prepare("SELECT id, username, emailaddress, enabled FROM app_users WHERE emailaddress=? and enabled=?");
$query0->bind_param("si", $currentSentEmail, $enabled);
$query0->execute();
$fetchres = $query0->get_result();
$fetchData = $fetchres->fetch_row();
if (empty($fetchData)) {
$result = 'failure';
$messageonrequest = "Your email address hasn't been found !";
} else {
/**
* Send the verification email
*/
// Generate a random string to be used as the termination of the verification link
function random_str($length, $keyspace = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ') {
$pieces = [];
$max = mb_strlen($keyspace, '8bit') - 1;
for ($i = 0; $i < $length; ++$i) {
$pieces []= $keyspace[random_int(0, $max)];
}
return implode('', $pieces);
}
$token = random_str(55);
// Update the appropriate fields for the user having the given email address
$initPassword = random_str(14);
$newPassword = password_hash($initPassword, PASSWORD_DEFAULT);
$userID = $fetchData[0];
$query1 = $mysqli->query("UPDATE app_users SET password = '$newPassword', registered = '0', token = '$token', temporarypass = '$initPassword' WHERE id = '$userID'
AND enabled = 1");
// Create the verification email
$verificationLink = $_SERVER['REQUEST_SCHEME'] . "://" . $_SERVER['HTTP_HOST'] . "/forgotpass-verification.php?token=" . $token;
$domaininit = explode(".", $_SERVER['HTTP_HOST']);
array_shift($domaininit);
$domain = implode(".", $domaininit);
$headers = "MIME-Version: 1.0" . "\r\n";
$headers .= "Content-type: text/html; charset=UTF-8" . "\r\n";
$headers .= "From: " . "no-reply@" . $domain . "\r\n";
$subject = "Roundpin email address verification";
$message = "Hello,
We have received your request related to regaining access to your account. Please verify your email address by clicking on
the link below:
".$verificationLink."
Alternatively, you can copy the link and paste it in the address bar of your browser.
After email address verification you will receive a new email with further instructions.
Thank you,
Roundpin
Host: '" . $_SERVER['HTTP_HOST'] . "'";
// Send the email
mail($currentSentEmail, $subject, $message, $headers);
$result = 'success';
$messageonrequest = "An email has been sent to your email address. Please follow the instructions in the received email to regain access to your
Roundpin account.";
}
} catch (mysqli_sql_exception $e) {
$result = 'failure';
$messageonrequest = "An error occurred while processing your request. You can try sending your request again after a few moments !";
}
$reqresponse = array('result' => $result, 'messageonrequest' => $messageonrequest);
echo json_encode($reqresponse);
}
} else {
header("Location: roundpin-login.php");
}
?>