String literals should not be duplicated
This commit is contained in:
parent
b84ee52666
commit
2af76074bb
@ -7,7 +7,13 @@ define('ERROR_WRONG_LOGIN', 'Такого пользователя не суще
|
|||||||
define('ERROR_TOO_MANY_TRIES', 'Вы уже отправляли себе письмо сегодня!');
|
define('ERROR_TOO_MANY_TRIES', 'Вы уже отправляли себе письмо сегодня!');
|
||||||
define('ERROR_OLD_HASH', 'Ссылка устарела!');
|
define('ERROR_OLD_HASH', 'Ссылка устарела!');
|
||||||
define('ERROR_WRONG_HASH', 'Неверная ссылка!');
|
define('ERROR_WRONG_HASH', 'Неверная ссылка!');
|
||||||
|
$login = filter_input(INPUT_POST, 'loginid', FILTER_SANITIZE_SPECIAL_CHARS);
|
||||||
$password = password_hash(filter_input(INPUT_POST, 'psw'), PASSWORD_DEFAULT);
|
$password = password_hash(filter_input(INPUT_POST, 'psw'), PASSWORD_DEFAULT);
|
||||||
|
$allowChange = false;
|
||||||
|
$changePassword = filter_input(INPUT_GET, 'change');
|
||||||
|
$newPassword = $_POST['newpasswd'] ?? 0;
|
||||||
|
$hashCheck = $_POST['hashcheck'] ?? 0;
|
||||||
|
|
||||||
function mail_send($to, $from_user, $from_email, $subject = '(No subject)', $message = '')
|
function mail_send($to, $from_user, $from_email, $subject = '(No subject)', $message = '')
|
||||||
{
|
{
|
||||||
$from_user = "=?UTF-8?B?" . base64_encode($from_user) . "?=";
|
$from_user = "=?UTF-8?B?" . base64_encode($from_user) . "?=";
|
||||||
@ -19,8 +25,6 @@ function mail_send($to, $from_user, $from_email, $subject = '(No subject)', $mes
|
|||||||
|
|
||||||
return mail($to, $subject, $message, $headers);
|
return mail($to, $subject, $message, $headers);
|
||||||
}
|
}
|
||||||
|
|
||||||
$login = filter_input(INPUT_POST, 'loginid', FILTER_SANITIZE_SPECIAL_CHARS);
|
|
||||||
if ($login) {
|
if ($login) {
|
||||||
$loginCheck = db::c()->query('SELECT email FROM users WHERE login = "?s"', $login)->fetch_assoc();
|
$loginCheck = db::c()->query('SELECT email FROM users WHERE login = "?s"', $login)->fetch_assoc();
|
||||||
if ($loginCheck) {
|
if ($loginCheck) {
|
||||||
@ -48,9 +52,6 @@ if ($login) {
|
|||||||
$statusMessage = ERROR_WRONG_LOGIN;
|
$statusMessage = ERROR_WRONG_LOGIN;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
$allowChange = false;
|
|
||||||
$changePassword = filter_input(INPUT_GET, 'change');
|
|
||||||
if ($changePassword) {
|
if ($changePassword) {
|
||||||
if (db::c()->query('SELECT 1 FROM users_recovery WHERE `hash` = "?s" AND `date` < "?s"', $changePassword, date('Y-m-d'))->getNumRows()) {
|
if (db::c()->query('SELECT 1 FROM users_recovery WHERE `hash` = "?s" AND `date` < "?s"', $changePassword, date('Y-m-d'))->getNumRows()) {
|
||||||
$allowChange = true;
|
$allowChange = true;
|
||||||
@ -59,14 +60,13 @@ if ($changePassword) {
|
|||||||
$statusMessage = ERROR_OLD_HASH;
|
$statusMessage = ERROR_OLD_HASH;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
if ($newPassword && $hashCheck) {
|
||||||
if (!empty($_POST['newpasswd']) && !empty($_POST['hashcheck'])) {
|
$query = db::c()->query('SELECT login FROM users_recovery WHERE hash = "?s"', $hashCheck);
|
||||||
$query = db::c()->query('SELECT login FROM users_recovery WHERE hash = "?s"', $_POST['hashcheck']);
|
|
||||||
if ($query->getNumRows()) {
|
if ($query->getNumRows()) {
|
||||||
$query->fetch_assoc();
|
$query = $query->fetch_assoc();
|
||||||
$passwordHashed = password_hash($_POST['newpasswd'], PASSWORD_DEFAULT);
|
$passwordHashed = password_hash($newPassword, PASSWORD_DEFAULT);
|
||||||
db::c()->query('UPDATE users SET pass = "?s" WHERE login = "?s"', $passwordHashed, $query['login']);
|
db::c()->query('UPDATE users SET pass = "?s" WHERE login = "?s"', $passwordHashed, $query['login']);
|
||||||
db::c()->query('DELETE FROM confirmpasswd WHERE hash = "?s"', $_POST['hashcheck']);
|
db::c()->query('DELETE FROM confirmpasswd WHERE hash = "?s"', $hashCheck);
|
||||||
$statusMessage = OK_PASSWORD_CHANGED;
|
$statusMessage = OK_PASSWORD_CHANGED;
|
||||||
} else {
|
} else {
|
||||||
$statusMessage = ERROR_WRONG_HASH;
|
$statusMessage = ERROR_WRONG_HASH;
|
||||||
|
Loading…
Reference in New Issue
Block a user