<div class = "span6">
<div class="hero-unit" style = "margin-top:1.5em; margin-bottom:3em;">
<div style = "margin-left:6.5em;"><img src="img/pyruspix.jpg" width="150" height="113" alt="pyruspix" style="opacity:0.4;filter:alpha(opacity=40)" /></div>
<form method = "post" action = "PassChanger.php" style = "margin-top:1em;">
<p>Enter your email address into the field below so that we can help you resolve the password issue you\'re having.</p>
<input class = "span12" type = "text" name = "pwEmail" placeholder = "Provide your email address here"/><br>
<button class = "btn btn-success" name = "emailSubbtn" value = "change">Submit</button>
</form>
</div>
</div>
<div class = "span3"></div>
</div>';
}else{
echo $dispScript;
}
?>
</div>
</div>
<!--FOOTER-->
<div class="footr">
<div class="container">
<div class ="span12">
<div class = "footrLinks">
<div class="copyright">© <?php echo date("Y");?>
<a href ="">Kaelahi Technologies</a>
<a href ="">About Us</a>
<a href ="">Contact</a>
<a href ="">Career</a>
<a href ="">FAQ</a>
<a href ="">Privacy Statement</a>
<a href ="">Terms and Conditions</a>
<a href ="">Blog</a>
</div>
</div>
</div>
</div>
</div>
</body>
</html>