-
-
Notifications
You must be signed in to change notification settings - Fork 98
/
pre-register.php
211 lines (200 loc) · 9.78 KB
/
pre-register.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
<?php
include('config/config.php');
if ($_GET['action'] == 'new') {
if ($manualdb->has("users", ["user" => $_POST['uname']])) {
header("Location: ./login?action=login");
die();
} else if ($_POST['psw'] == $_POST['repsw']){
$createUser = createUserAccount($_POST['uname'], $_POST['psw'], time() + 86400);
switch ($createUser) {
case 'success':
header("Location: ./login?action=login");
die();
case 'error-id':
header("Location: ./register?action=account&error-id");
die();
case 'duplicate':
header("Location: ./register?action=account&error=duplicate");
die();
}
header("Location: .");
die();
} else {
header("Location: .");
die();
}
}
if ($_GET['action'] == 'reset') {
if (!$manualdb->has("users", ["user" => $_POST['uname']])) {
header("Location: ./login?action=login");
die();
} else if ($_POST['uname']){
$randomPwd = generateRandomString();
if (resetUserPassword($_POST['uname'], $randomPwd, 0)) {
header("Location: ./login?action=login");
die();
}
header("Location: .");
die();
} else {
header("Location: .");
die();
}
}
if ($_GET['action'] == 'update') {
if (!empty($_POST['uname'])) {
$info = $manualdb->query(
"SELECT id, user, password, expire_timestamp, temp_password FROM users WHERE user = :user AND login_system = 'native'", [
":user" => $_POST['uname']
]
)->fetch();
if (password_verify($_POST['prepsw'], $info['password']) === true || password_verify($_POST['prepsw'], $info['temp_password']) === true) {
if (!$manualdb->has("users", ["user" => $_POST['uname'], "login_system" => "native"])) {
header("Location: ./login?action=login");
die();
} else if ($_POST['psw'] == $_POST['repsw']){
$hashedPwd = password_hash($_POST['psw'], PASSWORD_DEFAULT);
$manualdb->update("users", [
"password" => $hashedPwd,
"temp_password" => null
], [
"user" => $_POST['uname'],
"login_system" => 'native'
]);
header("Location: .");
die();
} else {
header("Location: .");
die();
}
}
}
}
?>
<!DOCTYPE html>
<html lang="<?= $locale ?>">
<head>
<meta charset="utf-8">
<title><?= $title ?></title>
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1, minimum-scale=1, user-scalable=no, minimal-ui">
<meta name="apple-mobile-web-app-capable" content="yes">
<meta name="apple-mobile-web-app-status-bar-style" content="black">
<meta name="apple-mobile-web-app-title" content="PokeMap">
<meta name="mobile-web-app-capable" content="yes">
<meta name="theme-color" content="#3b3b3b">
<!-- Fav- & Apple-Touch-Icons -->
<!-- Favicon -->
<?php
if ($faviconPath != "") {
echo '<link rel="shortcut icon" href="' . $faviconPath . '" type="image/x-icon">';
} else {
echo '<link rel="shortcut icon" href="' . $appIconPath . 'favicon.ico" type="image/x-icon">';
}
?>
<link rel="shortcut icon" href="static/appicons/favicon.ico" type="image/x-icon">
<!-- non-retina iPhone pre iOS 7 -->
<link rel="apple-touch-icon" href="static/appicons/114x114.png" sizes="57x57">
<!-- non-retina iPad pre iOS 7 -->
<link rel="apple-touch-icon" href="static/appicons/144x144.png" sizes="72x72">
<!-- non-retina iPad iOS 7 -->
<link rel="apple-touch-icon" href="static/appicons/152x152.png" sizes="76x76">
<!-- retina iPhone pre iOS 7 -->
<link rel="apple-touch-icon" href="static/appicons/114x114.png" sizes="114x114">
<!-- retina iPhone iOS 7 -->
<link rel="apple-touch-icon" href="static/appicons/120x120.png" sizes="120x120">
<!-- retina iPad pre iOS 7 -->
<link rel="apple-touch-icon" href="static/appicons/144x144.png" sizes="144x144">
<!-- retina iPad iOS 7 -->
<link rel="apple-touch-icon" href="static/appicons/152x152.png" sizes="152x152">
<!-- retina iPhone 6 iOS 7 -->
<link rel="apple-touch-icon" href="static/appicons/180x180.png" sizes="180x180">
<script>
var token = '<?php echo (!empty($_SESSION['token'])) ? $_SESSION['token'] : ""; ?>';
</script>
<link rel="stylesheet" href="static/dist/css/app.min.css">
<?php if (file_exists('static/css/custom.css')) {
