Файл: upload/pages/auth/recovery/recover_change_password.php
Строк: 21
<?php
require_once ($_SERVER['DOCUMENT_ROOT'] . '/core/core.php');
if (isset($user['id'])) {
RedirectToPage('/');
exit();
}
if (!isset($_SESSION['verified_email'])) {
header('Location: ' . homeLink() . '/check-recover-code');
exit;
}
if ($_SERVER["REQUEST_METHOD"] === "POST") {
check_csrf();
$newPassword = trim($_POST['new_password']);
$confirmPassword = trim($_POST['confirm_password']);
if ($newPassword !== $confirmPassword) {
showAlert('Ошибка', 'fail', 'Новые пароли не совпадают. Попробуйте снова.');
ReloadPage();
}
// смена пароля
$salt = genRandomString(15);
dbquery("UPDATE users SET pass = ?, salt = ? WHERE email = ?", [
CryptorPass($newPassword, $salt),
$salt,
$_SESSION['verified_email']
]);
dbquery("DELETE FROM recover_user WHERE email = ?", [$_SESSION['verified_email']]);
unset($_SESSION['verified_email']);
RedirectToPage('/recovery-success');
exit;
}
// форма смены пароля
$page_html = $view->render('pages/auth/recovery/password_change.html', [
'csrf' => $_SESSION['csrf_token'],
'home' => homeLink(),
'templ_home' => TemplateLink($theme)
]);
require_once ($_SERVER['DOCUMENT_ROOT'] . '/layout.php');
?>