mirror of
https://github.com/gamaio/UnPS-API.git
synced 2024-12-22 10:12:41 +00:00
Add username check to reset pass
This feels slightly more secure - Can be direct session username (change password while logged on) - Generate key, link it to username, email key for verification of lost password
This commit is contained in:
parent
688a56d184
commit
5b33d2a443
@ -361,7 +361,7 @@ class api{
|
|||||||
return "APIKey reset. Key: $key";
|
return "APIKey reset. Key: $key";
|
||||||
}
|
}
|
||||||
|
|
||||||
function resetPass($apidb, $apikey, $udb, $email, $newpass){
|
function resetPass($apidb, $apikey, $udb, $username, $email, $newpass){
|
||||||
$apisql = "SELECT * FROM `users` WHERE `key` = '$apikey' LIMIT 1;";
|
$apisql = "SELECT * FROM `users` WHERE `key` = '$apikey' LIMIT 1;";
|
||||||
if(!$result = $apidb->query($apisql)) return 'ERROR: ['.$apidb->error.']';
|
if(!$result = $apidb->query($apisql)) return 'ERROR: ['.$apidb->error.']';
|
||||||
if($row = $result->fetch_assoc()){
|
if($row = $result->fetch_assoc()){
|
||||||
@ -374,7 +374,7 @@ class api{
|
|||||||
if(!$result = $apidb->query($apisql)) return 'ERROR: ['.$apidb->error.']';
|
if(!$result = $apidb->query($apisql)) return 'ERROR: ['.$apidb->error.']';
|
||||||
}
|
}
|
||||||
|
|
||||||
$sql = "SELECT * FROM `users` WHERE `email` = '$email'";
|
$sql = "SELECT * FROM `users` WHERE `email` = '$email' AND `username` = '$username' LIMIT 1;";
|
||||||
if(!$result = $udb->query($sql)) return 'ERROR: ['.$udb->error.']';
|
if(!$result = $udb->query($sql)) return 'ERROR: ['.$udb->error.']';
|
||||||
|
|
||||||
$iterations = mt_rand(11, 51);
|
$iterations = mt_rand(11, 51);
|
||||||
|
@ -15,6 +15,7 @@ $unpsAPI = new api();
|
|||||||
//echo $unpsAPI->regUser($apidb, '580658027', $udb, 'David', 'password123', 'tehfoxy.c0de@gmail.com'); // Register users
|
//echo $unpsAPI->regUser($apidb, '580658027', $udb, 'David', 'password123', 'tehfoxy.c0de@gmail.com'); // Register users
|
||||||
//echo $unpsAPI->regAPI($apidb, '580658027', 'UnPS-GAMA Link Shortener', 'tehfoxy.c0de@gmail.com', '1,0,0,0'); // Register API user
|
//echo $unpsAPI->regAPI($apidb, '580658027', 'UnPS-GAMA Link Shortener', 'tehfoxy.c0de@gmail.com', '1,0,0,0'); // Register API user
|
||||||
|
|
||||||
echo $unpsAPI->resetAPI($apidb, '580658027', 'UnPS-GAMA Link Shortener', 'tehfoxy.c0de@gmail.com', '279qit9');
|
//echo $unpsAPI->resetAPI($apidb, '580658027', 'UnPS-GAMA Link Shortener', 'tehfoxy.c0de@gmail.com', '279qit9'); // test reset api key
|
||||||
|
echo $unpsAPI->resetPass($apidb, '580658027', $udb, 'David', 'tefoxy.c0de@gmail.com', 'password1234s'); // Test change password
|
||||||
|
|
||||||
?>
|
?>
|
Loading…
Reference in New Issue
Block a user