Sindbad~EG File Manager
<?php
require_once 'config/config.php';
$error = '';
$success = false;
$validToken = false;
$userType = '';
$email = '';
// Verify token
if (isset($_GET['token']) && isset($_GET['type'])) {
$token = $_GET['token'];
$userType = $_GET['type'];
$db = Database::getInstance()->getConnection();
// Check if token is valid and not expired
$stmt = $db->prepare("
SELECT * FROM password_resets
WHERE token = ? AND user_type = ? AND expires_at > NOW() AND used = 0
");
$stmt->execute([$token, $userType]);
$resetRequest = $stmt->fetch(PDO::FETCH_ASSOC);
if ($resetRequest) {
$validToken = true;
$email = $resetRequest['email'];
} else {
$error = 'Invalid or expired reset link. Please request a new password reset.';
}
} else {
$error = 'Invalid reset link.';
}
// Handle password reset submission
if ($_SERVER['REQUEST_METHOD'] === 'POST' && $validToken) {
$token = $_POST['token'] ?? '';
$userType = $_POST['user_type'] ?? '';
$password = $_POST['password'] ?? '';
$confirmPassword = $_POST['confirm_password'] ?? '';
if (empty($password)) {
$error = 'Please enter a new password';
} elseif (strlen($password) < 6) {
$error = 'Password must be at least 6 characters long';
} elseif ($password !== $confirmPassword) {
$error = 'Passwords do not match';
} else {
// Verify token again
$stmt = $db->prepare("
SELECT * FROM password_resets
WHERE token = ? AND user_type = ? AND expires_at > NOW() AND used = 0
");
$stmt->execute([$token, $userType]);
$resetRequest = $stmt->fetch(PDO::FETCH_ASSOC);
if ($resetRequest) {
// Hash new password
$hashedPassword = password_hash($password, PASSWORD_DEFAULT);
// Update password in appropriate table
if ($userType === 'admin') {
$stmt = $db->prepare("UPDATE users SET password = ? WHERE id = ?");
$stmt->execute([$hashedPassword, $resetRequest['user_id']]);
} else {
$stmt = $db->prepare("UPDATE member_accounts SET password_hash = ? WHERE member_id = ?");
$stmt->execute([$hashedPassword, $resetRequest['user_id']]);
}
// Mark token as used
$stmt = $db->prepare("UPDATE password_resets SET used = 1 WHERE id = ?");
$stmt->execute([$resetRequest['id']]);
$success = true;
} else {
$error = 'Invalid or expired reset link.';
}
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Reset Password - <?php echo APP_NAME; ?></title>
<script src="https://cdn.tailwindcss.com"></script>
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css">
<link href="https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700&display=swap" rel="stylesheet">
<style>
* {
font-family: 'Inter', sans-serif;
}
.gradient-bg {
background: linear-gradient(135deg, #3B82F6 0%, #60A5FA 50%, #FCD34D 100%);
}
.reset-card {
backdrop-filter: blur(10px);
background: rgba(255, 255, 255, 0.95);
}
.password-strength {
height: 4px;
transition: all 0.3s ease;
}
</style>
</head>
<body class="gradient-bg min-h-screen flex items-center justify-center p-4">
<div class="reset-card w-full max-w-md rounded-2xl shadow-2xl p-8">
<!-- Logo & Title -->
<div class="text-center mb-8">
<div class="inline-block p-4 bg-gradient-to-r from-green-500 to-blue-600 rounded-full mb-4">
<i class="fas fa-lock-open text-4xl text-white"></i>
</div>
<h1 class="text-3xl font-bold text-gray-800 mb-2">Reset Password</h1>
<p class="text-gray-600">Choose a new password for your account</p>
</div>
<?php if ($success): ?>
<!-- Success Message -->
<div class="bg-green-100 border border-green-400 text-green-800 px-4 py-3 rounded-lg mb-6">
<div class="flex items-start">
<i class="fas fa-check-circle mt-1 mr-3 text-xl"></i>
<div>
