String literals should not be duplicated
This commit is contained in:
lopar
parent
b84ee52666
commit
2af76074bb
@ -7,7 +7,13 @@ define('ERROR_WRONG_LOGIN', 'Такого пользователя не суще
|
||||
define('ERROR_TOO_MANY_TRIES', 'Вы уже отправляли себе письмо сегодня!');
|
||||
define('ERROR_OLD_HASH', 'Ссылка устарела!');
|
||||
define('ERROR_WRONG_HASH', 'Неверная ссылка!');
|
||||
$login = filter_input(INPUT_POST, 'loginid', FILTER_SANITIZE_SPECIAL_CHARS);
|
||||
$password = password_hash(filter_input(INPUT_POST, 'psw'), PASSWORD_DEFAULT);
|
||||
$allowChange = false;
|
||||
$changePassword = filter_input(INPUT_GET, 'change');
|
||||
$newPassword = $_POST['newpasswd'] ?? 0;
|
||||
$hashCheck = $_POST['hashcheck'] ?? 0;
|
||||
|
||||
function mail_send($to, $from_user, $from_email, $subject = '(No subject)', $message = '')
|
||||
{
|
||||
$from_user = "=?UTF-8?B?" . base64_encode($from_user) . "?=";
|
||||
@ -19,8 +25,6 @@ function mail_send($to, $from_user, $from_email, $subject = '(No subject)', $mes
|
||||
|
||||
return mail($to, $subject, $message, $headers);
|
||||
}
|
||||
|
||||
$login = filter_input(INPUT_POST, 'loginid', FILTER_SANITIZE_SPECIAL_CHARS);
|
||||
if ($login) {
|
||||
$loginCheck = db::c()->query('SELECT email FROM users WHERE login = "?s"', $login)->fetch_assoc();
|
||||
if ($loginCheck) {
|
||||
@ -48,9 +52,6 @@ if ($login) {
|
||||
$statusMessage = ERROR_WRONG_LOGIN;
|
||||
}
|
||||
}
|
||||
|
||||
$allowChange = false;
|
||||
$changePassword = filter_input(INPUT_GET, 'change');
|
||||
if ($changePassword) {
|
||||
if (db::c()->query('SELECT 1 FROM users_recovery WHERE `hash` = "?s" AND `date` < "?s"', $changePassword, date('Y-m-d'))->getNumRows()) {
|
||||
$allowChange = true;
|
||||
@ -59,14 +60,13 @@ if ($changePassword) {
|
||||
$statusMessage = ERROR_OLD_HASH;
|
||||
}
|
||||
}
|
||||
|
||||
if (!empty($_POST['newpasswd']) && !empty($_POST['hashcheck'])) {
|
||||
$query = db::c()->query('SELECT login FROM users_recovery WHERE hash = "?s"', $_POST['hashcheck']);
|
||||
if ($newPassword && $hashCheck) {
|
||||
$query = db::c()->query('SELECT login FROM users_recovery WHERE hash = "?s"', $hashCheck);
|
||||
if ($query->getNumRows()) {
|
||||
$query->fetch_assoc();
|
||||
$passwordHashed = password_hash($_POST['newpasswd'], PASSWORD_DEFAULT);
|
||||
$query = $query->fetch_assoc();
|
||||
$passwordHashed = password_hash($newPassword, PASSWORD_DEFAULT);
|
||||
db::c()->query('UPDATE users SET pass = "?s" WHERE login = "?s"', $passwordHashed, $query['login']);
|
||||
db::c()->query('DELETE FROM confirmpasswd WHERE hash = "?s"', $_POST['hashcheck']);
|
||||
db::c()->query('DELETE FROM confirmpasswd WHERE hash = "?s"', $hashCheck);
|
||||
$statusMessage = OK_PASSWORD_CHANGED;
|
||||
} else {
|
||||
$statusMessage = ERROR_WRONG_HASH;
|
||||
|
||||
Loading…
Reference in New Issue
Block a user