failed-galleries/php-gallery
1
0
Fork 0
mirror of https://github.com/Fluffy-Bean/image-gallery.git synced 2024-12-29 10:56:12 +00:00
Code Issues Packages Projects Releases Wiki Activity

Password resest progress

Browse source
This commit is contained in:
Michał 2022-09-17 10:51:54 +00:00
parent 7143e35bc7
commit c69ae90a40
2 changed files with 87 additions and 32 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

28
account.php
View file

@ -153,7 +153,7 @@
<?php <?php
} else { } else {
?> ?>
<button id="userResetPassword" class="btn btn-bad">Reset Password</button> <button id="userResetPassword" class="btn btn-bad" onclick="userResetPassword('<?php echo $user['id']; ?>', '<?php echo $user['username']; ?>')">Reset Password</button>
<button id="userDeleteButton" class="btn btn-bad" onclick="userDelete('<?php echo $user['id']; ?>', '<?php echo $user['username']; ?>')">Delete user</button> <button id="userDeleteButton" class="btn btn-bad" onclick="userDelete('<?php echo $user['id']; ?>', '<?php echo $user['username']; ?>')">Delete user</button>
<button id="userToggleAdmin" class="btn btn-bad" onclick="userToggleAdmin('<?php echo $user['id']; ?>', '<?php echo $user['username']; ?>')">Toggle admin</button> <button id="userToggleAdmin" class="btn btn-bad" onclick="userToggleAdmin('<?php echo $user['id']; ?>', '<?php echo $user['username']; ?>')">Toggle admin</button>
<?php <?php
@ -164,6 +164,32 @@
} }
?> ?>
<script> <script>
function userResetPassword(id, username) {
var header = "UwU whats the new passywassy code?";
var description = "Do this only if "+username+" has forgotten their password, DO NOT abuse this power";
var actionBox = "<form id='userResetPasswordForm' method='POST'>\
<input id='userNewPassword' class='btn btn-neutral' type='password' name='new_password' placeholder='New Password'>\
<input id='userConfirmSassword' class='btn btn-neutral' type='password' name='confirm_password' placeholder='Confirm Password'>\
<br>\
<button id='userPasswordSubmit' class='btn btn-bad' type='submit' name='reset' value='"+id+"'><img class='svg' src='assets/icons/password.svg'>Reset</button>\
</form>";
flyoutShow(header, description, actionBox);
$("#userResetPasswordForm").submit(function(event) {
event.preventDefault();
var new_passowrd = $("#userNewPassword").val();
var confirm_password = $("#userConfirmSassword").val();
var submit = $("#userPasswordSubmit").val();
var userId = $("#userPasswordSubmit").val();
$("#sniffle").load("app/account/password_reset.php", {
new_passowrd: new_passowrd,
confirm_password: confirm_password,
id: userId,
submit: submit
});
});
}
function userDelete(id, username) { function userDelete(id, username) {
var header = "Are you very very sure?"; var header = "Are you very very sure?";
var description = "This CANNOT be undone, be very carefull with your decition..."; var description = "This CANNOT be undone, be very carefull with your decition...";

