-
Notifications
You must be signed in to change notification settings - Fork 15
/
Copy pathtest.php
144 lines (115 loc) · 4.57 KB
/
test.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
<?php
/**
* Created by PhpStorm.
* User: MY PC
* Date: 10/4/2019
* Time: 11:49 AM
*/
require 'config/database.php';
$db=new DB();
$db = $db->get_connection();
use PHPMailer\PHPMailer\PHPMailer;
use PHPMailer\PHPMailer\Exception;
$dir= dirname('C:\New folder\htdocs\team\vendor\autoload.php');
$dir.='\autoload.php';
require $dir;
$mail = new PHPMailer(true);
$errors = array();
$message = '';
//check if email exists
if(isset($_POST['reset-btn'])){
if(!empty($_POST['email'])){
$email=$_POST['email'];
$sql = "SELECT * FROM users WHERE email = '$email' ";
$query = $db->query($sql);
$UserDetails = mysqli_fetch_assoc($query);
$count = mysqli_num_rows($query);
//$dir= dirname('C:\New folder\htdocs\team\vendor\autoload.php');
//$dir.='\autoload.php';
//echo $dir;
if ($count >= 1) {
$rand=rand();
$send='localhost/team/changepassword.php?email='.$email.'&password='.$rand;
$link="<a target='_blank' href='.$send.'> click here to reset password </a>";
// require '../maill.php';
require $dir;
$mail = new PHPMailer(true);
try {
//Server settings
$mail->SMTPDebug = 2; // Enable verbose debug output
$mail->isSMTP(); // Set mailer to use SMTP
$mail->Host = 'smtp.gmail.com'; // Specify main and backup SMTP servers
$mail->SMTPAuth = true; // Enable SMTP authentication
$mail->Username = '[email protected]'; // SMTP username
$mail->Password = 'gblcauvijrdacnxm'; // SMTP password
$mail->SMTPSecure = 'tls'; // Enable TLS encryption, `ssl` also accepted
$mail->Port = 587; // TCP port to connect to
//Recipients
$mail->setFrom('[email protected]', 'MY Name');
$mail->addAddress('[email protected]', 'Joe User'); // Add a recipient
// Content
$mail->isHTML(true); // Set email format to HTML
$mail->Subject = 'Password Reset';
$mail->Body = $link;
$mail->AltBody = 'This is the body in plain text for non-HTML mail clients';
$mail->send();
echo 'Message has been sent';
} catch (Exception $e) {
// echo "Message could not be sent. Mailer Error: {$mail->ErrorInfo}";
$error[]='Email not sent. Please try again.';
echo $mail->ErrorInfo;
}
$message='A one time password has been sent to your account';
$sql = "UPDATE users SET `resetPass`='$rand' WHERE `email`='$email'";
$db->query($sql);
} else {
$errors[] = "Email Does Not Exist";
}
}
else{
echo 'na here he come';
$errors[]="Email cannot be empty";
}
}
if (isset($_GET['password'])){
$pass=$_GET['password'];
$email=$_GET['email'];
$sql = "SELECT * FROM users WHERE resetPass = '$pass' ";
$query = $this->db->query($sql);
$UserDetails = mysqli_fetch_assoc($query);
$count = mysqli_num_rows($query);
if($count>=1){
}
}
if(isset($_POST['reset'])){
$password=$_POST['password'];
$c_password=$_POST['confirm_password'];
if($password==$c_password){
$reset_password=$_SESSION['r_pass'];
$email=$_SESSION['r_email'];
$sql = "SELECT * FROM users WHERE resetPass = '$reset_password' ";
$query = $db->query($sql);
$UserDetails = mysqli_fetch_assoc($query);
$count = mysqli_num_rows($query);
if($count>=1){
$hashed_password = password_hash($password, PASSWORD_DEFAULT);
$hash = md5(rand(0, 1000));
$sql = "UPDATE users SET `password`='$hash' WHERE `email`='$email'";
$result=$db->query($sql);
$rand=rand();
$sql = "UPDATE users SET `resetPass`='$rand' WHERE `email`='$email'";
$db->query($sql);
$_SESSION=[];
$message='password updated succesfully';
echo $message;
}
else{
$errors[]='Link has been used or dosent exist. Kindly request for another.';
echo $errors[0];
}
}
else{
$errors[]='password dont match';
echo $errors[0];
}
}