game/repass.php

<?php

use Core\{Config, Database, Db};

if (!defined('GAME_VERSION')) {
    require_once '_incl_data/autoload.php';
}

$step = 1;
$error = '';
Config::init();
Database::init();

if (isset($_GET['login'])) {
    $_POST['relogin'] = $_GET['login'];
}

if (isset($_POST['relogin'])) {
    $_POST['relogin'] = htmlspecialchars($_POST['relogin'], null, 'cp1251');

    $u = User::start();

    $usr = Db::getRow('select * from users where login =?', [$_POST['relogin']]);
    if (!isset($usr['id'])) {
        $error = 'Ëîãèí "' . htmlspecialchars($_POST['relogin'], null, 'cp1251') . '" íå íàéäåí â áàçå.';
    } else {
        if ($usr['admin'] != 0 || $usr['banned'] != 0) {
            $error = 'Ïåðñîíàæ "' . $_POST['relogin'] . '" çàáëîêèðîâàí!';
        } else {
            $step = 2;
            if (isset($_POST['redate'])) {
                //Òðåòèé øàã
                $lst_psw = Db::getValue(
                    'select count(*) from repass where uid = ? and time > unix_timestamp() - 24 * 60 * 60 and type = 1',
                    [$usr['id']]
                );
                if ($lst_psw) {
                    $error = 'Âûñûëàòü ïàðîëü ìîæíî íå áîëåå îäíîãî ðàçà â ñóòêè.';
                } elseif (
                    str_replace('0', '', $_POST['redate']) == str_replace('0', '', $usr['bithday'])
                ) {
                    $error = '<br><br><br>Ïàðîëü îò ïåðñîíàæà &quot;' . $usr['login'] . '&quot; áûë óñïåøíî âûñëàí íà E-mail óêàçàííûé ïðè ðåãèñòðàöèè! <br><br><br>';
                    $re = Db::getValue(
                        'select count(*) from logs_auth where uid = ? and type = 0 and depass != ?',
                        [$usr['id'], '']
                    );

                    if ($u['securetime'] < Config::get('securetime')) {
                        unset($re);
                    }
                    if (!isset($re)) {
                        $newPassword = PassGen::new();
                        $title = 'Âîññòàíîâëåíèå ïàðîëÿ îò "' . $usr['login'] . '".';
                        $txt = 'Äîáðûé äåíü.<br>';
                        $txt .= 'Ñ IP-àäðåñà - <b>' . UserIp::get(
                            ) . '</b>, áûë çàïðîøåí ïàðîëü äëÿ âàøåãî ïåðñîíàæà.<br>Åñëè ýòî íå Âû, ïðîñòî óäàëèòå ýòî ïèñüìî.<br><br>';
                        $txt .= 'Âàø ëîãèí: <b>' . $usr['login'] . '</b><br>';
                        $txt .= 'Âàø ïàðîëü: ' . $newPassword . '<br><br>';
                        $txt .= 'Îòâå÷àòü íà äàííîå ïèñüìî íå íóæíî.<br><br>';
                        $txt .= 'Ñ óâàæåíèåì,<br>';
                        $txt .= 'Àäìèíèñòðàöèÿ Áîéöîâñêîãî Êëóáà';
                        $mail = Core\Mail::send($usr['mail'], $txt, $title);

                        if ($mail === 1) {
                            Db::sql(
                                'update users set securetime = unix_timestamp(), allLock = unix_timestamp(), pass = ? where id = ?',
                                [password_hash($newPassword, PASSWORD_DEFAULT), $usr['id']]
                            );
                            Db::sql(
                                'insert into repass (uid, time, ip, type) values (?,unix_timestamp(),?,1)',
                                [$usr['id'], UserIp::get()]
                            );
                            $step = 3;
                        } else {
                            $error = $mail;
                        }
                        unset($mail);
                    }
                } else {
                    $error = 'Íåâåðíî óêàçàí äåíü ðîæäåíèÿ.';
                }
            }
        }
    }
}

?>
<!DOCTYPE html>
<html lang="ru-RU">
<head>
    <title><?= Config::get('name') ?>: Âîññòàíîâëåíèå ïàðîëÿ îò ïåðñîíàæà</title>
    <meta name="keywords" content="<?= Config::get('keys') ?>">
    <meta name="description" content="<?= Config::get('desc') ?>"/>
    <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no"/>
    <link type="text/css" rel="stylesheet" href="stylen.css"/>
    <style>
        input[type=text], input[type=date] {
            padding: 3px;
        }
        div.content, div.after {
            display: flex;
            justify-content: center;
        }
        div.content {
            align-items: center;
            flex-direction: column;
            height: 50%;
        }
    </style>
</head>
<body>
<form method="post" id="repass"></form>
<div class="content">
    <h1>Âîññòàíîâëåíèå ïàðîëÿ</h1>
    <?= $error ? '<b style="color: red">' . $error . '</b>' : '' ?>
    <?php if ($step === 1): ?>
        <label for="relogin">Óêàæèòå ëîãèí ïåðñîíàæà:</label>
        <input form="repass" placeholder="Ëîãèí" maxlength="30" name="relogin" type="text" class="inup" id="relogin">
        <br>
        <input form="repass" type="submit" class="btn" value="Ïåðåéòè ê ñëåäóþùåìó øàãó">
    <?php elseif ($step === 2): ?>
        <label for="relogin">Ëîãèí ïåðñîíàæà:</label>
        <input form="repass" maxlength="30" name="relogin" type="text" class="inup" value="<?= $_POST['relogin'] ?>" id="relogin">
        <br>
        <label for="redate">Äåíü ðîæäåíèÿ:</label>
        <input form="repass" name="redate" type="date" class="inup" id="redate"><br>
        <small class="testro">(äåíü ðîæäåíèÿ âû óêàçûâàëè ïðè ðåãèñòðàöèè ïåðñîíàæà â ôîðìàòå
            dd.mm.yyyy)</small><br>
        <input form="repass" type="submit" class="btn" value="Âûñëàòü ïàðîëü íà E-mail">
    <?php endif; ?>
</div>
<div class="after">
    <a href="<?= Config::get('https') ?>">Âåðíóòñÿ íà ãëàâíóþ ñòðàíèöó</a>
</div>
<div class="after">
    <span class="testro"><?= Config::get('footer') ?></span>
</div>
</body>
</html>