khanat-code-old/code/web/public_php/ams/inc/reset_password.php
botanic 80660b5146 FIX #200
dont crash when neldb is missing
2014-09-11 10:50:34 -07:00

32 lines
931 B
PHP

<?php
function reset_password(){
$email = filter_var($_GET["email"], FILTER_SANITIZE_EMAIL);
$user = filter_var($_GET["user"], FILTER_SANITIZE_STRING);
$key = filter_var($_GET["key"], FILTER_SANITIZE_STRING);
$target_id = WebUsers::getId($user);
$webUser = new WebUsers($target_id);
if( (WebUsers::getIdFromEmail($email) == $target_id) && (hash('sha512',$webUser->getHashedPass()) == $key) ){
//you are allowed on the page!
$GETString = "";
foreach($_GET as $key => $value){
$GETString = $GETString . $key . '=' . $value . "&";
}
if($GETString != ""){
$GETString = '?'.$GETString;
}
$pageElements['getstring'] = $GETString;
return $pageElements;
}else{
global $WEBPATH;
$_SESSION['error_code'] = "403";
header("Cache-Control: max-age=1");
header("Location: ".$WEBPATH."?page=error");
throw new SystemExit();
}
}