prepare('SELECT id, username, email, is_suspended, is_verified FROM users WHERE email = ?;'); if (!$statement) { $errorMessage = "An unexpected error occurred while changing the email address."; } else { $statement->bind_param('s', $_POST['email']); $statement->execute(); $result = $statement->get_result(); if (!$result) { $errorMessage = "An unexpected error occurred while changing the email address."; $statement->close(); } else { $userData = $result->fetch_assoc(); $statement->close(); $emailExists = boolval($userData); if ($emailExists) { if ($userData['is_suspended']) { $errorMessage = "Your account is suspended."; } elseif (!$userData['is_verified']) { $errorMessage = "Your account is not activated yet."; } else { $passwordRequestIDError = false; while (!$passwordRequestID) { $tempPasswordRequestID = ""; if (function_exists('random_bytes')) { $tempPasswordRequestID = bin2hex(random_bytes(32)); } else { $tempPasswordRequestID = ''; for ($i = 0; $i < 32; $i++) { $tempPasswordRequestID = $tempPasswordRequestID . bin2hex(rand(0, 255)); } } $statement = $connection->prepare("SELECT id FROM requests_password WHERE id = ?"); if (!$statement) { $passwordRequestIDError = true; $errorMessage = "An unexpected error occurred while changing the email address."; break; } else { $statement->bind_param('s', $tempPasswordRequestID); $statement->execute(); $passwordRequestIDExistsResult = $statement->get_result(); if (!$passwordRequestIDExistsResult) { $passwordRequestIDError = true; $errorMessage = "An unexpected error occurred while changing the email address."; $statement->close(); break; } else { $passwordRequestIDExists = boolval($passwordRequestIDExistsResult->fetch_assoc()); $statement->close(); if (!$passwordRequestIDExists) { $passwordRequestID = $tempPasswordRequestID; } } } } if (!$passwordRequestIDError) { $statement = $connection->prepare("REPLACE INTO requests_password ( id, user, request_date ) VALUES ( ?, ?, NOW() )"); if (!$statement) { $errorMessage = "An unexpected error occurred while changing the email address."; } else { $statement->bind_param('si', $passwordRequestID, $userData['id']); if (!$statement->execute()) { $errorMessage = "An unexpected error occurred while changing the email address."; } else { $passwordRequestToSend = true; } $statement->close(); } } } } else { $passwordRequestToSend = true; } if ($passwordRequestToSend) { $sent = false; if ($emailExists) { $sent = sendEmail( [[ "name" => $userData['username'], "address" => $_POST['email'] ]], 'Password change request', "You have requested the change of your password on SVR.JS Mods directory. Copy and paste the link below to change the password. The link will expire after one day.\n\n" . str_replace(["\r\n", "\n", "\r"], "", (isset($_SERVER['HTTPS']) ? 'https://' : 'http://') . (isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : (isset($_SERVER['SERVER_ADDR']) ? $_SERVER['SERVER_ADDR'] : 'localhost')) . (URL_REWRITTEN ? APP_ROOT : APP_ROOT . APP_FILENAME . '/') . 'confirm-password?id=' . urlencode($passwordRequestID)) ); } else { $sent = sendEmail( [[ "address" => $_POST['email'] ]], 'Email address not associated with an account - password change request failed', "Someone attempted to change the password of an account which is not associated with your email address. No action is required." ); } if (!$sent) { $errorMessage = "Can't send password change request email message."; } } } } } } } if ($passwordRequestToSend) { $pageTitle = "Password change request sent"; $pageDescription = "Check your inbox for the request."; } else { $pageTitle = "Forgot password?"; $pageDescription = "Change your user data in SVR.JS Mods directory."; } include 'header.php'; ?>

Password change request sent

Check your inbox for the request.

Forgot password?

If you forgot your password, you can change it - just input your email address associated with your account.

' . htmlspecialchars($errorMessage) . '

'; ?>