VeltronNET/Misdew
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add files via upload

Browse source
This commit is contained in:
Justin 2022-07-20 09:22:56 -04:00 committed by GitHub
commit b0113f7691
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 246 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

2
checkpoint/f.php Normal file
View file

@ -0,0 +1,2 @@
<?php
header("location: /"); ?>

108
checkpoint/index.php Normal file
View file

@ -0,0 +1,108 @@
<?php
require_once("../inc/check-conx.php");
if($logged_in == false) {
header("location: /");
exit();
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Checkpoint - Misdew</title>
<meta charset="utf-8">
<meta name="description" content="We are a fairly cool social network.">
<meta name="keywords" content="Misdew, MD, Social, Network, Communication, 3DS, DSi, Nintendo">
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
<meta name="google" value="notranslate">
<meta name="theme-color" content="<?php echo $meta_theme_color; ?>">
<?php
if($css_type == "sheet") {
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"$g_sheet\">";
}
if($css_type == "raw") {
echo "<style type=\"text/css\">$g_raw</style>";
}
?>
<link rel="icon" type="image/png" href="/img/favicon.png">
<link rel="apple-touch-icon" href="/img/logo.png">
</head>
<body>
<body>
<center>
<?php
$back_button = true;
$linebreak = false;
$alerts = true;
require_once("../inc/header.php");
?> <br>
<div class="settings_cont">
<span style="font-size: 12px; color: #808080;">&nbsp; You must take action to continue using Misdew.com</span>
<table style="width: 100%; padding: 8px;">
<tr>
<td>
<span class="settings_title">
Checkpoint: Email Storing Update
</span>
</td>
</tr>
<tr>
<td>
<span class="settings_desc">
An email update is needed for your Misdew account.
<br> Please enter a valid email address below. You will receive an email from us asking you to confirm the linking of this email address to your Misdew.com account. <br><br>
If you encounter any issues or need help, please send an email to me@justa.us <br><br>
</span>
</td>
</tr>
<tr>
<td>
<input autocomplete="off" type="text" id="new_email" name="new_email" class="settings_input" placeholder="New Email"> <br>
<input autocomplete="off" type="text" id="new_email_conf" name="new_email_conf" class="settings_input" placeholder="Confirm New Email"> <br>
<input autocomplete="off" type="password" id="password" name="password" class="settings_input" placeholder="Enter Password"> <br>
</td>
</tr>
<tr>
<td onclick="newEmail();">
<center><div class="change_pass_btn" style="background-color: #a64ca6;">Update</div></center>
</td>
</tr>
</table>
</div>
<br>
<span style="font-family: 'Dosis', sans-serif; color: #808080; font-size: 12px;">Still need help? Send an email to <b>me@justa.us</b></span><br>
<?php
require_once("../inc/footer.php");
?>
</center>
<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js"></script>
<script>
function newEmail() {
if(confirm('Are you sure that everything is correct?')) {
var password = document.getElementById('password').value;
var new_email = document.getElementById('new_email').value;
var new_email_conf = document.getElementById('new_email_conf').value;
var token = "<?php echo $u_token; ?>";
$.ajax({
url: 'link.php',
type: 'POST',
data: { token: token, new_email: new_email, new_email_conf: new_email_conf, password: password },
success: function(data){
if(data == '') {
var password = document.getElementById('password').value = '';
var new_email = document.getElementById('new_email').value = '';
var new_email_conf = document.getElementById('new_email_conf').value = '';
alert('If all went well: A verification email should have been sent. Please click the link in the email in order to link this new email address to your account. Please allow time for the email to arrive and check your spam folder.');
}
},
error: function(data) {
alert('If all went well: A verification email should have been sent. Please click the link in the email in order to link this new email address to your account. Please allow time for the email to arrive and check your spam folder.');
}
});
}
}
</script>
</body>
</html>

