v1.2 initial commit
This commit is contained in:
195
pub/login/resetPassword.php
Normal file
195
pub/login/resetPassword.php
Normal file
@@ -0,0 +1,195 @@
|
||||
<?php
|
||||
session_start();
|
||||
if (!isset($_GET['token']) && !isset($_GET['result']) && !isset($_SESSION['user']['user_uuid'])) {
|
||||
http_response_code(404);
|
||||
exit;
|
||||
}
|
||||
|
||||
include_once $_SERVER['DOCUMENT_ROOT'] . '/login/php/authFunctions.php';
|
||||
|
||||
|
||||
$tokenfound = false;
|
||||
if (isset($_GET['token'])) {
|
||||
$token = htmlspecialchars($_GET['token'], ENT_QUOTES, 'UTF-8');
|
||||
$stmt = $GLOBALS['conn']->prepare("SELECT * FROM vc_users WHERE user_password_reset_token = ? AND user_password_reset_expires > UNIX_TIMESTAMP()");
|
||||
$stmt->bind_param("s", $token);
|
||||
$stmt->execute();
|
||||
$result = $stmt->get_result();
|
||||
} elseif (isset($_SESSION['user']['user_uuid'])) {
|
||||
$user_uuid = $_SESSION['user']['user_uuid'];
|
||||
$stmt = $GLOBALS['conn']->prepare("SELECT * FROM vc_users WHERE user_uuid = ?");
|
||||
$stmt->bind_param("s", $user_uuid);
|
||||
$stmt->execute();
|
||||
$result = $stmt->get_result();
|
||||
}
|
||||
|
||||
|
||||
if ($result->num_rows == 1) {
|
||||
$tokenfound = true;
|
||||
$user_data = $result->fetch_assoc();
|
||||
} else {
|
||||
addLoginAttempts();
|
||||
}
|
||||
|
||||
if (checkLoginAttempts() > 20) {
|
||||
header('Location: /login/');
|
||||
exit;
|
||||
}
|
||||
?>
|
||||
|
||||
<!DOCTYPE html>
|
||||
<html data-coreui-theme="dark" lang="en">
|
||||
<head>
|
||||
<base href="./">
|
||||
<meta charset="utf-8">
|
||||
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
||||
<meta name="viewport" content="width=device-width, initial-scale=1.0, shrink-to-fit=no">
|
||||
<meta name="description" content="Sentri - Configure phone configs">
|
||||
<meta name="author" content="Marco Mooij">
|
||||
<meta name="keyword" content="sentri">
|
||||
<title>Sentri | Login</title>
|
||||
|
||||
<!-- favicon -->
|
||||
<link rel="icon" type="image/png" href="/src/images/favicon/favicon-96x96.png" sizes="96x96">
|
||||
<link rel="icon" type="image/svg+xml" href="/src/images/favicon/favicon-96x96.png">
|
||||
<link rel="shortcut icon" href="/src/images/favicon/favicon.ico">
|
||||
<link rel="apple-touch-icon" sizes="180x180" href="/src/images/favicon/apple-touch-icon.png">
|
||||
<link rel="manifest" href="/src/images/favicon/site.webmanifest">
|
||||
|
||||
<style>
|
||||
body {
|
||||
font-family: Arial, sans-serif;
|
||||
background-color: #1d222b;
|
||||
}
|
||||
|
||||
.portal-image {
|
||||
width: 100%;
|
||||
height: auto;
|
||||
aspect-ratio: 3 / 1;
|
||||
object-fit: contain;
|
||||
display: block;
|
||||
min-height: 200px; /* Prevent layout shift during image load */
|
||||
}
|
||||
|
||||
#code-container {
|
||||
display: flex;
|
||||
justify-content: center;
|
||||
gap: 10px;
|
||||
}
|
||||
|
||||
.code-input {
|
||||
width: 40px;
|
||||
height: 40px;
|
||||
font-size: 24px;
|
||||
text-align: center;
|
||||
margin: 5px;
|
||||
}
|
||||
</style>
|
||||
|
||||
<link rel="stylesheet" href="css/style.full.css" as="style">
|
||||
</head>
|
||||
<body>
|
||||
<div class="bg-body-tertiary min-vh-100 d-flex flex-row align-items-center">
|
||||
<div class="container">
|
||||
<div class="row justify-content-center">
|
||||
<div class="col-lg-8 col-md-10 col-12 d-flex align-items-center justify-content-center">
|
||||
<div class="card-group d-block d-md-flex row">
|
||||
<div class="card col-md-7 mb-0">
|
||||
<div class="card-body p-3">
|
||||
<div class="card-body text-center justify-content-center align-items-center">
|
||||
<?php if (isset($_GET['result'])) {
|
||||
if ($_GET['result'] == "success") { ?>
|
