-
Notifications
You must be signed in to change notification settings - Fork 1
/
resetpassword.php
52 lines (50 loc) · 2.55 KB
/
resetpassword.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
<?php
require_once('../mysqlaccess.php');
if(isset($_POST["selector"], $_POST["token"], $_POST["password"])) {
try {
$auth->resetPassword($_POST['selector'], $_POST['token'], $_POST['password']);
// password has been reset
echo "OK";
}
catch (\Delight\Auth\InvalidSelectorTokenPairException $e) {
// invalid token
echo "Invalid token. Try another <a href='/forgetpassword.php'>password reset request.</a>";
}
catch (\Delight\Auth\TokenExpiredException $e) {
// token expired
echo "Your token has expired. Try another <a href='/forgetpassword.php'>password reset request.</a>.";
}
catch (\Delight\Auth\InvalidPasswordException $e) {
// invalid password
echo "Invalid password";
}
catch (\Delight\Auth\TooManyRequestsException $e) {
// too many requests
echo "Too many requests";
}
die();
}
try {
$auth->forgotPassword($_POST['email'], function ($selector, $token) {
// send `$selector` and `$token` to the user (e.g. via email)
$url = 'https://poxbrain.jch.ooo/forgetpassword.php?selector='.urlencode($selector).'&token='.urlencode($token);
$headers = 'From: no-reply@poxbrain.jch.ooo' . "\r\n" .
'Reply-To: no-reply@poxbrain.jch.ooo' . "\r\n" .
'X-Mailer: PHP/' . phpversion();
mail($_POST["email"], "PoxBrain Password Reset Request", "Someone entered in this email as a request to reset the password of this account. If this was you, click here to reset your password: ".$url."\n\nIf you did not request this email, you can safely ignore it.\n\nNote: This email is sent from an unmonitored inbox. Replies are not tracked. If you wish to reply, feel free to post a message on the PoxBrain poxnora thead located at: http://forums.poxnora.com/index.php?threads/poxbrain-beta.26292/", $headers);
});
// request has been generated
echo "OK";
}
catch (\Delight\Auth\InvalidEmailException $e) {
// invalid email address
echo "No such email address was found in the system";
}
catch (\Delight\Auth\EmailNotVerifiedException $e) {
// email not verified
echo "Email wasn't verified. Try <a href='email_confirmation.php'>resending the confirmation email</a>.";
}
catch (\Delight\Auth\TooManyRequestsException $e) {
// too many requests
echo "Too many requests. Try again later.";
}