<p class="font-semibold">Password Reset Successful!</p>
<p class="text-sm mt-1">Your password has been updated. You can now login with your new password.</p>
</div>
</div>
</div>
<!-- Login Links -->
<div class="space-y-3">
<?php if ($userType === 'admin'): ?>
<a href="admin-login.php" class="block w-full bg-gradient-to-r from-purple-600 to-purple-700 hover:from-purple-700 hover:to-purple-800 text-white font-semibold py-3 rounded-lg transition duration-200 transform hover:scale-105 shadow-lg text-center">
<i class="fas fa-sign-in-alt mr-2"></i>Login to Admin Panel
</a>
<?php else: ?>
<a href="login.php" class="block w-full bg-gradient-to-r from-blue-500 to-blue-600 hover:from-blue-600 hover:to-blue-700 text-white font-semibold py-3 rounded-lg transition duration-200 transform hover:scale-105 shadow-lg text-center">
<i class="fas fa-sign-in-alt mr-2"></i>Login to Member Portal
</a>
<?php endif; ?>
</div>
<?php elseif (!$validToken): ?>
<!-- Invalid Token Message -->
<div class="bg-red-100 border border-red-400 text-red-700 px-4 py-3 rounded-lg mb-6">
<div class="flex items-start">
<i class="fas fa-exclamation-circle mt-1 mr-3 text-xl"></i>
<div>
<p class="font-semibold">Invalid Reset Link</p>
<p class="text-sm mt-1"><?php echo htmlspecialchars($error); ?></p>
</div>
</div>
</div>
<a href="forgot-password.php" class="block w-full bg-gradient-to-r from-blue-500 to-blue-600 hover:from-blue-600 hover:to-blue-700 text-white font-semibold py-3 rounded-lg transition duration-200 transform hover:scale-105 shadow-lg text-center">
<i class="fas fa-redo mr-2"></i>Request New Reset Link
</a>
<?php else: ?>
<!-- Error Message -->
<?php if (!empty($error)): ?>
<div class="bg-red-100 border border-red-400 text-red-700 px-4 py-3 rounded-lg mb-6 flex items-center">
<i class="fas fa-exclamation-circle mr-2"></i>
<span><?php echo htmlspecialchars($error); ?></span>
</div>
<?php endif; ?>
<!-- Info -->
<div class="bg-blue-50 border border-blue-200 rounded-lg p-4 mb-6">
<p class="text-sm text-blue-800">
<i class="fas fa-info-circle mr-2"></i>
Resetting password for: <strong><?php echo htmlspecialchars($email); ?></strong>
</p>
</div>
<!-- Reset Form -->
<form method="POST" action="" class="space-y-6" id="resetForm">
<input type="hidden" name="token" value="<?php echo htmlspecialchars($token); ?>">
<input type="hidden" name="user_type" value="<?php echo htmlspecialchars($userType); ?>">
<div>
<label for="password" class="block text-sm font-medium text-gray-700 mb-2">
<i class="fas fa-lock mr-2 text-blue-500"></i>New Password
</label>
<div class="relative">
<input type="password"
id="password"
name="password"
required
minlength="6"
class="w-full px-4 py-3 border border-gray-300 rounded-lg focus:outline-none focus:ring-2 focus:ring-blue-500 focus:border-transparent transition"
placeholder="Enter new password">
<button type="button"
onclick="togglePassword('password', 'toggleIcon1')"
class="absolute right-3 top-1/2 transform -translate-y-1/2 text-gray-500 hover:text-gray-700">
<i class="fas fa-eye" id="toggleIcon1"></i>
</button>
</div>
<!-- Password Strength Indicator -->
<div class="mt-2">
<div class="password-strength bg-gray-200 rounded-full" id="strengthBar"></div>
<p class="text-xs text-gray-600 mt-1" id="strengthText">Password must be at least 6 characters</p>
</div>
</div>
<div>
<label for="confirm_password" class="block text-sm font-medium text-gray-700 mb-2">
<i class="fas fa-lock mr-2 text-blue-500"></i>Confirm New Password
</label>
<div class="relative">
<input type="password"
