odoorbell/image-pichost
1
2
Fork 0
Code Issues Pull Requests Projects Releases 1 Wiki Activity
Files
94f51969e255b5183871fbe05518afd84a85c6e4
image-pichost/forgot-password.php
小小白哦 c56dca6129 上传文件至 /
2025-11-30 13:06:06 +00:00

179 lines
7.9 KiB
PHP
Raw Blame History

<?php
require_once 'config.php';
$error = '';
$success = '';
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$email = trim($_POST['email']);
$captcha = trim($_POST['captcha']);
if (empty($email)) {
$error = t('enter_email');
} elseif (CAPTCHA_ENABLED && (empty($captcha) || $captcha !== $_SESSION['captcha'])) {
$error = t('invalid_captcha');
} else {
$stmt = $pdo->prepare("SELECT id, username FROM users WHERE email = ?");
$stmt->execute([$email]);
$user = $stmt->fetch(PDO::FETCH_ASSOC);
if ($user) {
$token = bin2hex(random_bytes(32));
$expires_at = date('Y-m-d H:i:s', time() + PASSWORD_RESET_EXPIRE);
$pdo->prepare("DELETE FROM password_resets WHERE email = ?")->execute([$email]);
$stmt = $pdo->prepare("INSERT INTO password_resets (email, token, expires_at) VALUES (?, ?, ?)");
if ($stmt->execute([$email, $token, $expires_at])) {
if (sendPasswordResetEmail($email, $user['username'], $token)) {
$success = t('reset_link_sent');
} else {
$reset_link = SITE_URL . "/reset-password.php?token=" . $token;
$success = t('reset_link_generated') . "<br><a href='$reset_link' style='word-break: break-all;'>$reset_link</a>";
}
} else {
$error = t('system_error');
}
} else {
$error = t('email_not_registered');
}
}
}
?>
<!DOCTYPE html>
<html lang="<?php echo $lang; ?>" data-theme="<?php echo $currentUserSettings['dark_mode'] ? 'dark' : 'light'; ?>">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title><?php echo t('forgot_password'); ?> - <?php echo SITE_NAME; ?></title>
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0/css/all.min.css">
<link rel="stylesheet" href="css/style.css">
</head>
<body>
<?php include 'components/navbar.php'; ?>
<div class="container">
<div class="auth-container">
<div class="auth-card card">
<h2><i class="fas fa-key"></i> <?php echo t('forgot_password'); ?></h2>
<div class="instructions card">
<h3><i class="fas fa-info-circle"></i> <?php echo t('password_reset_instructions'); ?></h3>
<ul>
<li><i class="fas fa-envelope"></i> <?php echo t('enter_registered_email'); ?></li>
<li><i class="fas fa-link"></i> <?php echo t('reset_link_will_be_sent'); ?></li>
<li><i class="fas fa-clock"></i> <?php echo t('reset_link_expires'); ?></li>
<li><i class="fas fa-trash"></i> <?php echo t('check_spam_folder'); ?></li>
</ul>
</div>
<?php if($error): ?>
<div class="alert alert-error">
<i class="fas fa-exclamation-triangle"></i> <?php echo $error; ?>
</div>
<?php endif; ?>
<?php if($success): ?>
<div class="alert alert-success">
<i class="fas fa-check-circle"></i> <?php echo $success; ?>
</div>
<?php if(strpos($success, t('reset_link_generated')) !== false): ?>
<div class="instructions card" style="background: #fff3cd; border-left-color: #ffc107;">
<h3><i class="fas fa-exclamation-triangle"></i> <?php echo t('email_send_problem'); ?></h3>
<p><?php echo t('manual_copy_instructions'); ?></p>
<p><?php echo t('contact_admin'); ?>: <a href="mailto:<?php echo SMTP_FROM_EMAIL; ?>"><?php echo SMTP_FROM_EMAIL; ?></a></p>
</div>
<?php else: ?>
<div class="instructions card" style="background: #d4edda; border-left-color: #28a745;">
<h3><i class="fas fa-check-circle"></i> <?php echo t('email_sent_success'); ?></h3>
<p><?php echo t('check_email_instructions'); ?></p>
<p><?php echo t('no_email_received'); ?> <a href="#" onclick="location.reload(); return false;"><?php echo t('resend_email'); ?></a></p>
</div>
<?php endif; ?>
<?php endif; ?>
<?php if(empty($success)): ?>
<form method="POST" action="">
<div class="form-group">
<label for="email">
<i class="fas fa-envelope"></i> <?php echo t('email'); ?>
</label>
<input type="email" id="email" name="email" required
value="<?php echo isset($_POST['email']) ? htmlspecialchars($_POST['email']) : ''; ?>"
placeholder="<?php echo t('enter_registered_email'); ?>">
</div>
<?php if(CAPTCHA_ENABLED): ?>
<div class="form-group">
<label for="captcha">
<i class="fas fa-shield-alt"></i> <?php echo t('captcha'); ?>
</label>
<div class="captcha-container">
<input type="text" id="captcha" name="captcha" required maxlength="4"
placeholder="<?php echo t('enter_captcha'); ?>">
<img src="captcha.php" alt="<?php echo t('captcha'); ?>"
onclick="this.src='captcha.php?'+Math.random()"
title="<?php echo t('refresh_captcha'); ?>">
</div>
</div>
<?php endif; ?>
<button type="submit" class="btn btn-primary btn-full">
<i class="fas fa-paper-plane"></i> <?php echo t('send_reset_link'); ?>
</button>
</form>
<?php endif; ?>
<div class="auth-links">
<p>
<a href="login.php">
<i class="fas fa-arrow-left"></i> <?php echo t('back_to_login'); ?>
</a>
</p>
<p>
<?php echo t('no_account'); ?>
<a href="register.php">
<i class="fas fa-user-plus"></i> <?php echo t('register_now'); ?>
</a>
</p>
</div>
</div>
</div>
</div>
<script>
document.getElementById('email')?.focus();
document.getElementById('captcha')?.addEventListener('input', function(e) {
this.value = this.value.toUpperCase();
});
document.querySelector('form')?.addEventListener('submit', function(e) {
const email = document.getElementById('email').value;
if (!email) {
alert('<?php echo t('enter_email'); ?>');
e.preventDefault();
return false;
}
const emailRegex = /^[^\s@]+@[^\s@]+\.[^\s@]+$/;
if (!emailRegex.test(email)) {
alert('<?php echo t('invalid_email'); ?>');
e.preventDefault();
return false;
}
<?php if(CAPTCHA_ENABLED): ?>
const captcha = document.getElementById('captcha').value;
if (!captcha) {
alert('<?php echo t('enter_captcha'); ?>');
e.preventDefault();
return false;
}
<?php endif; ?>
});
</script>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink