 Server : Apache/2 System : Linux server-15-235-50-60 5.15.0-164-generic #174-Ubuntu SMP Fri Nov 14 20:25:16 UTC 2025 x86_64 User : gositeme ( 1004) PHP Version : 8.2.29 Disable Function : exec,system,passthru,shell_exec,proc_close,proc_open,dl,popen,show_source,posix_kill,posix_mkfifo,posix_getpwuid,posix_setpgid,posix_setsid,posix_setuid,posix_setgid,posix_seteuid,posix_setegid,posix_uname Directory : /home/gositeme/domains/soundstudiopro.com/private_html/auth/ |
<?php
session_start();
require_once '../config/database.php';
require_once '../includes/translations.php';
if (isset($_SESSION['user_id'])) {
header('Location: /library.php');
exit;
}
$error = '';
$success = '';
$token = $_GET['token'] ?? '';
if (empty($token)) {
$error = t('password.reset.error');
} else {
try {
$pdo = getDBConnection();
// Check if reset table exists
try {
$pdo->exec("
CREATE TABLE IF NOT EXISTS password_resets (
id INT AUTO_INCREMENT PRIMARY KEY,
user_id INT NOT NULL,
token VARCHAR(64) NOT NULL,
expires_at DATETIME NOT NULL,
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
used TINYINT(1) DEFAULT 0,
INDEX idx_token (token),
INDEX idx_user_id (user_id),
FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci
");
} catch (Exception $e) {
// Table might already exist
}
// Verify token
$stmt = $pdo->prepare("
SELECT pr.user_id, pr.expires_at, u.email, u.name
FROM password_resets pr
JOIN users u ON pr.user_id = u.id
WHERE pr.token = ? AND pr.used = 0 AND pr.expires_at > NOW()
");
$stmt->execute([$token]);
$reset = $stmt->fetch(PDO::FETCH_ASSOC);
if (!$reset) {
$error = t('password.reset.error');
} elseif ($_SERVER['REQUEST_METHOD'] === 'POST') {
$new_password = $_POST['new_password'] ?? '';
$confirm_password = $_POST['confirm_password'] ?? '';
if (strlen($new_password) < 6) {
$error = t('register.password_short');
} elseif ($new_password !== $confirm_password) {
$error = t('register.password_mismatch');
} else {
// Update password
$hashed_password = password_hash($new_password, PASSWORD_DEFAULT);
$stmt = $pdo->prepare("UPDATE users SET password = ? WHERE id = ?");
$stmt->execute([$hashed_password, $reset['user_id']]);
// Mark token as used
$stmt = $pdo->prepare("UPDATE password_resets SET used = 1 WHERE token = ?");
$stmt->execute([$token]);
$success = t('password.reset.success');
}
}
} catch (Exception $e) {
error_log("Password reset error: " . $e->getMessage());
$error = t('password.reset.error');
}
}
$page_title = t('password.reset.title') . ' - SoundStudioPro';
$page_description = t('password.reset.subtitle');
$current_page = 'reset_password';
$current_lang = getCurrentLanguage();
?>
<!DOCTYPE html>
<html lang="<?= $current_lang ?>">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title><?= $page_title ?></title>
<link rel="stylesheet" href="/assets/fontawesome/fontawesome-free-6.5.1-web/css/all.min.css">
<?php include '../includes/header.php'; ?>
</head>
<body>
<div style="min-height: 100vh; display: flex; align-items: center; justify-content: center; padding: 2rem; background: linear-gradient(135deg, #0a0a0a 0%, #1a1a1a 50%, #16213e 100%);">
<div style="background: rgba(26, 26, 26, 0.95); border-radius: 16px; padding: 2rem; width: 100%; max-width: 450px; box-shadow: 0 20px 40px rgba(0, 0, 0, 0.4);">
<div style="text-align: center; margin-bottom: 2rem;">
<h1 style="color: #ffffff; margin-bottom: 0.5rem;"><?= t('password.reset.title') ?></h1>
<p style="color: #a0aec0;"><?= t('password.reset.subtitle') ?></p>
</div>
<?php if ($error): ?>
<div style="background: rgba(239, 68, 68, 0.1); border: 1px solid rgba(239, 68, 68, 0.3); color: #fca5a5; padding: 1rem; border-radius: 8px; margin-bottom: 1rem;">
<i class="fas fa-exclamation-triangle"></i> <?= htmlspecialchars($error) ?>
</div>
<?php endif; ?>
<?php if ($success): ?>
<div style="background: rgba(34, 197, 94, 0.1); border: 1px solid rgba(34, 197, 94, 0.3); color: #86efac; padding: 1rem; border-radius: 8px; margin-bottom: 1rem;">
<i class="fas fa-check-circle"></i> <?= htmlspecialchars($success) ?>
</div>
<div style="text-align: center; margin-top: 2rem;">
<a href="login.php" style="display: inline-block; padding: 1rem 2rem; background: linear-gradient(135deg, #667eea, #764ba2); border-radius: 12px; color: white; text-decoration: none; font-weight: 600;">
<i class="fas fa-sign-in-alt"></i> <?= t('user.login') ?>
</a>
</div>
<?php elseif (isset($reset)): ?>
<form method="POST">
<div style="margin-bottom: 1rem;">
<label style="display: block; color: #e2e8f0; font-size: 0.9rem; font-weight: 600; margin-bottom: 0.4rem;"><?= t('password.reset.new_password') ?></label>
<input type="password" name="new_password" required style="width: 100%; padding: 1rem; background: rgba(255, 255, 255, 0.08); border: 1px solid rgba(102, 126, 234, 0.2); border-radius: 12px; color: white; font-size: 1rem;" placeholder="<?= t('password.reset.new_password') ?>">
</div>
<div style="margin-bottom: 1rem;">
<label style="display: block; color: #e2e8f0; font-size: 0.9rem; font-weight: 600; margin-bottom: 0.4rem;"><?= t('password.reset.confirm_password') ?></label>
<input type="password" name="confirm_password" required style="width: 100%; padding: 1rem; background: rgba(255, 255, 255, 0.08); border: 1px solid rgba(102, 126, 234, 0.2); border-radius: 12px; color: white; font-size: 1rem;" placeholder="<?= t('password.reset.confirm_password') ?>">
</div>
<button type="submit" style="width: 100%; padding: 1.2rem; background: linear-gradient(135deg, #667eea, #764ba2); border: none; border-radius: 12px; color: white; font-size: 1.1rem; font-weight: 700; cursor: pointer; margin-top: 1rem;">
<i class="fas fa-key"></i> <?= t('password.reset.submit') ?>
</button>
</form>
<?php endif; ?>
<div style="text-align: center; margin-top: 2rem;">
<a href="login.php" style="color: #667eea; text-decoration: none;">
<i class="fas fa-arrow-left"></i> <?= t('password.forgot.back_login') ?>
</a>
</div>
</div>
</div>
</body>
</html>