id="confirm_password"
name="confirm_password"
required
minlength="6"
class="w-full px-4 py-3 border border-gray-300 rounded-lg focus:outline-none focus:ring-2 focus:ring-blue-500 focus:border-transparent transition"
placeholder="Re-enter new password">
<button type="button"
onclick="togglePassword('confirm_password', 'toggleIcon2')"
class="absolute right-3 top-1/2 transform -translate-y-1/2 text-gray-500 hover:text-gray-700">
<i class="fas fa-eye" id="toggleIcon2"></i>
</button>
</div>
<p class="text-xs text-gray-600 mt-1" id="matchText"></p>
</div>
<button type="submit"
id="submitBtn"
class="w-full bg-gradient-to-r from-green-500 to-blue-600 hover:from-green-600 hover:to-blue-700 text-white font-semibold py-3 rounded-lg transition duration-200 transform hover:scale-105 shadow-lg disabled:opacity-50 disabled:cursor-not-allowed">
<i class="fas fa-check mr-2"></i>Reset Password
</button>
</form>
<?php endif; ?>
<!-- Home Link -->
<div class="mt-6 text-center">
<a href="index.php" class="text-gray-600 hover:text-gray-800 font-medium inline-flex items-center">
<i class="fas fa-home mr-2"></i>Back to Home
</a>
</div>
<!-- Footer -->
<div class="mt-8 text-center text-sm text-gray-600">
<p>© <?php echo date('Y'); ?> <?php echo APP_NAME; ?>. All rights reserved.</p>
</div>
</div>
<script>
function togglePassword(inputId, iconId) {
const passwordInput = document.getElementById(inputId);
const toggleIcon = document.getElementById(iconId);
if (passwordInput.type === 'password') {
passwordInput.type = 'text';
toggleIcon.classList.remove('fa-eye');
toggleIcon.classList.add('fa-eye-slash');
} else {
passwordInput.type = 'password';
toggleIcon.classList.remove('fa-eye-slash');
toggleIcon.classList.add('fa-eye');
}
}
// Password strength indicator
const passwordInput = document.getElementById('password');
const confirmInput = document.getElementById('confirm_password');
const strengthBar = document.getElementById('strengthBar');
const strengthText = document.getElementById('strengthText');
const matchText = document.getElementById('matchText');
const submitBtn = document.getElementById('submitBtn');
passwordInput?.addEventListener('input', function() {
const password = this.value;
let strength = 0;
if (password.length >= 6) strength++;
if (password.length >= 8) strength++;
if (/[a-z]/.test(password) && /[A-Z]/.test(password)) strength++;
if (/\d/.test(password)) strength++;
if (/[^a-zA-Z\d]/.test(password)) strength++;
const colors = ['bg-red-500', 'bg-orange-500', 'bg-yellow-500', 'bg-blue-500', 'bg-green-500'];
const texts = ['Very Weak', 'Weak', 'Fair', 'Good', 'Strong'];
strengthBar.className = 'password-strength rounded-full ' + (colors[strength - 1] || 'bg-gray-200');
strengthBar.style.width = (strength * 20) + '%';
strengthText.textContent = password.length > 0 ? texts[strength - 1] || 'Very Weak' : 'Password must be at least 6 characters';
checkMatch();
});
confirmInput?.addEventListener('input', checkMatch);
function checkMatch() {
const password = passwordInput.value;
const confirm = confirmInput.value;
if (confirm.length > 0) {
if (password === confirm) {
matchText.textContent = '✓ Passwords match';
matchText.className = 'text-xs text-green-600 mt-1';
submitBtn.disabled = false;
} else {
matchText.textContent = '✗ Passwords do not match';
matchText.className = 'text-xs text-red-600 mt-1';
submitBtn.disabled = true;
}
} else {
matchText.textContent = '';
submitBtn.disabled = false;
}
}
</script>
</body>
</html>
Sindbad File Manager Version 1.0, Coded By Sindbad EG ~ The Terrorists