One Hat Cyber Team

View File Name : reset_password.php

<?php if(empty($page)){ include("access2.php"); } ?>

<script type="text/javascript" src="custom.js"></script>
<script type="text/javascript">
$(document).ready(function(){
	$.testme = function(x,y){

		var typ = '';

		if(x == '1')
			typ = "success";
		else if(x == '2')
			typ = "warning";
		else
			typ = "danger";

		$.bootstrapGrowl('<h4><strong>Notification</strong></h4> <p>'+y+'</p>', {
		type: typ,
		delay: 3000,
		allow_dismiss: true,
		offset: {from: 'top', amount: 20}
		});

	};
});
</script>
<?php 
	
	growl_me($_SESSION,$g_success);

	$success 	= 0;
	$token 		= $_GET['token'];
	$has_succ 	= $_GET['success'];

	if($_POST):

		$sql 	= "SELECT a.* FROM user_list a WHERE 1 AND a.recovery_token = ? AND a.recovery_exp >= now()";
		$param_data 	= array(
							"token" 	=> $token
						 	);
		$data 	= mysqli_prepare_all($sql,$param_type = "auto",$param_data);
		$usr 	= $data->fetch_assoc();
		$chk 	= $usr['recovery_token'];
		$idUser = $usr['idUser'];
		$table 	= "user_list";
		$usertype 	= 1;

		if(empty($chk)){
			$sql 	= "SELECT a.* FROM user_register a WHERE 1 AND a.recovery_token = ? AND a.recovery_exp >= now()";
			$param_data 	= array(
								"token" 	=> $token
							 	);
			$data 	= mysqli_prepare_all($sql,$param_type = "auto",$param_data);
			$usr 	= $data->fetch_assoc();
			$chk 	= $usr['recovery_token'];
			$idUser = $usr['idUser'];
			$table 	= "user_register";
			$usertype 	= 2;
		}

		if(!empty($chk)){
			$sql 	 		= "	UPDATE 
									{$table} 
								SET 
									passwordUser 	= ?,
									recovery_token 	= ''
								WHERE 
									recovery_token 	= ?
								";
			$param_type 	= "ss";
			$param_data 	= array(
								"passwordUser" 		=> md5($_POST['val-password']),
								"recovery_token" 	=> $token
							 	);
			$data 		= mysqli_prepare_audit($sql,$param_type,$param_data,"Password Reset By Recovery Token");

			// $msg 		= "RECORD UPDATED!";

			$success 	= 1;
			$_SESSION['success'] 		= $success;
			$_SESSION['success_msg'] 	= "Password successfully changed.";

			log_attempts($idUser,$usertype,2);
		}else{
			$success 	= 3;
			$_SESSION['success'] 		= $success;
			$_SESSION['success_msg'] 	= "Token expired / Doesn't Exits.";
		}


		echo "<script>window.location.replace('index.php?page=reset_password&success={$success}');</script>";
		exit();

	endif;

	// if()
?>

<div id="page-content">

	<div class="row">
		<div class="col-sm-12">
			<div class="widget-image widget-image-xs">
				<img src="img/lpkmn/bg.jpg" alt="image">
				<div class="widget-image-content">
					<div class="pull-right text-light-op">
					<strong>
					<form id="form-login" method="post" action="login.php" class="form-inline" style="vertical-align: top">
						<div class="row" style="vertical-align: top;margin-bottom: 0px;text-align: right">
							<div class="col-md-12">
								<i><a style="cursor: pointer;color: #CCC;" href="index.php?page=account_recovery">Register</a></i>
								&nbsp;||&nbsp;
								<i><a style="cursor: pointer;color: #CCC;" href="index.php?page=account_recovery">Forgot Password</a></i>
							</div>
						</div>
								<hr style="margin: 3px">
						<div class="form-group" style="vertical-align: top;margin-bottom: 1px">
								<div class="col-md-12 nopadding">
								<input type="text" id="login-user" name="login-user" class="form-control" placeholder="Your email..">
								</div>
						</div>
						<div class="form-group" style="vertical-align: top;margin-bottom: 1px">
								<div class="col-md-12 nopadding">
								<input type="password" id="login-password" name="login-password" class="form-control" placeholder="Your password..">
								</div>
						</div>
						<div class="form-group form-actions" style="text-align:right;vertical-align: top;margin-bottom: 1px">
							<div class="col-md-12 nopadding">
								<button type="submit" class="btn btn-effect-ripple btn-sm btn-primary" style="margin-top: 3px"><i class="fa fa-unlock-alt"></i> Login</button>
							</div>
						</div>
						
					</form>					 
					</strong>
					</div>
					<h2 class="widget-heading text-light"><strong>eDGPENS LPKMn</strong></h2>
					<h3 class="widget-heading text-light-op">Lembaga Pelabuhan Kemaman</h3>
				</div>
			</div>
		</div>
	</div>


