set loggedin to false $_SESSION["loggedin"] == false; if(empty($passwordreset_err)) { // Prepare a select statement $sql = "SELECT userId, userStatus, userLastname, userFirstname FROM User WHERE userStatus = 99 AND userToken = ? "; if($stmt = mysqli_prepare($link, $sql)){ // Bind variables to the prepared statement as parameters mysqli_stmt_bind_param($stmt, 's', $param_token); // Set parameters $param_token = trim($_GET['token']); // echo $sql .$param_token; exit; // Attempt to execute the prepared statement if(mysqli_stmt_execute($stmt)){ /* store result */ mysqli_stmt_store_result($stmt); // Check if token exists. $a = mysqli_stmt_num_rows($stmt); // echo $a; exit; if($a != 1){ $passwordreset_err = "Passwortänderung nicht möglich (Tokenfehler).
" .$a ." " .$param_token ." " .$status; } else { mysqli_stmt_bind_result($stmt, $userid, $status, $lastname, $firstname); if(mysqli_stmt_fetch($stmt)) { $passwordreset_err = ''; } } } else { echo "Oops! Da ist etwas schief gegangen. Bitte versuchen Sie es später noch einmal."; } // Close statement mysqli_stmt_close($stmt); } // Validate password if(empty(trim($_POST["password"]))){ $password_err = "Bitte Passwort eingeben."; } else { $password_err = ''; $password = trim($_POST["password"]); } if (empty($password_err)) { $pattern = '~^(?=.*[a-z])(?=.*[A-Z])(?=.*[!@#$%^&*()_+\-=\[\]{}|;\':\\",./<>?])(?=.*\S).{8,}$~u'; if (!preg_match($pattern, trim($_POST["password"]))) { $password_err = "Passwort muss mindestens acht Zeichen lang sein, wenigstens aus einem Gross- und Kleinbuchstaben, sowie Sonderzeichen bestehen."; } } // Validate confirm password if(empty(trim($_POST["confirm_password"]))){ $confirm_password_err = "Bitte Passwort bestätigen."; } else { $confirm_password = trim($_POST["confirm_password"]); if(empty($password_err) && strcmp($password, $confirm_password) !=0) { $confirm_password_err = "Passworte stimmen nicht überein."; } else { $confirm_password = trim($_POST["confirm_password"]); $confirm_password_err = ''; } } if(empty($passwordreset_err) && empty($password_err) && empty($confirm_password_err) ){ $timestamp = time(); $timestamp = date("Y-m-d H:i:s", $timestamp); $passwordEncrypted = password_hash($password, PASSWORD_DEFAULT); $userToken = ''; ; $query = "UPDATE User SET userPassword = '" .$passwordEncrypted ."', userLastActivity = '" .$timestamp ."', userToken = '', userStatus = 0 WHERE userId =" .$userid ; if (mysqli_query($link, $query)) { // store variables in Session $_SESSION["loggedin"] = false; $_SESSION["title"] = $title; $_SESSION["firstname"] = $firstname; $_SESSION["lastname"] = $lastname; $_SESSION["email"] = $email; $_SESSION["userToken"] = $userToken; header("location: confirmpasswordreset.php"); exit; } else { die ("Error: " . $query . "-" . mysqli_error($link)); } header("location: confirmpasswordreset.php"); exit; } // Close connection mysqli_close($link); } ?> Neues Passwort vergeben

Neues Passwort vergeben

' . $passwordreset_err . '
'; } ?>
Bitte ausfüllen, um sich ein neues Passwort zu vergeben.