File manager

File manager - Edit - /home/autoph/public_html/connectv1/resources/views/employees/recover.php

Back
<?php include('cfg/db.php'); if(isset($_SESSION['user'])){ header('location:home.php'); } if(!isset($_GET['account']) \|\| trim($_GET['account']) == '' ){ header('location:home.php'); } $account_key = $db -> escape(trim($_GET['account'])); $account_information = $db -> sql_query("SELECT ea.`employee_id`, ea.`account_key`, ea.`account_code`,ea.date_start,ea.date_expire , ec.contact_number, ea.status FROM `employee_account_key` ea INNER JOIN employee_contact ec ON ea.employee_id=ec.employee_id WHERE ea.account_key = '$account_key' AND status = 1"); $account_information_count = $account_information -> num_rows; // echo $account_information_count; if($account_information_count > 0){ while($row = $account_information->fetch_assoc()) { $employee_id = $row['employee_id']; $account_key = $row['account_key']; $account_code = $row['account_code']; $contact_number = "0".$row['contact_number']; $date_start = $row['date_start']; $date_expire = $row['date_expire']; if($db -> sql_query("SELECT id FROM employee_account_key T WHERE TIMESTAMPDIFF(MINUTE,T.date_expire,NOW()) < 3 AND `account_key` = '$account_key'") -> num_rows == 0){ //update and send $db -> sql_query("UPDATE employee_account_key SET `date_expire`= NOW() WHERE employee_id = '$employee_id' AND account_key = '$account_key' "); //SEND SMS $site_link = str_replace("https","http",$variable['site_link']); $url = $site_link.'app/sms/sms.php'; $data = array('number' => $contact_number,'message' => $db->select("SELECT value FROM `settings_notification` WHERE `name` = 'activation_sms_message'").' '.$account_code); // use key 'http' even if you send the request to https://... $options = array( 'http' => array( 'header' => "Content-type: application/x-www-form-urlencoded\r\n", 'method' => 'POST', 'content' => http_build_query($data) ) ); $context = stream_context_create($options); $result = file_get_contents($url, false, $context); if ($result === FALSE) { /* Handle error / } // var_dump($result); } } }else{ header('location:home.php'); } ?> <!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1"> <title><?php echo $variable['site_name']; ?> \| Recover Password</title> <!-- Google Font: Source Sans Pro --> <link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,400i,700&display=fallback"> <!-- Font Awesome --> <link rel="stylesheet" href="plugins/fontawesome-free/css/all.min.css"> <!-- icheck bootstrap --> <link rel="stylesheet" href="plugins/icheck-bootstrap/icheck-bootstrap.min.css"> <!-- Theme style --> <link rel="stylesheet" href="dist/css/adminlte.min.css"> <!-- overlayScrollbars --> <link rel="stylesheet" href="plugins/overlayScrollbars/css/OverlayScrollbars.min.css"> <link href="dist/img/<?php echo $variable['logo']; ?>" rel="icon" /> </head> <body class="hold-transition login-page"> <div class="login-box"> <div class="card card-outline card-primary"> <!-- <div class="card-header text-center"> <a href="home.php" class="h1"><b><?php echo $variable['site_name']; ?></b></a> </div> --> <div class="card-header text-center"> <center><a href="home.php"><img class="brand-image img-circle elevation-3" src="dist/img/<?php echo $variable['logo']; ?>" alt="<?php echo $variable['logo']; ?>" width="130px" height="130px"></a></center> <a href="home.php" class="h1"><b></b><?php /$pieces = explode(" ", $variable['site_name']); echo $pieces[1];/ echo "Connect"; ?></a> </div> <div class="card-body"> <p class="login-box-msg" id="msg" hidden>You are only one step a way from your new password, recover your password now.</p> <form id="recover-password"> <div class="alert" role="alert" id="error-alert" style="display:none;"> <span id="error-icon" class="icon fas"> </span> <span id="alert-message"></span></a> </div> <p class="login-box-msg" id="number-label">Mobile Number: <?php echo "*******".substr($contact_number,strlen($contact_number)-2,strlen($contact_number)) ?