<!-- [QUERY_STRING] -->

<?php 

	$sql 			= "SELECT a.* FROM user_list a WHERE 1 AND a.recovery_token = ? AND a.recovery_exp >= now()";
	$param_data 	= array(
						"recovery_token" 	=> $token
					 	);
	$data 	= mysqli_prepare_all($sql,$param_type = "auto",$param_data);
	$usr 	= $data->fetch_assoc();
	$chk 	= $usr['recovery_token'];

	if(empty($chk)){
		$sql 			= "SELECT a.* FROM user_register a WHERE 1 AND a.recovery_token = ? AND a.recovery_exp >= now()";
		$param_data 	= array(
							"recovery_token" 	=> $token
						 	);
		$data 	= mysqli_prepare_all($sql,$param_type = "auto",$param_data);
		$usr 	= $data->fetch_assoc();
		$chk 	= $usr['recovery_token'];
	}

	if(!empty($chk) && !empty($token)){

?>

<!-- Login Container -->
<div id="container" style="position: relative;top:20px">
	<!-- Login Block -->
	<div class="row">
		<div class="col-lg-6 col-lg-offset-3 col-md-12" >
	<div class="block animation-fadeInQuickInv">
		<!-- Login Title -->
		<div class="block-title">
			<h2>Change Your Password</h2>
		</div>
		<!-- END Login Title -->

		<!-- Login Form -->
					<form class="form-horizontal form-bordered" id="form-validation" method="post">

							<div class="form-group">
							    <label class="col-md-3 control-label" for="val-password">Password <span class="text-danger">*</span></label>
							    <div class="col-md-7">
							        <input type="password" id="val-password" name="val-password" class="form-control validation" data-validation="password1" placeholder="Choose a good one..">
							    </div>
							</div>

							<div class="form-group">
							    <label class="col-md-3 control-label" for="val-confirm-password">Confirm Password <span class="text-danger">*</span></label>
							    <div class="col-md-7">
							        <input type="password" id="val-confirm-password" name="val-confirm-password" class="form-control validation" data-validation="password2" placeholder="..and confirm it to be safe!">
							    </div>
							</div>


							<div class="form-group form-actions">
								<div class="col-md-7 col-md-offset-3">
									<button type="submit" class="btn btn-effect-ripple btn-primary">Submit</button>
								</div>
							</div>					

						<input type="hidden" name="type_submit" value="edit">

					</form>
			</div>
		</div>
	</div>
</div>
		
		<script src="js/pages/formsValidation.js"></script>
        <script type="text/javascript">
        $(document).ready(function(){

			$("#form-validation").setvalidation("");
			$("#form-validation > [name='type_submit']").val("edit");

			$("#val-password").on("trigger_me",function(e){

				var trgt    = $(this);

				if(trgt.val().length >= 8){

					var numbers =  /^[0-9]+$/i;
					var letters =  /^[a-zA-Z]+$/i;
					var result  = false;
					var valid   = false;

					if(letters.test(trgt.val()))
						result  = true;

					if(numbers.test(trgt.val()))
						result  = true;

					trgt.parent().find(".help-block2").remove();

					if(result){
						trgt.after("<div id=\"val-password-error\" class=\"help-block2 \" style='margin-top:8px;font-weight:400;font-style:italic;color: #de815c'>Your password must be at least 8 characters long and must not contain all numbers or characters</div>");
						trgt.closest(".form-group").addClass("has-error2");
						return false;
					}else{
						trgt.parent().find(".help-block2").remove();
						trgt.closest(".form-group").removeClass("has-error2");
					}

				}else{
					trgt.parent().find(".help-block2").remove();
					trgt.closest(".form-group").removeClass("has-error2");
				}


			});

			$("#val-password").on("keyup",function(e){
				$(this).trigger("trigger_me");
			});


        });

        </script>



</div>
<?php 
	}else{ ?>
<!-- Login Container -->
<div id="container" style="position: relative;top:20px">
	<!-- Login Block -->
	<div class="row">
		<div class="col-lg-6 col-lg-offset-3 col-md-12" >
		<div class="block animation-fadeInQuickInv">
			<!-- Login Title -->
			<div class="block-title">
				<h2>Change Your Password</h2>
			</div>
			<?php if($has_succ !== '1'){ ?>
			<div class="alert alert-danger">
				<div class="widget-content themed-backgroundx-passion text-left clearfix">
				    <i class="pull-left fa fa-warning" style="font-size: 55pt"></i>
				    <h4 class="widget-heading text-light">Token Has Expired / Not Valid.</h4>
				    <h4 class="widget-heading text-light-op">Request Again To Proceed <a style="color:white;font-weight:bold" href="index.php?page=account_recovery" target="_self">Here</a></h4>
				</div>
			</div>
			<?php }else{ ?>
			<div class="alert alert-success">
				<div class="widget-content themed-backgroundx-passion text-left clearfix">
				    <i class="pull-left fa fa-check" style="font-size: 55pt"></i>
				    <h4 class="widget-heading text-light">Password successfully changed.</h4>
				    <h4 class="widget-heading text-light-op">You Can Try Login Again.</h4>
				</div>
			</div>
			<?php }?>
		</div>
		</div>
	</div>
</div>
<?php
	}
?>
<!-- END Login Container -->

<?php // include 'inc/template_scripts.php'; ?>

<!-- Load and execute javascript code used only in this page -->
<script src="js/pages/readyLogin.js"></script>
<script>$(function(){ ReadyLogin.init(); });</script>