PHP Classes

File: app/modules/users/user_change_password.php

Recommend this page to a friend!
  Classes of Laudir Bispo   PHP Real Estate Website   app/modules/users/user_change_password.php   Download  
File: app/modules/users/user_change_password.php
Role: Example script
Content type: text/plain
Description: Example script
Class: PHP Real Estate Website
Manage the properties of a real estate business
Author: By
Last change:
Date: 3 years ago
Size: 4,637 bytes
 

Contents

Class file image Download
<?php
require_once ($_SERVER['DOCUMENT_ROOT'].'/config/config.php');
session_name(SESSION_NAME);
session_start();
header('Content-Type: application/json');
require_once ($_SERVER['DOCUMENT_ROOT'].'/config/autoload.php');
require_once ($_SERVER['DOCUMENT_ROOT'].'/config/public_functions.php');
require_once ($_SERVER['DOCUMENT_ROOT'].'/app/controls/adminFunctions.php');

use config\connect_db;
use app\controls\blowfish_crypt;
use app\controls\activityRecord;

$crypt = new blowfish_crypt;

if( !isset($_POST['form-token']) or $_POST['form-token'] != $_SESSION['secret_form_token'] )
{
     $response = array(
        'status' => 'error',
        'message' => 'A origem de alguns dados nos parece duvidosa! Por isso bloqueamos está ação.',
        'link' => '',
      );
     die(json_encode($response));
}

//****************************************************************************
$con_db = new config\connect_db();
$con = $con_db->connect();

$pass_db = $con->prepare("SELECT password FROM sec_users WHERE id = ?");
$pass_db->bind_param('s', $_SESSION['user_id']);
$pass_db->execute();
$pass_db->store_result();
$pass_db->bind_result($old_pass);
$pass_db->fetch();
$rows = $pass_db->num_rows;
$pass_db->free_result();
$pass_db->close();

if( empty($_POST['user-password-current']) or !isset($_POST['user-password-current']) )
{
    $response = array(
        'status' => 'warning',
        'message' => 'Por favor, informe sua senha atual para continuar.',
        'link' => '',
     );
     die(json_encode($response));
}

if( $crypt->check($_POST['user-password-current'], $old_pass) === false )
{
    $response = array(
        'status' => 'warning',
        'message' => 'A senha informada está incorreta.',
        'link' => '',
     );
     die(json_encode($response));
}

if( $crypt->check($_POST['user-password'], $old_pass) === true )
{
    $response = array(
        'status' => 'warning',
        'message' => 'A nova senha é a mesma que a atual! Escolha outra senha para continuar.',
        'link' => '',
     );
     die(json_encode($response));
}

if( empty($_POST['user-password']) or !isset($_POST['user-password']) )
{
    $response = array(
        'status' => 'warning',
        'message' => 'Por favor, digite uma nova senha ou clique em gerar senha.',
        'link' => '',
     );
     die(json_encode($response));
}
else
{
    $user_password = filterString($_POST['user-password'], 'CHAR');
}

//--------------------------------------------------------------------------

if( empty($_POST['user-confirm-password']) or !isset($_POST['user-confirm-password']) )
{
    $response = array(
        'status' => 'warning',
        'message' => 'Por favor, confirme a senha.',
        'link' => '',
     );
     die(json_encode($response));
}
else
{
    $user_confirm_password = filterString($_POST['user-confirm-password'], 'CHAR');
}

//--------------------------------------------------------------------------

if( $_POST['user-password'] !== $_POST['user-confirm-password'] )
{
    $response = array(
        'status' => 'error',
        'message' => 'As senhas digitadas não são iguais.',
        'link' => '',
     );
     die(json_encode($response));
}

//--------------------------------------------------------------------------

$pattern_password = '/(?=.*[A-Z])(?=.*[a-z])(?=.*[0-9])(?=.*[^a-zA-Z0-9]).{8,16}/';

if( !preg_match($pattern_password, $user_password) )
{
    $response = array(
        'status' => 'error',
        'message' => 'A senha não satisfaz os requisitos necessários.',
        'link' => '',
     );
     die(json_encode($response));
}


$password = $crypt->generateHash($user_password);

$update_password = $con->prepare(" UPDATE sec_users SET password = ?, last_change_password = ? WHERE id = ?");
$update_password->bind_param('ssi', $password, $date_time, $_SESSION['user_id']);
$update_password->execute();
$update_password->store_result();
$affected_rows = $update_password->affected_rows;
$update_password->free_result();
$update_password->close();

if($update_password )
{
    $register_activity = new activityRecord();
    $register_activity->record ($_SESSION['user_id'], 'private', 'change-password', 'alterou a senha de login', null);
    $response = array(
        'status' => 'success',
        'message' => 'Senha alterada',
        'link' => '',
     );
     die(json_encode($response));
}
else
{
    $response = array(
        'status' => 'error',
        'message' => 'Não foi possível atualizar sua senha. Tente novamente mais tarde.',
        'link' => '',
     );
     die(json_encode($response));
}

?>