SiteโฏBuilder
Editing:
reset.php
writable 0666
<?php /***************************************************************** * Passwordโreset landing page * โ verifies token * โ lets user choose a new password * โ logs them straight in and redirects to dashboard *****************************************************************/ require_once __DIR__.'/lib/db.php'; session_start(); /* -------------------------------------------------------------- 0. Validate token from eโmail ----------------------------------------------------------------*/ $token = $_GET['t'] ?? ''; if (!preg_match('/^[A-Fa-f0-9]{64}$/', $token)) { exit('Invalid or expired link'); // tampered URL } $hash = hash('sha256', $token); $q = $db->prepare( 'SELECT pr.user_id, u.email FROM password_resets pr JOIN users u ON u.id = pr.user_id WHERE pr.token = ? AND pr.expires > NOW() LIMIT 1' ); $q->execute([$hash]); $row = $q->fetch(); if (!$row) exit('Invalid or expired link'); /* -------------------------------------------------------------- 1. Handle POST โย save new password ----------------------------------------------------------------*/ $err=''; if ($_SERVER['REQUEST_METHOD']==='POST') { $pass = $_POST['pass'] ?? ''; if (strlen($pass) < 8) { $err = 'Password must be at least 8 characters.'; } else { $pwdHash = password_hash($pass, PASSWORD_BCRYPT); $db->prepare('UPDATE users SET password_hash=? WHERE id=?') ->execute([$pwdHash, $row['user_id']]); $db->prepare('DELETE FROM password_resets WHERE user_id=?') ->execute([$row['user_id']]); /* autoโlogโin */ session_regenerate_id(true); $_SESSION['uid'] = $row['user_id']; header('Location: /members/dashboard.php'); exit; } } ?> <!doctype html> <title>Choose a new password โย BestDealOn</title> <meta name=viewport content="width=device-width,initial-scale=1"> <style> :root{ --brand:#0066ff;--bg:#f9fbff;--fg:#111;--err:#d91c31; font-family:-apple-system,BlinkMacSystemFont,Segoe UI,Roboto,Helvetica,Arial,sans-serif; } *{box-sizing:border-box} body{margin:0;display:flex;min-height:100vh;align-items:center;justify-content:center;background:var(--bg);color:var(--fg)} .card{width:clamp(320px,92vw,420px);background:#fff;padding:2.3rem;border-radius:12px;box-shadow:0 6px 24px rgba(0,0,0,.07)} h1{text-align:center;font-size:1.65rem;margin:.2rem 0 1.2rem} label{display:block;margin:.9rem 0 .25rem;font-weight:600} input,button{width:100%;padding:.65rem .75rem;border:1px solid #ccd2e2;border-radius:8px;font:inherit} input:focus{border-color:var(--brand);outline:none;box-shadow:0 0 0 2px #e5eeff} button{margin-top:1.3rem;background:var(--brand);color:#fff;font-weight:600;border:none;cursor:pointer} button:hover{filter:brightness(1.08)} .err{background:#ffe1e1;color:var(--err);padding:.9rem 1rem;border-radius:8px;text-align:center;margin-bottom:1rem} @media(prefers-color-scheme:dark){ :root{--bg:#0d1117;--fg:#e6edf3;--brand:#2f81f7} .card{background:#161b22;box-shadow:0 4px 14px rgba(0,0,0,.6)} input{background:#0d1117;color:var(--fg);border-color:#30363d} } </style> <body> <main class=card> <h1>Set a new password</h1> <?php if($err): ?><div class=err><?=htmlspecialchars($err)?></div><?php endif ?> <form method=post novalidate> <label for=p>New password <span style="font-weight:normal">(โฅโฏ8ย chars)</span></label> <input id=p type=password name=pass minlength=8 required autocomplete="new-password"> <button>Save & continue</button> </form> </main> </body>
Save changes
Create folder
writable 0777
Create
Cancel