91
app/account/password_reset.php
View file

@ -16,6 +16,11 @@
session_start(); session_start();
// Include server connection // Include server connection
include dirname(__DIR__)."/server/conn.php"; include dirname(__DIR__)."/server/conn.php";
include dirname(__DIR__)."/app.php";
use App\Account;
$user_info = new Account();
if (isset($_POST['submit'])) { if (isset($_POST['submit'])) {
/* /*
@ -31,20 +36,20 @@ if (isset($_POST['submit'])) {
// Validate new password // Validate new password
if (empty(trim($_POST["new_password"]))) { if (empty(trim($_POST["new_password"]))) {
?> ?>
<script> <script>
sniffleAdd('Meep', 'Enter a new password!', 'var(--red)', 'assets/icons/cross.svg'); sniffleAdd('Meep', 'Enter a new password!', 'var(--red)', 'assets/icons/cross.svg');
flyoutClose(); flyoutClose();
</script> </script>
<?php <?php
$error = $error + 1; $error += 1;
} elseif(strlen(trim($_POST["new_password"])) < 6) { } elseif(strlen(trim($_POST["new_password"])) < 6) {
?> ?>
<script> <script>
sniffleAdd('Not long enough...', 'Password, must be 6 or more characters in length uwu', 'var(--red)', 'assets/icons/cross.svg'); sniffleAdd('Not long enough...', 'Password, must be 6 or more characters in length uwu', 'var(--red)', 'assets/icons/cross.svg');
flyoutClose(); flyoutClose();
</script> </script>
<?php <?php
$error = $error + 1; $error += 1;
} else { } else {
$new_password = trim($_POST["new_password"]); $new_password = trim($_POST["new_password"]);
} }
@ -52,23 +57,37 @@ if (isset($_POST['submit'])) {
// Validate confirm password // Validate confirm password
if (empty(trim($_POST["confirm_password"]))) { if (empty(trim($_POST["confirm_password"]))) {
?> ?>
<script> <script>
sniffleAdd('Meep', 'You must confirm the password!!!!', 'var(--red)', 'assets/icons/cross.svg'); sniffleAdd('Meep', 'You must confirm the password!!!!', 'var(--red)', 'assets/icons/cross.svg');
flyoutClose(); flyoutClose();
</script> </script>
<?php <?php
$error = $error + 1; $error += 1;
} else { } else {
$confirm_password = trim($_POST["confirm_password"]); $confirm_password = trim($_POST["confirm_password"]);
if(empty($error) && ($new_password != $confirm_password)) { if(empty($error) && ($new_password != $confirm_password)) {
?> ?>
<script>
sniffleAdd('AAAA', 'Passwords do not match!!!', 'var(--red)', 'assets/icons/cross.svg');
flyoutClose();
</script>
<?php
$error += 1;
}
}
if (isset($_POST['id']) && $user_info->is_admin($conn, $_SESSION["id"])) {
$user_id = $_POST['id'];
} elseif (empty($_POST['id'])) {
$user_id = $_SESSION["id"];
} else {
?>
<script> <script>
sniffleAdd('AAAA', 'Passwords do not match!!!', 'var(--red)', 'assets/icons/cross.svg'); sniffleAdd('Oopsie', 'An error occured while figuring out which user to change the password of... Are you an admin?', 'var(--red)', 'assets/icons/cross.svg');
flyoutClose(); flyoutClose();
</script> </script>
<?php <?php
$error = $error + 1; $error += 1;
}
} }
// Check for errors // Check for errors
@ -81,24 +100,34 @@ if (isset($_POST['submit'])) {
// Setting up Password parameters // Setting up Password parameters
$param_password = password_hash($new_password, PASSWORD_DEFAULT); $param_password = password_hash($new_password, PASSWORD_DEFAULT);
$param_id = $_SESSION["id"]; $param_id = $user_id;
// Attempt to execute (sus) // Attempt to execute (sus)
if (mysqli_stmt_execute($stmt)) { if (mysqli_stmt_execute($stmt)) {
// Password updated!!!! Now goodbye // Password updated!!!! Now goodbye
session_destroy(); if ($user_id == $_SESSION["id"]) {
?> // Check if password reset was done by user
<script> session_destroy();
sniffleAdd('Password updated', 'Now goodbye.... you will be redirected in a moment', 'var(--green)', 'assets/icons/check.svg'); ?>
setTimeout(function(){window.location.href = "account/login.php";}, 2000); <script>
</script> sniffleAdd('Password updated', 'Now goodbye.... you will be redirected in a moment', 'var(--green)', 'assets/icons/check.svg');
<?php setTimeout(function(){window.location.href = "account/login.php";}, 2000);
</script>
<?php
} else {
// An admin has changed the password
?>
<script>
sniffleAdd('Password updated', 'Password has been reset for user! But their session may still be active', 'var(--green)', 'assets/icons/check.svg');
</script>
<?php
}
} else { } else {
?> ?>
<script> <script>
sniffleAdd('Bruh', 'Something happened on our end, sowwy', 'var(--red)', 'assets/icons/cross.svg'); sniffleAdd('Bruh', 'Something happened on our end, sowwy', 'var(--red)', 'assets/icons/cross.svg');
flyoutClose(); flyoutClose();
</script> </script>
<?php <?php
} }
} }