echo '<link rel="stylesheet" href="static/css/custom.css?' . time() . '">';
} ?>
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/jqueryui/1.12.0/jquery-ui.min.css">
<script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js"></script>
</head>
<body>
<h2><? $title ?> <?php echo i8ln('Login'); ?></h2>
<div id="login-force" class="force-modal">
<?php
if ($_GET['action'] == 'account') { ?>
<form class="force-modal-content animate" action="/register?action=new" method="post">
<?php
if (!empty($_GET['error'])) {
switch ($_GET['error']) {
case 'error-id':
echo '<div id="register-error">' . i8ln('Something went wrong giving your account a numeric id. Please contact your admin') . '</div>';
break;
case 'duplicate':
echo '<div id="register-error">' . i8ln('It looks like we already have a account registered on this email address') . ' <a href="/register?action=password-reset">' . i8ln('Reset password') . '</a></div>';
break;
}
} ?>
<div class="imgcontainer">
<i class="fas fa-user" style="font-size:80px"></i>
</div>
<div class="force-container">
<label for="uname"><b><?php echo i8ln('Email address'); ?></b></label>
<input type="email" placeholder="<?php echo i8ln('Enter email address'); ?>" name="uname" required>
<label for="psw"><b><?php echo i8ln('Password'); ?></b></label>
<input type="password" id="psw" name="psw" pattern="(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{8,}" title="<?php echo i8ln('Must contain at least one number, one uppercase, lowercase letter, and at least 8 or more characters'); ?>" required>
<label for="repsw"><b><?php echo i8ln('Retype Password'); ?></b></label>
<input type="password" id="repsw" name="repsw" placeholder="<?php echo i8ln('Enter Password'); ?>" required>
<span id="validity"></span>
<button type="submit" class="force-button" disabled><?php echo i8ln('Register'); ?></button>
</div>
</form>
<?php
}
if ($_GET['action'] == 'password-reset') { ?>
<form class="force-modal-content animate" action="/register?action=reset" method="post">
<div class="imgcontainer">
<i class="fas fa-user" style="font-size:80px"></i>
</div>
<div class="force-container">
<label for="uname"><b><?php echo i8ln('Email address'); ?></b></label>
<input type="email" placeholder="<?php echo i8ln('Enter Email address'); ?>" name="uname" required>
<button type="submit" class="force-button"><?php echo i8ln('Reset password'); ?></button>
</div>
</form>
<?php
}
if ($_GET['action'] == 'password-update') { ?>
<form class="force-modal-content animate" action="/register?action=update" method="post">
<div class="imgcontainer">
<i class="fas fa-user" style="font-size:80px"></i>
</div>
<div class="force-container">
<label for="uname"><b><?php echo i8ln('Email address'); ?></b></label>
<input type="text" id="uname" name="uname" value="<?php echo $_GET['username']; ?>" readonly>
<label for="prepsw"><b><?php echo i8ln('Password'); ?></b></label>
<input type="password" id="prepsw" name="prepsw" placeholder="<?php echo i8ln('Enter Password'); ?>" required>
<label for="psw"><b><?php echo i8ln('New Password'); ?></b></label>
<input type="password" id="psw" name="psw" pattern="(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{8,}" title="<?php echo i8ln('Must contain at least one number and one uppercase and lowercase letter, and at least 8 or more characters'); ?>" required>
<label for="repsw"><b><?php echo i8ln('Retype New Password'); ?></b></label>
<input type="password" id="repsw" name="repsw" placeholder="<?php echo i8ln('Enter Password'); ?>" required>
<span id="validity"></span>
<button type="submit" class="force-button"><?php echo i8ln('Update password'); ?></button>
</div>
</form>
<?php
} ?>
</div>
<script>
$('#psw, #repsw').on('keyup', function () {
if ($('#psw').val() == $('#repsw').val()) {
$('#validity').html('Passwords match').css('color', 'green');
$(':input[type="submit"]').prop('disabled', false);
} else {
$('#validity').html('Passwords do not match').css('color', 'red');
$(':input[type="submit"]').prop('disabled', true);
}
});
</script>
</body>
</html>