GitList - GitList

forgot-password.php
 <!doctype html>
 <!--
   Copyright (C) 2021  Double Bastion LLC
 
   This file is part of Roundpin, which is licensed under the
   GNU Affero General Public License Version 3.0. The license terms
   are detailed in the "LICENSE.txt" file located in the root directory.
 
   This is a modified version of the original file "index.html",
   first modified in 2020. The copyright notice for the original
   content follows:
 
   Copyright (c) 2019 by Daniel Zawadzki (https://codepen.io/danzawadzki/pen/EgqKRr)
   License: The MIT License
 -->
 
 <head>
    <meta charset="utf-8">
    <title>Roundpin</title>
    <link rel="stylesheet" href="css/login.min.css"/>
    <link rel="stylesheet" href="css/inter.min.css"/>
    <script type="text/javascript" src="js/jquery-3.3.1.min.js"></script>
    <script type="text/javascript" src="js/forgot-password.min.js"></script>
    <link rel="shortcut icon" type="image/svg" href="images/favicon.svg" />
 </head>
 <body>
 
   <div class="wrapper">
   <div id="formContent">
     <!-- Tabs Titles -->
     <a href="roundpin-login.php"><h2 id="signintab" class="underlineHover">Log In</h2></a>
     <a id="signupsec" href="roundpin-signup.php"><h2 id="signuptab" class="underlineHover">Sign Up</h2></a>
 
     <!-- Icon -->
     <div id="logosection">
       <img src="images/login-logo.svg" id="login-logo" alt="Roundpin logo" />
     </div>
 
     <div id="submitmessage"></div>
     <span id="emailaddressfgtLabel" class="fadeInSpec">Email Address</span>
     <input type="text" id="emailforgotpass" name="emailforgotpass" placeholder="Enter your email address" />
     <input type="button" id="forgotpassbutton" name="forgotpassbutton" value="Request Access" />
 
     <div id="formFooter">
       <a id="forgotpass" class="underlineHover">Forgot Password?</a>
     </div>
 
   </div>
   </div>
 
 <?php
 
 define('RESTRICTED', TRUE);
 
  // Extract the sign up parameter from 'install-signup-check.php' to activate or deactivate the 'Sign Up' tab
  if (is_file(dirname(__FILE__) . '/install-signup-check.php')) {
 
     $setupfile = file(dirname(__FILE__) . '/install-signup-check.php');
 
     $signup_check = 'false';
     foreach ($setupfile as $keyfile => $valuefile) {
          if ((strpos($valuefile, "\$signupcheck") !== false) && (strpos($valuefile, "//") === false)) {
               $signup_init = explode("=", $valuefile);
               $firsttwo_init = str_replace(" ","", $signup_init[0]);
               $signup_sec = explode(";", $signup_init[1]);
               $signup_check = str_replace(" ","", $signup_sec[0]);
               break;
          }
     }
 
     if ($signup_check != 'true') {
 
          ?>
          <script type="text/javascript">
              $("#signupsec").css("cursor", "default");
              $("#signupsec").attr("href", "");
 
              $("#signuptab").addClass("inactive");
              $("#signuptab").removeClass("underlineHover");
              $("#signuptab").css("cursor", "default");
          </script>
          <?php
 
     }
  }
 
  // Generate a random string to prevent direct access to 'register-user.php'
  function random_str($length, $keyspace = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ') {
       $pieces = [];
       $max = mb_strlen($keyspace, '8bit') - 1;
 
       for ($i = 0; $i < $length; ++$i) {
           $pieces []= $keyspace[random_int(0, $max)];
       }
       return implode('', $pieces);
  }
 
  $token = random_str(40);
 
  session_start();
 
  $_SESSION['forgotpass_access'] = $token;
 
  ?>
 
  <script type="text/javascript">
       var getVerifyToken = "<?php print_r($_SESSION['forgotpass_access']); ?>";
  </script>
 
 </body>
 </html>