Passwort zurücksetzen

"); if($_GET["token"]!=$_SESSION["pw_reset_token"]){ $login_err = "Dein Link ist entweder abgelaufen oder ungültig. Erzeuge einen neuen, in dem du auf diesen Link klickst."; echo '

' . $login_err . '

'; //die(); } // Processing form data when form is submitted if($_SERVER["REQUEST_METHOD"] == "POST"){ $login_err=""; //first: validate old password if(isset($_GET["token"])&&isset($_SESSION["pw_reset_token"])){ if($_GET["token"]==$_SESSION["pw_reset_token"]){ $auth=true; } else{ $auth=false; } } else{ $auth=false; } if($auth===true) { //end of old_password validation // Validate new password if(empty(trim($_POST["new_password"]))){ $login_err = "Please enter the new password."; } elseif(strlen(trim($_POST["new_password"])) < 6){ $login_err = "Password must have atleast 6 characters."; }else if(strlen(trim($_POST["new_password"])) > 96) { $login_err = "Password cannot have more than 96 characters."; } else{ $new_password = trim($_POST["new_password"]); } // Validate confirm password if(empty(trim($_POST["confirm_password"]))){ $login_err = "Please confirm the password."; } else{ $confirm_password = trim($_POST["confirm_password"]); if(empty($new_password_err) && ($new_password != $confirm_password)){ $login_err = "Password did not match."; } } // Check input errors before updating the database if(empty($login_err) ){ // Prepare an update statement $sql = "UPDATE users SET password = ? WHERE username = ?"; if($stmt = mysqli_prepare($link, $sql)){ // Bind variables to the prepared statement as parameters mysqli_stmt_bind_param($stmt, "ss", $param_password, $username); // Set parameters $param_password = password_hash($new_password, PASSWORD_DEFAULT); $username=$_SESSION["verify"]; // Attempt to execute the prepared statement if(mysqli_stmt_execute($stmt)){ // Password updated successfully. Destroy the session, and redirect to login page $_SESSION["pw_reset_token"]=urlencode(bin2hex(random_bytes(24))); session_destroy(); header("location: login.php"); exit(); } else{ echo "Oops! Something went wrong. Please try again later."; } // Close statement mysqli_stmt_close($stmt); } } } else{ $login_err = "Dein Link ist entweder abgelaufen oder ungültig. Erzeuge einen neuen, in dem du auf diesen Link klickst."; } // Close connection mysqli_close($link); } ?> Passwort zurücksetzen ");?>

Passwort zurücksetzen

' . $login_err . '

'; } ?>