-
Notifications
You must be signed in to change notification settings - Fork 0
/
token.php
80 lines (61 loc) · 2.72 KB
/
token.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
<?php
// Create CSRF token
$_SESSION['db_token'] = bin2hex(random_bytes(32));
if(APP_INITIALIZE === 0)
{
header("Location: install.php");
}
// At the top of the page we check to see whether the user is logged in or not
if(!empty($_SESSION[SES_NAME]))
{
$obj = new Login( new SafeMySQL());
$obj->redirectLogin();
}
// Everything below this point in the file is secured by the login system
?>
<!DOCTYPE html>
<html lang="<?= APP_LANG;?>">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<!-- Meta, title, CSS, favicons, etc. -->
<meta charset="UTF-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel='shortcut icon' type='image/x-icon' href='<?= URL_ROOT_IMG; ?>/leaf.ico' />
<title><?= APP_TITLE; ?> | Recover</title>
<?php
foreach($arr_css as $css){
echo '<link href="'.URL_ROOT.$css.'" rel="stylesheet">';
}
?>
</head>
<body class="gray-bg" id="i18container">
<div class="middle-box text-center loginscreen animated fadeInDown ">
<div class="wrapper wrapper-content">
<!--<h1 class="logo-name">DB+</h1>-->
<h1 class="logo-name"><img src="<?= URL_ROOT_IMG.'/app_logo.png';?>" width="70%"></img></h1>
<h3 data-i18n="[html]tokenmsg.welcome">Welcome to DB+</h3>
<p data-i18n="[html]tokenmsg.text">An improved experience for managing RMS and SCS.</p>
<form class="m-t" id="signinForm" action="Src/controllers/login.controller.php?recover" method="post">
<div class="form-group">
<input type="email" class="form-control" placeholder="Email" name="email" required="" value="<?php if(isset($_GET['id'])){ echo strtolower($_GET['id']); }?>">
</div>
<?php if(isset($_GET['rec'])){ ?>
<div class="form-group">
<input type="text" class="form-control" name="token" placeholder="Token" value="<?php if(isset($_GET['rec'])){ echo $_GET['rec']; }?>" />
</div>
<?php };?>
<button type="submit" class="btn btn-primary block full-width m-b" name="recover" value="Recover" data-i18n="[html]tokenmsg.button">Recover</button>
<input type="hidden" name="csrf" value="<?= htmlspecialchars($_SESSION['db_token'], ENT_QUOTES, 'UTF-8');?>">
</form>
<p class="m-t"> <small><?= date("D d-m-Y"). "<font color='#0092D0'> | </font>". date("H:i:s")."<font color='#0092D0'> | </font> ".APP_ENV." " . APP_VER; ?></small> </p>
</div>
</div>
<!-- Mainly scripts -->
<?php
foreach($arr_js as $js){
echo '<script src="'.URL_ROOT.$js.'"></script>';
}
?>
</body>
</html>