2013-09-20 21:36:19 +00:00
|
|
|
<?php
|
|
|
|
|
|
|
|
|
|
function reset_password(){
|
|
|
|
|
$email = filter_var($_GET["email"], FILTER_SANITIZE_EMAIL);
|
|
|
|
|
$user = filter_var($_GET["user"], FILTER_SANITIZE_STRING);
|
|
|
|
|
$key = filter_var($_GET["key"], FILTER_SANITIZE_STRING);
|
2014-09-03 05:06:43 +00:00
|
|
|
|
2013-09-20 21:36:19 +00:00
|
|
|
$target_id = WebUsers::getId($user);
|
|
|
|
|
$webUser = new WebUsers($target_id);
|
2014-09-03 05:06:43 +00:00
|
|
|
|
2013-09-20 21:36:19 +00:00
|
|
|
if( (WebUsers::getIdFromEmail($email) == $target_id) && (hash('sha512',$webUser->getHashedPass()) == $key) ){
|
|
|
|
|
//you are allowed on the page!
|
2014-09-03 05:06:43 +00:00
|
|
|
|
2013-09-20 21:36:19 +00:00
|
|
|
$GETString = "";
|
|
|
|
|
foreach($_GET as $key => $value){
|
|
|
|
|
$GETString = $GETString . $key . '=' . $value . "&";
|
2014-09-03 05:06:43 +00:00
|
|
|
}
|
2013-09-20 21:36:19 +00:00
|
|
|
if($GETString != ""){
|
|
|
|
|
$GETString = '?'.$GETString;
|
|
|
|
|
}
|
|
|
|
|
$pageElements['getstring'] = $GETString;
|
2014-09-03 05:06:43 +00:00
|
|
|
|
2013-09-20 21:36:19 +00:00
|
|
|
return $pageElements;
|
2014-09-03 05:06:43 +00:00
|
|
|
|
2013-09-20 21:36:19 +00:00
|
|
|
}else{
|
|
|
|
|
global $WEBPATH;
|
|
|
|
|
$_SESSION['error_code'] = "403";
|
2014-09-03 05:36:10 +00:00
|
|
|
header("Cache-Control: max-age=1");
|
2013-09-20 21:36:19 +00:00
|
|
|
header("Location: ".$WEBPATH."?page=error");
|
2014-09-03 05:23:39 +00:00
|
|
|
throw new SystemExit();
|
2013-09-20 21:36:19 +00:00
|
|
|
}
|
2014-09-03 05:06:43 +00:00
|
|
|
}
|
