-
Notifications
You must be signed in to change notification settings - Fork 0
/
process_pass.php
29 lines (24 loc) · 1023 Bytes
/
process_pass.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
<?php
require 'db/db_connect.php';
$conn = $con;
// reset_password.php
if (isset($_POST['password'], $_POST['token'])) {
$password = password_hash($_POST['password'], PASSWORD_DEFAULT); // Hash the new password
$token = $_POST['token'];
// Check if the token is valid and not expired
$query = "SELECT * FROM accounts WHERE reset_token = ? AND token_expiration > NOW()";
$stmt = $conn->prepare($query);
$stmt->bind_param("s", $token);
$stmt->execute();
$result = $stmt->get_result();
if ($result->num_rows > 0) {
// Update the user's password
$update = "UPDATE accounts SET password = ?, reset_token = NULL, token_expiration = NULL WHERE reset_token = ?";
$stmt = $conn->prepare($update);
$stmt->bind_param("ss", $password, $token);
$stmt->execute();
header("Location: success.php?b=login.html");
} else {
header("Location: error.php?a=Invalid or expired token, try resetting again!&b=login.html");
}
}