diff --git a/forgotpassword.php b/forgotpassword.php index 8e15b80..85d56cf 100644 --- a/forgotpassword.php +++ b/forgotpassword.php @@ -1,10 +1,44 @@ prepare('SELECT id FROM users where email=? ALLOW FILTERING;'); +$result = $session->execute($statement,array('arguments' => array($email))); +$row_id = $result[0]['id']; +$statement = $session->prepare('UPDATE users SET forgot_pass_id=? WHERE id=?;'); +$result = $session->execute($statement,array('arguments' => array($rand_val,$row_id))); +//TODO - Don't throw an error if the email address does not exist. Instead, silently skip everything and print the last line. + +$env = parse_ini_file("../../variables.env"); + +$mail = new PHPMailer(false); +$mail->isSMTP(); +$mail->Host = $env['EMAIL_HOST']; +$mail->SMTPAuth = 'true'; +$mail->Username = $env['EMAIL_ADDRESS']; +$mail->Password = $env['EMAIL_PASSWORD']; +$mail->SMTPSecure = PHPMailer::ENCRYPTION_STARTTLS; +$mail->Port = 587; + +$mail->setFrom($env['EMAIL_ADDRESS'], 'GLink Support'); +$mail->addAddress($email); + +$mail->Subject = 'Password Reset'; +$mail->Body = 'Your password reset link is https://glink.zip/passwordreset.html?val=' . $rand_val; +$mail->send(); +echo("If you have an account with us, you should have received an email with a link to reset your password."); ?>