HEX
Server: LiteSpeed
System: Linux s1049.use1.mysecurecloudhost.com 4.18.0-477.27.2.lve.el8.x86_64 #1 SMP Wed Oct 11 12:32:56 UTC 2023 x86_64
User: xedaptot (3356)
PHP: 8.3.31
Disabled: NONE
Upload Files
File: /home/xedaptot/naniguide.com/deals/forgot.php
<?php

require './core.php';

// Seo Title
$titleSeoHeader = getSeoTitle($translation['tr_1'], $translation['tr_forgotpage']);

// Seo Description
$descriptionSeoHeader = getSeoDescription($translation['tr_3']);

$errors = array();
$validateEmail = false;
$fullHeight = true;
$success = '';

$siteKey = $settings['st_recaptchakey'];
$secretKey = $settings['st_recaptchasecretkey'];

if (isLogged()){

	header('Location: '. $urlPath->home());

}else{

	if ($_SERVER['REQUEST_METHOD'] == 'POST'){

		$verifyCaptcha = $_POST['g-recaptcha-response'];
		$user_email = filter_var(strtolower($_POST['user_email']), FILTER_SANITIZE_STRING);

		$recaptchaUrl = "https://www.google.com/recaptcha/api/siteverify?secret=$secretKey&response=$verifyCaptcha";

		$verify = json_decode(file_get_contents($recaptchaUrl));

		if (!$verify->success) {

			$errors[] = $translation['tr_161'];

		}else{

			if (empty($user_email)) {
				$errors[] = $translation['tr_158'];
			} elseif (!filter_var($user_email, FILTER_VALIDATE_EMAIL)) {
				$errors[] = $translation['tr_163'];
			}else{
				$validateEmail = true;
			}

			if ($validateEmail) {

				try{        

					$connect;

				}catch (PDOException $e){

					$errors[] = $e->getMessage();   
				}

				$statement = $connect->prepare("SELECT * FROM users WHERE user_email = :user_email LIMIT 1");
				$statement->execute(array(':user_email' => $user_email));
				$result = $statement->fetch();

				if ($result == false) {

					$errors[] = $translation['tr_166'];

				}else{

					$currentDate = date("Y-m-d H:i:s");

		try{  // check if user already requested a new password      

			$connect;

		}catch (PDOException $e){

			$errors[] = $e->getMessage();   
		}

		$statement = $connect->prepare("SELECT * FROM tokens WHERE token_email = :token_email");
		$statement->execute(array(':token_email' => $user_email));
		$result = $statement->fetch();

		if ($result['token_date'] >= $currentDate) {
			
			$errors[] = $translation['tr_177'];

		}

	}
}

if (empty($errors)) {

	$dateFormat = mktime(date("H"), date("i"), date("s"), date("m"), date("d")+1, date("Y"));
	$token_date = date("Y-m-d H:i:s", $dateFormat);
	$token_key = hash('sha512', 2418*2 . $user_email);
	$generateKey = substr(hash('sha512', uniqid(rand(),1)),3,10);
	$token_key = $token_key . $generateKey;

	$statement = $connect->prepare("INSERT INTO tokens (token_email, token_key, token_date) VALUES (:token_email, :token_key, :token_date)");
	$statement->execute(array(
		':token_email' => $user_email,
		':token_key' => $token_key,
		':token_date' => $token_date
	));

	try {

		$userInfo = getUserInfo($connect, $user_email);

		$array_content = array("{LOGO_URL}" => $urlPath->image($theme['th_logo']),
			"{SITE_DOMAIN}" => $urlPath->home(), 
			"{SITE_NAME}" => $translation['tr_1'], 
			"{USER_NAME}" => $userInfo['user_name'], 
			"{USER_EMAIL}" => $userInfo['user_email'], 
			"{RESET_URL}" => $urlPath->reset(['email' => $user_email, 'key' => $token_key])
		);

		$emailTemplate = getEmailTemplate($connect, 2);

		if ($emailTemplate) {

			$emailContent = json_decode($emailTemplate['email_content'],true);

			$mail = sendMail($array_content, $emailContent[0]['message'], $user_email, $emailTemplate['email_fromname'], $emailContent[0]['subject'], $emailTemplate['email_plaintext']);

            if ($mail == 'TRUE') {

				$success = $translation['tr_167'];

            }else{

			$errors[] = $translation['tr_168']; // Something Wrong

            }

		}else{

			$errors[] = $translation['tr_168']; // Something Wrong

            }


	} catch (Exception $e) {

$errors[] = $translation['tr_168']; // Something Wrong

}
}
}
}
}

require './header.php';
require './views/forgot.view.php';
require './footer.php';

?>