francesco/pilates-platform
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix

Browse Source
This commit is contained in:
Francesco Picone
2025-12-03 18:35:21 +01:00
commit 4e41ca9bf7
22 changed files with 4836 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

156
reset_password.php Normal file
View File

@@ -0,0 +1,156 @@
<?php
/**
* Pagina Reset Password - Step 2
*
* L'utente arriva qui cliccando il link nell'email e può impostare una nuova password
*/
require_once 'includes/config.php';
require_once 'includes/functions.php';
session_start();
// Se l'utente è già loggato, reindirizza
if (is_logged_in()) {
header('Location: user/dashboard.php');
exit;
}
$token = $_GET['token'] ?? '';
$error = '';
$success = false;
// Verifica che il token esista e sia valido
$user_id = verify_password_reset_token($token);
if (!$user_id) {
$error = 'Link non valido o scaduto. Richiedi un nuovo link di reset.';
}
// Processa il form se inviato
if ($_SERVER['REQUEST_METHOD'] === 'POST' && $user_id) {
$password = $_POST['password'] ?? '';
$password_confirm = $_POST['password_confirm'] ?? '';
// Validazione
if (empty($password)) {
$error = 'Inserisci la nuova password';
} elseif (strlen($password) < 6) {
$error = 'La password deve essere di almeno 6 caratteri';
} elseif ($password !== $password_confirm) {
$error = 'Le password non corrispondono';
} else {
// Aggiorna la password
$pdo = get_db_connection();
$hashed_password = hash_password($password);
$stmt = $pdo->prepare("UPDATE users SET password = ?, updated_at = NOW() WHERE id = ?");
if ($stmt->execute([$hashed_password, $user_id])) {
// Marca il token come usato
mark_token_as_used($token);
// Log attività
$stmt = $pdo->prepare("
INSERT INTO activity_log (user_id, action, description, ip_address, user_agent, created_at)
VALUES (?, 'password_reset', 'Password reimpostata', ?, ?, NOW())
");
$stmt->execute([
$user_id,
$_SERVER['REMOTE_ADDR'] ?? null,
$_SERVER['HTTP_USER_AGENT'] ?? null
]);
$success = true;
} else {
$error = 'Errore durante il reset della password. Riprova più tardi.';
}
}
}
?>
<!DOCTYPE html>
<html lang="it">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Reimposta Password - Pilates Platform</title>
<link rel="stylesheet" href="assets/css/style.css">
</head>
<body>
<div class="container-sm" style="padding-top: 3rem;">
<div class="card">
<div class="text-center mb-3">
<h1 class="logo">Pilates Studio</h1>
</div>
<h2 class="card-header text-center">Reimposta Password</h2>
<?php if ($success): ?>
<div class="alert alert-success">
<strong>Password aggiornata!</strong><br>
La tua password è stata reimpostata con successo. Ora puoi effettuare il login.
</div>
<div class="text-center">
<a href="login.php" class="btn btn-primary btn-large">Vai al Login</a>
</div>
<?php elseif (!$user_id): ?>
<div class="alert alert-error">
<?php echo htmlspecialchars($error); ?>
</div>
<div class="text-center">
<a href="forgot_password.php" class="btn btn-primary">Richiedi Nuovo Link</a>
</div>
<?php else: ?>
<?php if ($error): ?>
<div class="alert alert-error">
<?php echo htmlspecialchars($error); ?>
</div>
<?php endif; ?>
<p class="text-muted text-center mb-2">
Inserisci la tua nuova password.
</p>
<form method="POST" action="">
<div class="form-group">
<label for="password" class="form-label">Nuova Password (minimo 6 caratteri)</label>
<input
type="password"
id="password"
name="password"
class="form-control"
required
minlength="6"
autofocus
>
</div>
<div class="form-group">
<label for="password_confirm" class="form-label">Conferma Password</label>
<input
type="password"
id="password_confirm"
name="password_confirm"
class="form-control"
required
minlength="6"
>
</div>
<button type="submit" class="btn btn-primary btn-large" style="width: 100%;">
Reimposta Password
</button>
</form>
<?php endif; ?>
<div class="text-center mt-2">
<p class="mt-2">
<a href="login.php">← Torna al Login</a>
</p>
</div>
</div>
</div>
</body>
</html>