<?php
if(!isset($_GET['token']) || !isset($_GET['email'])) {
header('location: index.php?slug=reset-pwd');
}
$email = rawurldecode(htmlspecialchars($_GET['email']));
$token = rawurldecode(htmlspecialchars($_GET['token']));
$_token = encrypt_decrypt("decrypt", $token, $key_user, $iv_user);
//Test de la clé
if( nx_validate_token($_token) ) {
$reqItem = getQueries('nx_users', array('user_email' => $email,
'user_mdp_key' => $token));
if( !$reqItem['count'] ) {
$_SESSION['error'] = "Clé de récupération introuvable";
redirect('index.php?slug=reset-pwd');
}
$userInfo = $reqItem['result'][0];
} else {
$_SESSION['error'] = "Clé de récupération expiré";
redirect('index.php?slug=reset-pwd');
}
if( isset($_POST['new-pwd']) ) {
$mdp1 = htmlspecialchars($_POST['pwd']);
$mdp2 = htmlspecialchars($_POST['pwd2']);
//Contrôle que les mots de passes corresponent
if($mdp1 == $mdp2) {
//Données du formulaire
$form = array('user_mdp' => password_hash($mdp1, PASSWORD_DEFAULT),
'user_mdp_key' => '');
$selector = array('idUser' => $userInfo['idUser']);
$flag = dbRowUpdate2("nx_users", $form, $selector);
$_SESSION['error'] = 'Votre mot de passe a été réinitialisé avec succès.';
redirect('index.php');
} else {
$_SESSION['error'] = 'Les mots de passes ne correspondent pas';
redirect($_SERVER['REQUEST_URI']);
}
}
if( isset($_GET['action']) ) {
$action = htmlspecialchars($_GET['action']);
switch($action) {
//_________________________________________________________________________________
case 'delete-response':
unset($_SESSION['error']);
break;
//_________________________________________________________________________________
default: break;
}
$url_redirect = str_replace("&action=delete-response","",$_SERVER['REQUEST_URI']);
redirect($url_redirect);
}
?>
<div class="d-flex flex-center flex-column flex-column-fluid p-10 pb-lg-20">
<!--begin::Logo-->
<a href="index.php" class="mb-12">
<img alt="Logo" src="assets/media/logos/logo_rvb.svg" class="h-100px" />
</a>
<!--end::Logo-->
<!--begin::Wrapper-->
<div class="w-lg-500px bg-body rounded shadow-sm p-10 p-lg-15 mx-auto">
<!--begin::Form-->
<form class="form w-100" novalidate="novalidate" id="form_login" action="" method="post">
<!--begin::Heading-->
<div class="text-center mb-10">
<!--begin::Title-->
<h1 class="text-dark mb-3">Créez un nouveau mot de passe</h1>
<!--end::Title-->
<p>Saisissez un mot de passe personnalisé, mais privilégiez un mot de passe fort !</p>
<p>Intégrez un gestionnaire de mots de passe efficace dans votre organisation avec sense IT, toutes vos données sont hébergées en Suisse à l'endroit de votre choix !</p>
<a href="https://senseit.ch/services/paas/" target="_blank" class="link-primary fw-bolder mb-4">En savoir plus</a>
</div>
<!--begin::Heading-->
<!--begin::Input group-->
<div class="fv-row mb-10">
<!--begin::Wrapper-->
<div class="d-flex flex-stack mb-2">
<!--begin::Label-->
<label class="form-label fw-bolder text-dark fs-6 mb-0">Mot de passe</label>
<!--end::Label-->
</div>
<!--end::Wrapper-->
<!--begin::Input-->
<input class="form-control form-control-lg form-control-solid" type="password" name="pwd" autocomplete="off" />
<!--end::Input-->
</div>
<!--end::Input group-->
<!--begin::Input group-->
<div class="fv-row mb-10">
<!--begin::Wrapper-->
<div class="d-flex flex-stack mb-2">
<!--begin::Label-->
<label class="form-label fw-bolder text-dark fs-6 mb-0">Confirmer mot de passe</label>
<!--end::Label-->
</div>
<!--end::Wrapper-->
<!--begin::Input-->
<input class="form-control form-control-lg form-control-solid" type="password" name="pwd2" autocomplete="off" />
<!--end::Input-->
</div>
<!--end::Input group-->
<?php
if( isset($_SESSION['error']) ) {?>
<!--begin::Alert-->
<div class="alert alert-primary d-flex align-items-center p-5">
<!--begin::Wrapper-->
<div class="d-flex flex-column">
<!--begin::Content-->
<span><?= var_dump($_SESSION['error'])?></span>
<!--end::Content-->
<?= '<a href="'.$_SERVER['REQUEST_URI'].'&action=delete-response" class="btn btn-light-info btn-sm" style="width: 200px;">Supprimer message</a>';?>
</div>
<!--end::Wrapper-->
</div>
<!--end::Alert-->
<?php
}?>
<!--begin::Actions-->
<div class="text-center">
<!--begin::Submit button-->
<button type="submit" class="btn btn-lg btn-primary w-100 mb-5" name="new-pwd">
<span class="indicator-label">Modifier mot de passe</span>
<span class="indicator-progress">2 secondes...
<span class="spinner-border spinner-border-sm align-middle ms-2"></span></span>
</button>
<!--end::Submit button-->
</div>
<!--end::Actions-->
<div class="text-gray-400 fw-bold fs-4">Retour vers la connexion
<a href="index.php?slug=login" class="link-primary fw-bolder">Se connecter</a></div>
</form>
<!--end::Form-->
</div>
<!--end::Wrapper-->
</div>
