One Hat Cyber Team
Your IP :
172.16.0.254
Server IP :
58.26.163.33
Server :
Windows NT DGPENSV2LPKMN 10.0 build 14393 (Windows Server 2016) AMD64
Server Software :
Apache/2.4.46 (Win64) OpenSSL/1.1.1h PHP/7.3.25
PHP Version :
7.3.25
Buat File
|
Buat Folder
Eksekusi
Dir :
C:
/
xampp7
/
htdocs
/
edgpens
/
View File Name :
account_recovery.php
<?php if(empty($page)){ include("access2.php"); } ?> <script type="text/javascript"> $(document).ready(function(){ $.testme = function(x,y){ var typ = ''; if(x == '1') typ = "success"; else if(x == '2') typ = "warning"; else typ = "danger"; $.bootstrapGrowl('<h4><strong>Notification</strong></h4> <p>'+y+'</p>', { type: typ, delay: 3000, allow_dismiss: true, offset: {from: 'top', amount: 20} }); }; }); </script> <?php growl_me($_SESSION,$g_success); use League\OAuth2\Client\Provider\Google; use PHPMailer\PHPMailer\PHPMailer; use PHPMailer\PHPMailer\Exception; use PHPMailer\PHPMailer\SMTP; use PHPMailer\PHPMailer\OAuth; require './vendor/autoload.php'; $success = 0; if($_POST): $email = $_POST['user-email']; $mail = new PHPMailer(true); $sql = "SELECT a.* FROM user_list a WHERE 1 AND emailUser = '$email'"; $param_data = array( "emailUser" => $email ); $data = mysqli_prepare_all($sql,$param_type = "auto",$param_data); $usr = $data->fetch_assoc(); $table = "user_list"; $flag = ""; if(empty($usr)){ $flag = "AND flagUser=2"; $sql = "SELECT a.* FROM user_register a WHERE 1 AND emailUser = ? {$flag}"; $param_data = array( "emailUser" => $email ); $data = mysqli_prepare_all($sql,$param_type = "auto",$param_data); $usr = $data->fetch_assoc(); $table = "user_register"; } if(empty($usr)) goto skipsend; try { ob_start(); $token = md5($email.date("dmyh:i:s")); $stmt = $mysqli->stmt_init(); $stmt->prepare("UPDATE {$table} SET recovery_token = ?, recovery_exp = ADDTIME(NOW(), '00:30:00') WHERE emailUser = ? {$flag}"); $stmt->bind_param("ss",$token,$email); $stmt->execute(); $stmt->close(); $sql = "SELECT `a`.`text`,b.* FROM kod_template a JOIN utiliti_email b WHERE 1 AND a.kod = 'E01'"; $param_data = array(); $datax = mysqli_prepare_all($sql,$param_type = "auto",$param_data); $template_text = $datax->fetch_assoc(); $url = $conf_fullweblink; $find = array( "%url%", "%token%", "%year%", "%templatename%"); $replace = array( $url, $token, date("Y"), $template['name'].' '.$template['version']); echo str_replace($find,$replace,$template_text['text']); // include('recover_msg.php'); $fileValue = ob_get_contents(); ob_end_clean(); //Server settings // $mail->SMTPDebug = SMTP::DEBUG_SERVER; // Enable verbose debug output $mail->isSMTP(); // Send using SMTP $mail->SMTPOptions = array('ssl' => array('verify_peer_name' => false)); $mail->Host = gethostbyname($template_text['host']); $mail->SMTPAuth = $template_text['smtpauth']; $mail->SMTPSecure = $template_text['smtpsecure']; $mail->Port = $template_text['port']; $mail->Username = $template_text['username']; $mail->Password = $template_text['upass']; // $mail->AuthType = 'XOAUTH2'; // $oauthUserEmail = $template_text['username']; // $clientId = $template_text['cid']; // $clientSecret = $template_text['csecret']; // $refreshToken = $template_text['ctoken']; // $provider = new Google( // [ // 'clientId' => $clientId, // 'clientSecret' => $clientSecret, // ] // ); // $mail->setOAuth( // new OAuth( // [ // 'provider' => $provider, // 'clientId' => $clientId, // 'clientSecret' => $clientSecret, // 'refreshToken' => $refreshToken, // 'userName' => $oauthUserEmail, // ] // ) // ); //Recipients $mail->setFrom($template_text['setfrom1'],$template_text['setfrom2']); // $mail->addAddress('joe@example.net', 'Joe User'); // Add a recipient $mail->addAddress($email); // Name is optional // $mail->addReplyTo('info@example.com', 'Information'); // $mail->addCC('cc@example.com'); // $mail->addBCC('bcc@example.com'); // Attachments // $mail->addAttachment('/var/tmp/file.tar.gz'); // Add