<?php
session_start();
require_once('./config.php');
// $t=time();
if(isset($_GET['action'])&&$_GET['action']=="ask"){
$idvalidation=md5(str_shuffle('abcdefghijklmopqrstuvwxyzzzzz0123456789'));
$req=$bdd->prepare('UPDATE users SET idvalidation=:idvalidation WHERE mail=:mail');
$req->execute(array('idvalidation'=>$idvalidation,'mail'=>$_POST['mail']));
$req->CloseCursor();
$email = $_POST['mail'];
$message = 'Hi<br>
This is your password reset link<a href="http://www.monsite.fr/forgetpassword.php?id="'.$idvalidation.'"&action=reset >click here</a>.';
$destinataire = $email;
$objet = "Reset password on MonSite.fr" ;
$headers = 'MIME-Version: 1.0' . "\r\n";
$headers .= 'Content-type: text/html; charset=iso-8859-
1' . "\r\n";
$headers .= 'From: monsite@monsite.fr' . "\r\n";
if ( mail($destinataire, $objet, $message, $headers)){
echo "mail successfully sent";
}else{
return 'mail failed to be sent';
}
}elseif(isset($_GET['action'])&&$_GET['action']=="reset"&&!empty($_POST['password'])){
$query=$bdd->prepare('SELECT user_id FROM users WHERE idvalidation=:id');//get the id
$query->bindValue(':id',$_POST['id'],PDO::PARAM_INT);
$query->execute();
$id=$query->fetch();
// echo $id;
$query->CloseCursor();
$req=$bdd->prepare('UPDATE users SET password=:password,idvalidation=:idvalidation WHERE user_id=:id');
$req->execute(array('password'=>md5($_POST['password']),'idvalidation'=>'0','id'=>$id['user_id']));
$req->CloseCursor();
echo'Password reset';
}else{
return 'mail failed to be sent';
}
?>
|
Download
