diff --git a/coregrade/email/start_losspass.mailfile b/coregrade/email/start_losspass.mailfile index 6147210..1191d13 100644 --- a/coregrade/email/start_losspass.mailfile +++ b/coregrade/email/start_losspass.mailfile @@ -1,5 +1,5 @@ To: {{email}} -Subject: PayQuic - Password Reset for {{email}} +Subject: CoreGrade - Password Reset for {{email}} @@ -9,7 +9,7 @@ Subject: PayQuic - Password Reset for {{email}} - + diff --git a/coregrade/email/welcome.mailfile b/coregrade/email/welcome.mailfile index 3b01688..8c2eee3 100644 --- a/coregrade/email/welcome.mailfile +++ b/coregrade/email/welcome.mailfile @@ -1,5 +1,5 @@ To: {{email}} -Subject: Welcome to PayQuic +Subject: Welcome to CoreGrade diff --git a/coregrade/src/shared_tool/account.cc b/coregrade/src/shared_tool/account.cc index 4e43932..4c19634 100644 --- a/coregrade/src/shared_tool/account.cc +++ b/coregrade/src/shared_tool/account.cc @@ -195,7 +195,7 @@ long startPassReset(CVars in, CVars &out) { ret = load_db_record(out, "SELECT id AS member_id,now() AS reset_seed FROM members WHERE status=1 AND LOWER(username)=LOWER('%s') ", in["username"].c_str()); if (ret && out["member_id"].Long() > 0) { // remove all existing session - pgsql_exec("UPDATE resetpassword SET status=7 WHERE status NOT IN (3,5) AND member_id=%ld ", out["member_id"].Long()); + pgsql_exec("UPDATE password_reset SET status=7 WHERE status NOT IN (3,5) AND member_id=%ld ", out["member_id"].Long()); // Create New Session Now if (load_db_record(y, "SELECT floor( random()*100000) AS reset_pin ,md5('%s') AS reset_key", out["reset_seed"].c_str()) >= 0) { @@ -211,7 +211,7 @@ long startPassReset(CVars in, CVars &out) { x["reset_pin"].set_valid(true); x["member_id"].set_valid(true); - out["reset_id"] = insert_db_record(DBS_VALID, "resetpassword", "resetpassword_id_seq", x); + out["reset_id"] = insert_db_record(DBS_VALID, "password_reset", "password_reset_id_seq", x); if (out["reset_id"].Long() > 0) { ret = PHP_API_OK; out["reset_key"] = "YOU WILL GET THIS IF PIN IS CORRECT IN CONFIRM"; //x["reset_key"]; @@ -227,7 +227,7 @@ long startPassReset(CVars in, CVars &out) { x["username"].set_valid(true); x["loc"].set_valid(true); x["status"].set_valid(true); - out["reset_id"] = insert_db_record(DBS_VALID, "resetpassword", "resetpassword_id_seq", x); + out["reset_id"] = insert_db_record(DBS_VALID, "password_reset", "password_reset_id_seq", x); out["status_message"] = "Invalid Username or disabled account"; out["status_advice"] = "Check username or Contact support"; @@ -246,13 +246,12 @@ long confirmPassReset(CVars in, CVars &out) { long ret = PHP_API_BAD_PARAM; CVars x, y; try { - REQ_STRING(in, "username", 2, 49, "(.*)"); - REQ_LONG(in, "reset_pin", 0, -1); + REQ_STRING(in, "reset_key", 12, 49, "(.*)"); const char *loc = getenv("REMOTE_ADDR"); - ret = load_db_record(out, "SELECT *, id AS reset_id FROM resetpassword WHERE status = 0 AND LOWER(username)=LOWER('%s') AND reset_pin='%lu' AND loc='%s'", in["username"].c_str(), in["reset_pin"].Long(), loc); + ret = load_db_record(out, "SELECT *, id AS reset_id FROM password_reset WHERE status = 0 AND reset_key='%s' ", in["reset_key"].c_str()); if (ret && out["id"].Long() > 0) { - pgsql_query("UPDATE resetpassword SET status = 1 WHERE id =%lu", out["reset_id"].Long()); + pgsql_query("UPDATE password_reset SET status = 1 WHERE id =%lu", out["reset_id"].Long()); ret = PHP_API_OK; } else { out["status_message"] = "Invalid PIN or disabled account"; @@ -278,13 +277,13 @@ long completePassReset(CVars in, CVars &out) { const char *loc = getenv("REMOTE_ADDR"); - ret = load_db_record(out, "SELECT *,id AS reset_id FROM resetpassword WHERE status=1 AND LOWER(username)=LOWER('%s') AND reset_pin='%lu' AND loc='%s' AND reset_key='%s'", in["username"].c_str(), in["reset_pin"].Long(), loc, in["reset_key"].c_str()); + ret = load_db_record(out, "SELECT *,id AS reset_id FROM password_reset WHERE status=1 AND LOWER(username)=LOWER('%s') AND reset_pin='%lu' AND loc='%s' AND reset_key='%s'", in["username"].c_str(), in["reset_pin"].Long(), loc, in["reset_key"].c_str()); if (ret && out["reset_id"].Long() > 0) { char mcf[128]; int result = 