129 lines
6.4 KiB
PHP
129 lines
6.4 KiB
PHP
<?php
|
|
session_start();
|
|
if (!isset($_GET['token']) && !isset($_GET['result']) && !isset($_SESSION['user']['user_uuid'])) {
|
|
http_response_code(404);
|
|
exit;
|
|
}
|
|
|
|
require_once "{$_SERVER['DOCUMENT_ROOT']}/login/php/authFunctions.php";
|
|
|
|
|
|
$tokenfound = false;
|
|
if (isset($_GET['token'])) {
|
|
$token = htmlspecialchars($_GET['token'], ENT_QUOTES, 'UTF-8');
|
|
$stmt = $GLOBALS['conn']->prepare("SELECT * FROM system_users WHERE user_password_reset_token = ? AND user_password_reset_expires > UNIX_TIMESTAMP()");
|
|
$stmt->bind_param("s", $token);
|
|
$stmt->execute();
|
|
$result = $stmt->get_result();
|
|
} elseif (isset($_SESSION['user']['user_uuid'])) {
|
|
$user_uuid = $_SESSION['user']['user_uuid'];
|
|
$stmt = $GLOBALS['conn']->prepare("SELECT * FROM system_users WHERE user_uuid = ?");
|
|
$stmt->bind_param("s", $user_uuid);
|
|
$stmt->execute();
|
|
$result = $stmt->get_result();
|
|
}
|
|
|
|
|
|
if ($result->num_rows == 1) {
|
|
$tokenfound = true;
|
|
$user_data = $result->fetch_assoc();
|
|
} else {
|
|
addLoginAttempts();
|
|
}
|
|
|
|
if (checkLoginAttempts() > 20) {
|
|
header('Location: /login/');
|
|
exit;
|
|
}
|
|
?>
|
|
|
|
<!DOCTYPE html>
|
|
<html data-coreui-theme="dark" lang="en">
|
|
<head>
|
|
<base href="./">
|
|
<meta charset="utf-8">
|
|
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
|
<meta name="viewport" content="width=device-width, initial-scale=1.0, shrink-to-fit=no">
|
|
<meta name="description" content="Sentri - Configure phone configs">
|
|
<meta name="author" content="Marco Mooij">
|
|
<meta name="keyword" content="sentri">
|
|
<title>Sentri | Login</title>
|
|
|
|
<!-- favicon -->
|
|
<link rel="icon" type="image/png" href="/src/images/favicon/favicon-96x96.png" sizes="96x96">
|
|
<link rel="icon" type="image/svg+xml" href="/src/images/favicon/favicon-96x96.png">
|
|
<link rel="shortcut icon" href="/src/images/favicon/favicon.ico">
|
|
<link rel="apple-touch-icon" sizes="180x180" href="/src/images/favicon/apple-touch-icon.png">
|
|
<link rel="manifest" href="/src/images/favicon/site.webmanifest">
|
|
|
|
<link rel="stylesheet" href="css/style.full.css" as="style">
|
|
</head>
|
|
<body>
|
|
<div class="bg-body-tertiary min-vh-100 d-flex flex-row align-items-center">
|
|
<div class="container">
|
|
<div class="row justify-content-center">
|
|
<div class="col-lg-8 col-md-10 col-12 d-flex align-items-center justify-content-center">
|
|
<div class="card-group d-block d-md-flex row">
|
|
<div class="card col-md-7 mb-0">
|
|
<div class="card-body p-3">
|
|
<div class="card-body text-center justify-content-center align-items-center">
|
|
<?php if (isset($_GET['result'])) {
|
|
if ($_GET['result'] == "success") { ?>
|
|
<h1 class="text-center">Password set</h1>
|
|
<p class="text-center">Your password was set successfully. Use the button below to proceed to the login page.</p>
|
|
<hr>
|
|
<a href="/login/" class="btn btn-primary px-4">
|
|
<i class="fa-solid fa-check"></i> Go to login
|
|
</a>
|
|
<?php } elseif ($_GET['result'] == "failed") { ?>
|
|
<h1 class="text-center">Something went wrong</h1>
|
|
<p class="text-center">Something went wrong in changing your password. Please contact support!</p>
|
|
<?php } ?><?php } else { ?>
|
|
<h1 class="text-center">Set Password</h1>
|
|
<p class="text-center">Must be at least 12 characters.</p>
|
|
<hr>
|
|
<form method="post" action="/login/php/setPassword.php">
|
|
<?php if (isset($_GET['token'])) { ?>
|
|
<input type="hidden" name="user_password_reset_token" value="<?php echo $token ?>">
|
|
<?php } elseif (isset($_SESSION['user']['user_uuid'])) { ?>
|
|
<input type="hidden" name="user_uuid" value="<?php echo $user_data['user_uuid'] ?>">
|
|
<?php } ?>
|
|
<label for="password" class="form-label">New Password</label>
|
|
<input type="password" class="form-control" name="password-1" id="password" placeholder="Enter password" required autocomplete="new-password">
|
|
<div id="passwordPolicyError" class="form-text text-danger d-none">Password is too short.</div>
|
|
<br>
|
|
|
|
<div class="mb-3 text-reset">
|
|
<label for="confirmPassword" class="form-label">Confirm Password</label>
|
|
<input type="password" class="form-control" name="password-2" id="confirmPassword" placeholder="Repeat password" required>
|
|
<div id="passwordHelp" class="form-text text-danger d-none">Passwords do not match.</div>
|
|
</div>
|
|
|
|
|
|
<button type="submit" class="btn btn-primary w-100" id="submitBtn" disabled>
|
|
<i class="fa-solid fa-key"></i> Set Password
|
|
</button>
|
|
</form>
|
|
|
|
<?php } ?>
|
|
|
|
</div>
|
|
</div>
|
|
</div>
|
|
<div class="card col-md-5 text-white bg-transparent py-5">
|
|
<div class="card-body text-center pt-5">
|
|
<div>
|
|
<img class="pt-3 w-100 portal-image" alt="portal-image" src="" width="500" height="265">
|
|
</div>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css">
|
|
<script src="/login/js/checkPasswords.js"></script>
|
|
</body>
|
|
</html>
|