Файл: reset.php
Строк: 42
<?php
/**
* reset password
*
* @package Sngine
* @author Zamblek
*/
// fetch kernal
require('kernal.php');
// check user exist
if($userExist) {
header('Location: '.SITE_URL.'/home.php');
}
// check page parameters
if(!isset($_GET['email']) OR $_GET['email'] == ""){
SystemError($translate->__("Invalid Link"), $translate->__("You may have clicked an expired link or mistyped the address."));
}else {
if(!isset($_GET['code']) OR $_GET['code'] == ""){
SystemError($translate->__("Invalid Link"), $translate->__("You may have clicked an expired link or mistyped the address."));
}
}
// page header
PageHeader($translate->__("Reset password"));
$checkQuery = $db->query(sprintf("SELECT * FROM users WHERE UserEmail = %s AND ResetCode = %s AND Reseted = 'Y'", Secure($_GET['email']), Secure($_GET['code']))) or SQLError();
if($checkQuery->num_rows >= 1) {
$getUser = $checkQuery->fetch_array(MYSQL_ASSOC);
if(isset($_POST['submit'])) {
if(!IsEmpty($_POST['password']) && !IsEmpty($_POST['confirm'])) {
if($_POST['password'] == $_POST['confirm']) {
if(strlen($_POST['password']) >= 6) {
// update user
$db->query(sprintf("UPDATE users SET UserPassword = %s, Reseted = 'N' WHERE UserEmail = %s", Secure(md5($_POST['password'])), Secure($_GET['email']) )) or SQLError();
try {
$user->updateLastSign($getUser['UserID']);
$user->setCookies($getUser['UserID'], true);
}catch (Exception $e) {
SystemError("Error", $e->getMessage());
}
header('Location: '.SITE_URL.'/home.php');
}else {
$error = "Your password must be at least 6 characters long. Please try another.";
}
}else {
$error = "Your passwords do not match.";
}
}else {
$error = "You must fill in all of the fields.";
}
}
}else {
SystemError($translate->__("Invalid Link"), $translate->__("You may have clicked an expired link or mistyped the address."));
}
// assign varibles
$smarty->assign('error', $error);
$smarty->assign('email', $_GET['email']);
$smarty->assign('code', $_GET['code']);
// page footer
PageFooter("reset");
?>