-
Notifications
You must be signed in to change notification settings - Fork 0
/
forgotpw.php
72 lines (59 loc) · 2.26 KB
/
forgotpw.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
<?php
if ($_SERVER["REQUEST_METHOD"] == "POST") {
header("Content-Type: application/json");
// check captcha
$curl = curl_init();
curl_setopt($curl, CURLOPT_POST, 1);
curl_setopt($curl, CURLOPT_POSTFIELDS, [
"secret" => "6LeL1ZAqAAAAAMjXaJT0nqSrJ_qn7xSqsFrO1JBg",
"response" => $_POST["g-recaptcha-response"]
]);
curl_setopt($curl, CURLOPT_URL, "https://www.google.com/recaptcha/api/siteverify");
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
$result = json_decode(curl_exec($curl), true);
curl_close($curl);
if (!$result["success"]) die('{"status": "captcha"}');
$username = $_POST["forgot-username"];
$email = $_POST["forgot-email"];
// get users
$users = json_decode(file_get_contents("content/users.json"), true);
// check if user exists
if (isset($users[$username]) && $users[$username]["email"] === $email) {
// send the email
$to = $email;
$subject = "Account Password Reset";
$message = "
Hey " . $users[$username]["first"] . ",\n
You recently requested to reset your password. Please follow the below link to reset your password:\n" .
"https://hhsprogramming.com/resetpw?reset-token=" . sha1($username . "-CONNECT-" . $users[$username]["password"]) .
"\n- HHS Programming";
$headers = "From: HHS Programming <[email protected]>";
mail($to, $subject, $message, $headers);
exit('{"status": "success"}');
}
// header("Location: /");
die('{"status": "invalid"}');
}
$pagetitle = 'Forgot Password';
$pagedescription = 'Reset your password';
include('includes/header.php');
?>
<center>
<form id="forgot-form" method="post">
<div class="row login-input">
<label><i class="fa fa-user fa-fw"></i></label>
<input type="text" id="forgot-username" name="forgot-username" placeholder="Username">
</div>
<div class="row login-input">
<label><i class="fa fa-envelope fa-fw"></i></label>
<input type="text" id="forgot-email" name="forgot-email" placeholder="Email">
</div>
<div class="row login-input">
<div class="g-recaptcha" data-sitekey="6LeL1ZAqAAAAANiwZLVAJ2-O0zT6oKL1ruS6vMvh"></div>
</div>
<input type="submit" class="one btn" value="Send Reset Link">
</form>
</center>
<script src="/js/forgotpw.js"></script>
<script src="https://www.google.com/recaptcha/api.js" async defer></script>
<?php include('includes/footer.php'); ?>