||||
<h1 class="text-center">Password set</h1>
|
||||
<p class="text-center">Your password was set successfully. Use the button below to proceed to the login page.</p>
|
||||
<hr>
|
||||
<a href="/login/" class="btn btn-primary px-4">
|
||||
<i class="fa-solid fa-check"></i> Go to login
|
||||
</a>
|
||||
<?php } elseif ($_GET['result'] == "failed") { ?>
|
||||
<h1 class="text-center">Something went wrong</h1>
|
||||
<p class="text-center">Something went wrong in changing your password. Please contact support!</p>
|
||||
<?php } ?><?php } else { ?>
|
||||
<h1 class="text-center">Set Password</h1>
|
||||
<p class="text-center">Must be at least 12 characters.</p>
|
||||
<hr>
|
||||
<form method="post" action="/login/php/setPassword.php">
|
||||
<?php if (isset($_GET['token'])) { ?>
|
||||
<input type="hidden" name="user_password_reset_token" value="<?php echo $token ?>">
|
||||
<?php } elseif (isset($_SESSION['user']['user_uuid'])) { ?>
|
||||
<input type="hidden" name="user_uuid" value="<?php echo $user_data['user_uuid'] ?>">
|
||||
<?php } ?>
|
||||
<label for="password" class="form-label">New Password</label>
|
||||
<input type="password" class="form-control" name="password-1" id="password" placeholder="Enter password" required autocomplete="new-password">
|
||||
<div id="passwordPolicyError" class="form-text text-danger d-none">Password is too short.</div>
|
||||
<br>
|
||||
|
||||
<div class="mb-3 text-reset">
|
||||
<label for="confirmPassword" class="form-label">Confirm Password</label>
|
||||
<input type="password" class="form-control" name="password-2" id="confirmPassword" placeholder="Repeat password" required>
|
||||
<div id="passwordHelp" class="form-text text-danger d-none">Passwords do not match.</div>
|
||||
</div>
|
||||
|
||||
|
||||
<button type="submit" class="btn btn-primary w-100" id="submitBtn" disabled>
|
||||
<i class="fa-solid fa-key"></i> Set Password
|
||||
</button>
|
||||
</form>
|
||||
|
||||
<?php } ?>
|
||||
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<div class="card col-md-5 text-white bg-transparent py-5">
|
||||
<div class="card-body text-center pt-5">
|
||||
<div>
|
||||
<img class="pt-3 w-100 portal-image" alt="portal-image" src="/src/images/logo-login-dark.webp" width="500" height="265" style="height: auto;">
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css">
|
||||
<script>
|
||||
const password = document.getElementById("password");
|
||||
const confirmPassword = document.getElementById("confirmPassword");
|
||||
const submitBtn = document.getElementById("submitBtn");
|
||||
const passwordHelp = document.getElementById("passwordHelp");
|
||||
const passwordPolicyError = document.getElementById("passwordPolicyError");
|
||||
|
||||
function checkPasswords() {
|
||||
const pwValue = password.value;
|
||||
const confirmValue = confirmPassword.value;
|
||||
|
||||
// Check length
|
||||
if (pwValue.length < 13) {
|
||||
passwordPolicyError.classList.remove("d-none");
|
||||
submitBtn.disabled = true;
|
||||
return;
|
||||
} else {
|
||||
passwordPolicyError.classList.add("d-none");
|
||||
}
|
||||
|
||||
// Check match
|
||||
if (pwValue && confirmValue) {
|
||||
if (pwValue === confirmValue) {
|
||||
passwordHelp.classList.add("d-none");
|
||||
submitBtn.disabled = false;
|
||||
} else {
|
||||
passwordHelp.classList.remove("d-none");
|
||||
submitBtn.disabled = true;
|
||||
}
|
||||
} else {
|
||||
passwordHelp.classList.add("d-none");
|
||||
submitBtn.disabled = true;
|
||||
}
|
||||
}
|
||||
|
||||
password.addEventListener("input", checkPasswords);
|
||||
confirmPassword.addEventListener("input", checkPasswords);
|
||||
</script>
|
||||
</body>
|
||||
</html>
|
||||
Reference in New Issue
Block a user