fix: password reset not working

This commit is contained in:
grandeljay 2023-11-08 14:43:38 +01:00
parent 00d341fa85
commit 8d80c22bdc
4 changed files with 14 additions and 22 deletions

View file

@ -51,20 +51,7 @@ class Email
$renderer = new \Qferrer\Mjml\Renderer\ApiRenderer($api); $renderer = new \Qferrer\Mjml\Renderer\ApiRenderer($api);
$html = $this->mjml; $html = $this->mjml;
if ('127.0.0.1' === $_SERVER['REMOTE_ADDR']) {
/**
* Ignore SSL certificate errors
*/
try {
$html = $renderer->render($this->mjml); $html = $renderer->render($this->mjml);
} catch (\Qferrer\Mjml\Exception\CurlException $th) {
error_log($th->getMessage());
error_log($this->mjml);
}
} else {
$html = $renderer->render($this->mjml);
}
$to = $this->to; $to = $this->to;
$subject = $this->subject; $subject = $this->subject;

View file

@ -546,4 +546,9 @@ class User
{ {
$this->advertisements = $advertisements; $this->advertisements = $advertisements;
} }
public function getPasswordResetValidUntil(): int
{
return $this->password_reset_valid_until;
}
} }

View file

@ -83,7 +83,7 @@ if (isset($_POST['reset'], $_POST['email'])) {
'password-reset-link', 'password-reset-link',
$_SERVER['REQUEST_SCHEME'] . '://' . $_SERVER['REQUEST_SCHEME'] . '://' .
$_SERVER['HTTP_HOST'] . $_SERVER['HTTP_HOST'] .
Page::PAGE_REGISTER . '&password-reset=' . $user->email . '&token=' . $token Page::PAGE_REGISTER . '&password-reset=' . $user->getEmail() . '&token=' . $token
); );
$emailReset->send(); $emailReset->send();

View file

@ -71,8 +71,9 @@ if (isset($_POST['email'], $_POST['password']) && !empty($_POST['planet'])) {
*/ */
$userQuery = $database $userQuery = $database
->query( ->query(
'SELECT * FROM `users` 'SELECT *
WHERE `email` = :user_email, FROM `users`
WHERE `email` = :user_email
AND `password_reset_token` = :user_password_reset_token', AND `password_reset_token` = :user_password_reset_token',
array( array(
'user_email' => $user_email, 'user_email' => $user_email,
@ -83,13 +84,12 @@ if (isset($_POST['email'], $_POST['password']) && !empty($_POST['planet'])) {
if (false !== $userQuery) { if (false !== $userQuery) {
$user = new User($userQuery->fetch()); $user = new User($userQuery->fetch());
if (time() > $user->password_reset_valid_until) { echo \date('d.m.Y H:i') . ' <= ' . \date('d.m.Y H:i', $user->getPasswordResetValidUntil()) . '.';
if (time() <= $user->getPasswordResetValidUntil()) {
$database $database
->query( ->query(
'UPDATE `users` 'UPDATE `users`
SET `password` = :user_password, SET `password` = :user_password
`password_reset_token` = NULL,
`password_reset_valid_until` = NULL
WHERE `id` = :user_id;', WHERE `id` = :user_id;',
array( array(
'user_password' => User::passwordToHash($_POST['password']), 'user_password' => User::passwordToHash($_POST['password']),