79 lines
3.0 KiB
PHP
79 lines
3.0 KiB
PHP
<?php
|
|
require_once 'Header.php';
|
|
require_once 'NoDirectPhpAcess.php';
|
|
require_once "get_mysql_credentials.php";
|
|
|
|
ini_set('display_errors', 0);
|
|
error_reporting(E_ALL);
|
|
|
|
$con = mysqli_connect("localhost", $mysql_username, $mysql_password, "lrr");
|
|
|
|
if (mysqli_connect_errno()) {
|
|
error_log("Database connection failed: " . mysqli_connect_error());
|
|
die("An error occurred. Please try again later.");
|
|
}
|
|
|
|
// Check if user_id is set in the session
|
|
if (!isset($_SESSION['email'])) {
|
|
die("Session expired. Please log in again.");
|
|
}
|
|
|
|
$email = $_SESSION['email'];
|
|
|
|
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
|
|
// Handle password reset
|
|
if (isset($_POST['new_password']) && isset($_POST['confirm_password'])) {
|
|
$new_password = $_POST['new_password'];
|
|
$confirm_password = $_POST['confirm_password'];
|
|
|
|
if (!preg_match('/^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[^\w\d\s]).{8,}$/', $new_password)) {
|
|
echo '<div class="alert alert-danger">Password must be at least 8 characters long and include uppercase and lowercase letters, numbers, and special characters.</div>';
|
|
} elseif ($new_password !== $confirm_password) {
|
|
echo '<div class="alert alert-danger">Passwords do not match. Please try again.</div>';
|
|
} else {
|
|
$hashed_password = password_hash($new_password, PASSWORD_ARGON2ID);
|
|
$user_id = $_SESSION['user_id'];
|
|
|
|
$stmt = $con->prepare("UPDATE users_table SET Password = ? WHERE email = ? AND user_id = ?");
|
|
$stmt->bind_param("sss", $hashed_password, $email, $user_id);
|
|
|
|
if ($stmt->execute()) {
|
|
echo '<div class="alert alert-success">Password reset successfully. You can now log in with your new password.</div>';
|
|
unset($_SESSION['user_id']); // Clear user_id after successful password reset
|
|
header("Location: index.php");
|
|
} else {
|
|
error_log("Error updating password for user ID: $user_id");
|
|
echo '<div class="alert alert-danger">An error occurred. Please try again later.</div>';
|
|
}
|
|
$stmt->close();
|
|
}
|
|
}
|
|
}
|
|
|
|
// Display the reset password form
|
|
echo '
|
|
<br/><br/><br/>
|
|
<div class="container">
|
|
<div class="row">
|
|
<div class="col-md-5"></div>
|
|
<div class="col-md-5">
|
|
<form action="" method="POST" class="">
|
|
<legend>Reset Your Password</legend><br/>
|
|
New Password <label class="form-text">Must include uppercase and lowercase letters, digits and special characters.</label>
|
|
<input type="password" name="new_password" placeholder=" Enter New Password" class="form-control" required>
|
|
<br/>
|
|
Confirm New Password
|
|
<input type="password" name="confirm_password" placeholder="Confirm New Password" class="form-control" required>
|
|
<br/>
|
|
<button id="butt" type="submit" class="btn btn-primary">Reset Password</button>
|
|
</form>
|
|
</div></div></div>
|
|
<style>
|
|
.guideline { display: none;}
|
|
#newPassword:focus + .guideline {display: block;}
|
|
';
|
|
|
|
|
|
mysqli_close($con);
|
|
?>
|