79
checkpoint/link.php Normal file
View file

@ -0,0 +1,79 @@
<?php
require_once("../inc/check-conx.php");
if($logged_in == false) {
header("location: /");
exit();
}
$gtoken = safe($_POST['token']);
if($gtoken == $u_token) {
$new_email = safe($_POST['new_email']);
$new_email_conf = safe($_POST['new_email_conf']);
$password = safe($_POST['password']);
$u_password = $y['password'];
// If current password is correct
// hash the password
$password_hashed = hash("sha256",$u_username.$password);
if($password_hashed == $u_password) {
if($email_secure == '') {
if($new_email == $new_email_conf) {
// do something
# GENERATE KEY TO RESET
function genR($length = 10) {
return substr(str_shuffle("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"), 0, $length);
}
$resetid = genR();
// hash the email
$email_hasher = "ur own random sht here keep it consistent tho bro kl;fakfljsdlkjsdaf";
$email_hashed = hash("sha256",$email_hasher.$new_email);
// if email already exists
$qq = mysqli_query($conx, "SELECT username FROM accounts WHERE email_secure='$email_hashed'");
$cc = mysqli_num_rows($qq);
if($cc > 0) {
$_SESSION['m6'] = "gen_error";
header("location: /");
exit();
}
# INSERT RESET DETAILS
mysqli_query($conx, "INSERT INTO forgot_password (tstamp,uqid,email_secure,username) VALUES ('$tstamp','$resetid','$email_hashed','$u_username')");
# PUSH OUT EMAIL
$to = $new_email;
$subject = "misdew.com email update";
$txt = "$u_username, <br>
An email update was requested for your account. <br>
Follow the link below to continue. <br><br>
<a href=\"https://misdew.com/checkpoint/verify.php?k=$resetid\">https://misdew.com/checkpoint/verify.php?k=$resetid</a> <br><br>
</span>
</center>";
$headers = "Content-Type: text/html; charset=utf-8";
mail($to,$subject,$txt,$headers);
$_SESSION['m4'] = "em_ss";
header("location: /checkpoint");
exit();
}
else {
header("location: /throw_error");
exit();
}
}
else {
header("location: /throw_error");
exit();
}
}
else {
header("location: /throw_error");
exit();
}
}
?>

57
checkpoint/verify.php Normal file
View file

@ -0,0 +1,57 @@
<?php
session_start();
require_once("../inc/check-conx.php");
if($logged_in == false) {
header("location: /");
exit();
}
# POST DATA
$resetid_p = safe($_GET['k']);
if($resetid_p && $u_username && $email_secure == '') {
$cs = mysqli_query($conx, "SELECT tstamp,uqid,username,email_secure FROM forgot_password WHERE uqid='$resetid_p'");
$ccnt = mysqli_num_rows($cs);
if($ccnt == '0') {
$_SESSION['m5'] = "ef_hef";
header("location: /");
exit();
}
$crs = mysqli_fetch_assoc($cs);
$rs_tstamp = $crs['tstamp'];
$rs_uqid = $crs['uqid'];
$rs_username = $crs['username'];
$rs_email = $crs['email_secure'];
if($email_secure == '') {
}
else {
header("location: /");
exit();
}
// if email already exists
$qq = mysqli_query($conx, "SELECT username FROM accounts WHERE email_secure='$rs_email'");
$cc = mysqli_num_rows($qq);
if($cc > 0) {
$_SESSION['m6'] = "gen_error";
header("location: /");
exit();
}
# MAKE SURE LINK HASN'T REACHED ONE HOUR EXPIRE LIMIT
$tttstamp = $rs_tstamp + 3600;
if($tstamp >= $tttstamp) {
mysqli_query($conx, "DELETE FROM forgot_password WHERE email_secure='$rs_email'");
$_SESSION['m5'] = "ef_hef";
header("location: /");
exit();
}
mysqli_query($conx, "UPDATE accounts SET email_secure='$rs_email' WHERE username='$u_username'");
mysqli_query($conx, "DELETE FROM forgot_password WHERE email_secure='$rs_email'");
header("location: /");
exit();
}
else {
header("location: /");
exit();
}
?>