></p> <div class="input-group mb-3" id = "code-div"> <input oninput="this.value=this.value.slice(0,this.maxLength)" type = "number" maxlength = "6" id="code" class="form-control" placeholder="Activation Code" > <div class="input-group-append"> <div class="input-group-text"> <span class="fas fa-lock"></span> </div> </div> </div> <span id="pw-not-matched" style="width: 100%; margin-top: .25rem; font-size: 80%; color: #dc3545; display:none;" ></span> <div class="input-group mb-3" id="password-div" > <input type="password" class="form-control" id="password" name="password" placeholder="Password"> <div class="input-group-append"> <div class="input-group-text"> <span class="fas fa-lock"></span> </div> </div> </div> <div class="input-group mb-3" id="cpassword-div" > <input type="password" class="form-control" id="cpassword" name="cpassword" placeholder="Confirm Password"> <div class="input-group-append"> <div class="input-group-text"> <span class="fas fa-lock"></span> </div> </div> </div> <div class="row" id="row-div" > <div class="col-6"> <span name="resend" id="resend" href="#" class="btn btn-primary btn-block">Resend Code</span> </div> <div class="col-6"> <button type="submit" id="submit" name="submit" class="btn btn-primary btn-block">Change</button> </div> <!-- /.col --> </div> </form> <p class="mt-3 mb-1"> <a href="signin.php">Login</a> </p> </div> <!-- /.login-card-body --> </div> </div> <!-- /.login-box --> <!-- jQuery --> <script src="plugins/jquery/jquery.min.js"></script> <!-- Bootstrap 4 --> <script src="plugins/bootstrap/js/bootstrap.bundle.min.js"></script> <!-- AdminLTE App --> <script src="dist/js/adminlte.min.js"></script> <script> $("#resend").click(function(){ $('#resend').attr('disabled', true); location.reload(); }); </script> <script> $(document).ready(function(){ $('#error-icon').addClass("fa-check"); $('#error-alert').addClass("alert-success"); $('#alert-message').text('Activation code sent to your number.'); $('#error-alert').fadeIn(); setTimeout(function () { $('#error-alert').fadeOut()}, 5000); }); </script> <script> $("#recover-password").submit(function(event){ //do validatons event.preventDefault(); remove_alert_bg(); remove_form_invalid(); var account_key = '<?php echo $account_key; ?>'; $('#code').removeClass("is-invalid"); var input_code = $.trim($("#code").val()); if(input_code.length < 6){ $('#code').addClass("is-invalid"); $("#code").focus(); return; } var password = $.trim($("#password").val()); var cpassword = $.trim($("#cpassword").val()); if(password == ''){ $('#password').addClass("is-invalid"); $("#password").focus(); return; } if(cpassword == ''){ $('#cpassword').addClass("is-invalid"); $("#cpassword").focus(); return; } if(password.length < 6 \|\| cpassword.length < 6 ){ $('#pw-not-matched').fadeIn(); $("#password").focus(); $('#pw-not-matched').text('Password must 6 character or above!'); return; } if(password !== cpassword ){ $('#pw-not-matched').fadeIn(); $("#cpassword").focus(); $('#pw-not-matched').text('Password not matched!'); return; } $.ajax({ url: "app/employee/recover_password.php", data: { employee_id : '<?php echo $employee_id; ?>', newpassword : password, cpassword : cpassword, account_key : account_key, input_code : input_code } , type: "POST", dataType: 'json', beforeSend:function(){ $('#error-icon').addClass("fa-info"); $('#error-alert').addClass("alert-info"); $('#error-alert').fadeIn(); $('#alert-message').text(" Changing password, please wait..."); $('#submit').attr('disabled', true); }, success: function (result) { $('#submit').attr('disabled', false); if (result.status!=1) { remove_alert_bg(); $('#error-icon').addClass("fa-ban"); $('#error-alert').addClass("alert-danger"); $('#alert-message').text(result.message); }else{ remove_alert_bg(); $('#msg').fadeOut(); $('#password-div').fadeOut(); $('#cpassword-div').fadeOut(); $('#code-div').fadeOut(); $('#number-label').fadeOut(); $('#row-div').fadeOut(); $('#error-icon').addClass("fa-check"); $('#error-alert').addClass("alert-success"); $('#alert-message').text(result.message); } $('#submit').attr('disabled', false); }, error: handleError }); }); function handleError(xhr, status, error){ remove_alert_bg(); $('#error-icon').addClass("fa-ban"); $('#error-alert').addClass("alert-danger"); $('#alert-message').text("Error has occured. Please try again."); $('#submit').attr('disabled', false); $('#submit').attr('disabled', false); } function remove_alert_bg(){ $('#pw-not-matched').fadeOut(); $('#error-alert').removeClass("alert-success"); $('#error-alert').removeClass("alert-danger"); $('#error-alert').removeClass("alert-info"); $('#error-icon').removeClass("fa-check"); $('#error-icon').removeClass("fa-info"); $('#error-icon').removeClass("fa-ban"); } function remove_form_invalid(){ $('#password').removeClass("is-invalid"); $('#cpassword').removeClass("is-invalid"); } </script> </body> </html>

| ver. 1.4 | . | PHP 7.3.33 | Generation time: 0 | proxy | phpinfo | Settings