-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathprocess_recover.php
320 lines (266 loc) · 7.59 KB
/
process_recover.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
<?php
function check_email()
{
$email = filter_input(INPUT_POST, 'email', FILTER_SANITIZE_EMAIL);
if (is_null($email) || !$email)
{
set_message("error", "Please enter your registered email address");
return false;
}
// get user details or false if not found
$user = getUserFromEmail($email);
if (!$user)
{
set_message("error", "Sorry, that email address is not registered");
return false;
}
// generate reset code
$token = set_recover_pwd_token($user['id']);
if (!$token)
{
set_message("error", "Sorry, there was a system problem. Please wait while we sort it out. The email should arrive shortly.");
return false;
}
// email user reset code
$expires = time() + PWD_RESET_LIFETIME;
$send_email = send_recover_email($user, $token, $expires);
if (!$send_email)
{
set_message("error", "Sorry, there was a system problem. Please wait while we sort it out. The email should arrive shortly.");
return false;
}
return true;
}
function validate_recover_code_link()
{
$invalid_token_msg = "Sorry, your token appears to be invalid. Please contact support for help.";
$invalide_link_msg = "Sorry, there appeared to be a problem with validating your password reset link. Please enter the code manually below or contact support. Thanks.";
if (!isset($_GET['t']) || !isset($_GET['u'])
|| !ctype_alnum($_GET['t']) || !ctype_digit($_GET['u']))
{
set_message("error", $invalide_link_msg);
return false;
}
$token = mysql_real_escape_string($_GET['t']);
$userid = (int)$_GET['u'];
$sql = "SELECT userid, token, timeout
FROM pwd_reset
WHERE userid = $userid
AND token = '$token'";
$result = mysql_query($sql);
if (!$result)
{
handle_db_error($result, $sql);
set_log('Retrieving password reset token failed!');
set_message("error", $invalide_link_msg);
return false;
}
if (mysql_num_rows($result) > 0)
{
// fetch user details
$resetdata = mysql_fetch_assoc($result);
// Check if token expired
if (time() > (int)$resetdata['timeout'])
{
// Delete expired recover entry
$userid = (int)$resetdata['userid'];
delete_recover_pwd_token($userid, $token);
return 2;
}
else
{
$user = getuserdetails($resetdata['userid']);
$_SESSION['recoveruser'] = $user['username'];
$_SESSION['recoverid'] = $user['id'];
$_SESSION['recovertoken'] = $token;
return true;
}
}
else
{
set_message("error", $invalid_token_msg);
return false;
}
}
function validate_recover_code()
{
$invalid_token_msg = "Sorry, your reset code appears to be invalid. Please contact support for help.";
$invalide_link_msg = "Sorry, there appeared to be a problem with validating your reset code. Please enter the code manually below or contact support. Thanks.";
$token = filter_input( INPUT_POST, 'reset-code', FILTER_SANITIZE_STRING);
if (is_null($token))
{
set_message("error", "Please enter the token you were emailed");
return false;
}
elseif (!$token)
{
set_message("error", $invalid_token_msg);
return false;
}
$sql = "SELECT userid, token, timeout
FROM pwd_reset
WHERE token = '$token'";
$result = mysql_query($sql);
if (!$result)
{
handle_db_error($result, $sql);
set_log('Retrieving password reset token failed!');
set_message("error", $invalide_link_msg);
return false;
}
if (mysql_num_rows($result) > 0)
{
// fetch user details
$resetdata = mysql_fetch_assoc($result);
// Check if token expired
if (time() > (int)$resetdata['timeout'])
{
// Delete expired recover entry
$userid = (int)$resetdata['userid'];
delete_recover_pwd_token($userid, $token);
return 2;
}
else
{
$user = getuserdetails($resetdata['userid']);
$_SESSION['recoveruser'] = $user['username'];
$_SESSION['recoverid'] = $user['id'];
$_SESSION['recovertoken'] = $token;
return true;
}
}
else
{
set_message("error", $invalid_token_msg);
return false;
}
}
function reset_user_password()
{
if (!isset($_SESSION['recoverid']) || !isset($_SESSION['recovertoken']))
{
set_log(__FUNCTION__." Session variables userid and token not set");
$msg = "There was a system problem. Your password could not be reset at this time. Please try again later or contact support.";
set_message("error", $msg);
return false;
}
if (empty($_POST['pass']) || empty($_POST['pass2']))
{
$msg = "You did not complete the required fields";
set_message("error", $msg);
return false;
}
if ($_POST['pass'] != $_POST['pass2'])
{
$msg = "Your passwords must match.";
set_message("error", $msg);
return false;
}
$userid = (int)$_SESSION['recoverid'];
$token = $_SESSION['recovertoken'];
$password = GetEscapedPostParam('pass');
//$password = encryptPWD($password);
$password = encryptUserPassword($password);
$sql = "UPDATE users
SET password = '$password'
WHERE id = $userid";
$reset_pwd = mysql_query($sql);
if (!$reset_pwd)
{
handle_db_error($reset_pwd, $sql);
$msg = "Sorry there was a system error. Please try again.";
set_message("error", $msg);
return false;
}
// Delete table entry
delete_recover_pwd_token($userid, $token);
unset($_SESSION['recoverid']);
unset($_SESSION['recovertoken']);
unset($_SESSION['recoveruser']);
// log user in
$_SESSION[USER_LOGIN_ID] = $userid;
$_SESSION[USER_LOGIN_MODE] = 'VGA';
// Log time
setlogintime($userid);
$user = getuserdetails($userid);
return $user;
}
function get_recover_pwd_token($userid, $token)
{
$sql = "SELECT userid, token, timeout
FROM pwd_reset
WHERE userid = $userid
AND token = '$token'";
$result = mysql_query($sql);
if (!$result)
{
handle_db_error($result, $sql);
return false;
}
if (mysql_num_rows($result) > 0)
{
$resetdata = mysql_fetch_assoc($result);
return $resetdata;
}
else
{
return false;
}
}
function set_recover_pwd_token($userid)
{
$token = gen_uuid();
set_log("set_recover_pwd_token called... token = $token");
$expire = time() + PWD_RESET_LIFETIME;
$sql = "INSERT INTO pwd_reset (userid, token, timeout)
VALUES ($userid, '$token', $expire)";
$addpwdresetrequest = mysql_query($sql);
if ($addpwdresetrequest)
{
return $token;
}
else
{
handle_db_error($addpwdresetrequest, $sql);
return false;
}
}
function delete_recover_pwd_token($userid, $token)
{
$sql = "DELETE FROM pwd_reset
WHERE userid = $userid
AND token = '$token'";
if (!mysql_query($sql))
{
db_error(__FUNCTION__ . " SQL: " . $sql);
return false;
}
else
{
return true;
}
}
function send_recover_email($user, $token, $expires)
{
$subject = "You requested a new Vilfredo password";
$to = $user['username'] . " <" . $user['email'] . ">";
$domain = SITE_DOMAIN;
$expiredate = date(DateTime::RFC850 , $expires);
$message = <<<_HTML_
Hi {$user['username']},
You recently asked to reset your Vilfredo password. To complete your request, please follow this link:
$domain/recover.php?t=$token&u={$user['id']}
Alternately, you may go to $domain/recover.php and enter the following password reset code:
$token
This code will expire on $expiredate, at which time you will need to make another request.
Thanks,
Vilfredo
_HTML_;
// wrap message to required 70 char width
$message = wordwrap($message, 70, "\n", false);
file_put_contents($subject.'.txt', $message);
//return true;
// return true or false
return @mail($to, $subject, $message);
}
?>