From 1c5fa656fab08d982780462497d7f09c7f384e9f Mon Sep 17 00:00:00 2001 From: Aadhavan Srinivasan Date: Wed, 6 Sep 2023 21:59:16 -0500 Subject: [PATCH] Added code to send email with a dummy link based on HTTP variable --- forgotpassword.php | 36 +++++++++++++++++++++++++++++++++++- 1 file changed, 35 insertions(+), 1 deletion(-) diff --git a/forgotpassword.php b/forgotpassword.php index 8e15b80..85d56cf 100644 --- a/forgotpassword.php +++ b/forgotpassword.php @@ -1,10 +1,44 @@ prepare('SELECT id FROM users where email=? ALLOW FILTERING;'); +$result = $session->execute($statement,array('arguments' => array($email))); +$row_id = $result[0]['id']; +$statement = $session->prepare('UPDATE users SET forgot_pass_id=? WHERE id=?;'); +$result = $session->execute($statement,array('arguments' => array($rand_val,$row_id))); +//TODO - Don't throw an error if the email address does not exist. Instead, silently skip everything and print the last line. + +$env = parse_ini_file("../../variables.env"); + +$mail = new PHPMailer(false); +$mail->isSMTP(); +$mail->Host = $env['EMAIL_HOST']; +$mail->SMTPAuth = 'true'; +$mail->Username = $env['EMAIL_ADDRESS']; +$mail->Password = $env['EMAIL_PASSWORD']; +$mail->SMTPSecure = PHPMailer::ENCRYPTION_STARTTLS; +$mail->Port = 587; + +$mail->setFrom($env['EMAIL_ADDRESS'], 'GLink Support'); +$mail->addAddress($email); + +$mail->Subject = 'Password Reset'; +$mail->Body = 'Your password reset link is https://glink.zip/passwordreset.html?val=' . $rand_val; +$mail->send(); +echo("If you have an account with us, you should have received an email with a link to reset your password."); ?>