attachments // $mail->addAttachment('/tmp/image.jpg', 'new.jpg'); // Optional name // Content $mail->isHTML(true); // Set email format to HTML $mail->Subject = 'Account Recovery'; $mail->Body = $fileValue; $mail->AltBody = 'This is the body in plain text for non-HTML mail clients'; $mail->send(); echo 'Message has been sent'; } catch (Exception $e) { echo "Message could not be sent. Mailer Error: {$mail->ErrorInfo}"; } // include "recover_msg.php"; // exit(); skipsend: $_SESSION['success'] = 1; $_SESSION['success_msg'] = "Account recovery email has been sent."; echo "<script>window.location.replace('index.php?page=account_recovery&success=1');</script>"; exit(); endif; // if() ?> <div id="page-content"> <div class="row"> <div class="col-sm-12"> <div class="widget-image widget-image-xs"> <img src="img/lpkmn/bg.jpg" alt="image"> <div class="widget-image-content"> <div class="pull-right text-light-op"> <strong> <form id="form-login" method="post" action="login.php" class="form-inline" style="vertical-align: top"> <div class="row" style="vertical-align: top;margin-bottom: 0px;text-align: right"> <div class="col-md-12"> <i><a style="cursor: pointer;color: #CCC;" href="index.php?page=company_search">Agent Registration</a></i> || <i><a style="cursor: pointer;color: #CCC;" href="index.php?page=account_recovery">Forgot Password</a></i> </div> </div> <hr style="margin: 3px"> <div class="form-group" style="vertical-align: top;margin-bottom: 1px"> <div class="col-md-12 nopadding"> <input type="text" id="login-user" name="login-user" class="form-control" placeholder="Your email.."> </div> </div> <div class="form-group" style="vertical-align: top;margin-bottom: 1px"> <div class="col-md-12 nopadding"> <input type="password" id="login-password" name="login-password" class="form-control" placeholder="Your password.."> </div> </div> <div class="form-group form-actions" style="text-align:right;vertical-align: top;margin-bottom: 1px"> <div class="col-md-12 nopadding"> <button type="submit" class="btn btn-effect-ripple btn-sm btn-primary" style="margin-top: 3px"><i class="fa fa-unlock-alt"></i> Login</button> </div> </div> </form> </strong> </div> <h2 class="widget-heading text-light"><strong>eDGPENS LPKMn</strong></h2> <h3 class="widget-heading text-light-op">Lembaga Pelabuhan Kemaman</h3> </div> </div> </div> </div> <!-- Login Container --> <div id="login-container" style="position: relative;top:20px"> <!-- Login Block --> <div class="row"> <div class="col-md-12"> <div class="block animation-fadeInQuickInv"> <!-- Login Title --> <div class="block-title"> <h2>Account Recovery</h2> </div> <!-- END Login Title --> <!-- Login Form --> <form id="form-recover" method="post" class="form-bordered"> <div class="form-group"> <label for="example-nf-email">Email</label> <input type="email" id="user-email" name="user-email" required class="form-control"> <span class="help-block">Please enter your email</span> </div> <div class="form-group form-actions"> <button type="submit" class="btn btn-effect-ripple btn-sm btn-primary btn-block"><i class="fa fa-check"></i> Send Recovery Password</button> </div> </form> <!-- END Login Form --> </div> <!-- END Login Block --> <!-- Footer --> <footer class="text-muted text-center animation-pullUp"> <small><span id="year-copy"></span> © <a href="login.php" target="_self"><?php echo $template['name'] . ' ' . $template['version']; ?></a></small> </footer> <!-- END Footer --> </div></div> </div> </div> <!-- END Login Container --> <?php // include 'inc/template_scripts.php'; ?> <!-- Load and execute javascript code used only in this page --> <script src="js/pages/readyLogin.js"></script> <script>$(function(){ ReadyLogin.init(); });</script> <script type="text/javascript"> $(document).ready(function(){ $("#form-recover").on("submit",function(){ $(".preloader").show(); setTimeout(function() {return true;}, 100); }); }); </script>