0; //libscrypt_hash(mcf, in["password"].c_str(), SCRYPT_N, SCRYPT_r, SCRYPT_p); if (result > 0) { if (pgsql_query("UPDATE members SET password='%s' WHERE id =%lu", mcf, out["member_id"].Long()) >= 0) { - pgsql_query("UPDATE resetpassword SET status = 5,reset_key=NULL WHERE id =%lu", out["reset_id"].Long()); + pgsql_query("UPDATE password_reset SET status = 5,reset_key=NULL WHERE id =%lu", out["reset_id"].Long()); ret = PHP_API_OK; } diff --git a/coregrade/src/shared_tool/email.cc b/coregrade/src/shared_tool/email.cc index c3a5884..183578b 100644 --- a/coregrade/src/shared_tool/email.cc +++ b/coregrade/src/shared_tool/email.cc @@ -108,9 +108,11 @@ long member_email_calls(long action, CVars in, CVars &out) { out["facebook"] = CfgReadChar("system.facebook"); out["twitter"] = CfgReadChar("system.twitter"); + char * server_name = getenv( "SERVER_NAME" ); + //https://www.float.sg/ - form.LetStr("site_name", "Float"); + form.LetStr("site_name", "CoreGrade"); form.LetStr("contactus", out["contactus"].c_str()); form.LetStr("facebook", out["facebook"].c_str()); form.LetStr("twitter", out["twitter"].c_str()); @@ -169,14 +171,15 @@ long member_email_calls(long action, CVars in, CVars &out) { */ case COREGRADE_START_RESET_PASSWORD: mode = REQ_LONG(in, "mode", 0, -1); - if (load_db_record(x, "SELECT m.firstname,p.*,m.email AS member_email FROM resetpassword p LEFT JOIN members m ON m.id=p.member_id WHERE p.id=%lu ", in["reset_id"].Long())) { + if (load_db_record(x, "SELECT m.firstname,p.*,m.email AS member_email, created AS lost_added FROM password_reset p LEFT JOIN members m ON m.id=p.member_id WHERE p.id=%lu ", in["reset_id"].Long())) { vars2form(x, form); form.LetStr("subject", "Reset Password"); form.LetStr("email", x["member_email"].c_str()); + form.LetStr( "server_name", server_name ); switch (mode) { case RESET_START: - form.Email("member/reset_password.mailfile"); + form.Email("start_losspass.mailfile"); break; case RESET_CONFIRM: diff --git a/www/application/controllers/Auth.php b/www/application/controllers/Auth.php index b944685..8d77111 100644 --- a/www/application/controllers/Auth.php +++ b/www/application/controllers/Auth.php @@ -106,7 +106,7 @@ class Auth extends Start_Controller { public function resetpass() { $data = array(); $out = array(); - $data["next_page"] = 0; + $data["next_page"] = 50; $data["error_message"] = ""; if ($_POST) { $data['username'] = trim($this->input->post('username')); @@ -128,4 +128,80 @@ class Auth extends Start_Controller { $this->index(); } + public function passreset() { + $data = array(); + $out = array(); + $data["next_page"] = 0; + $data["error_message"] = ''; + + if ($_GET) { + $data['reset_key'] = trim($this->input->get('rlink')); + $data["mode"] = RESET_CONFIRM; + if ($data['reset_key'] != '') { + $this->coregrade_webapi(COREGRADE_START_RESET_PASSWORD, $data, $out); + + // print_r($out); + if (isset($out["reset_id"]) && isset($out["reset_id"]) > 0) { + + $data["next_page"] = 5500; + $data["reset_id"] = $out["reset_id"]; + $data["username"] = $out["username"]; + } + } else { + $data["error_message"] = "Please enter a valis username to continue"; + } + } + + $this->load->view('auth/view_head'); + $this->load->view('auth/view_reset_password', $data); + $this->load->view('auth/view_foot'); + } + + public function completereset() { + + $data = array(); + $out = array(); + $data["next_page"] = 5500; + $data["error_message"] = ''; + + if ($_POST) { + $data['reset_key'] = trim($this->input->post('rlink')); + $data['reset_id'] = trim($this->input->post('reset_id')); + $data['username'] = trim($this->input->post('username')); + + $data['pass1'] = trim($this->input->post('pass1')); + $data['pass2'] = trim($this->input->post('pass2')); + + $allow_next = false; + + if ( strlen($data['pass1']) >7 && $data['pass1'] == $data['pass2']){ + $allow_next = true; + } + else{ + $data["error_message"] = "Please enter a valis username to continue"; + } + + + $data["mode"] = RESET_COMPLETE; + if ($data['reset_key'] != '' && isset($out["reset_id"]) && isset($out["reset_id"]) > 0 && $allow_next == true) { + $this->coregrade_webapi(COREGRADE_START_RESET_PASSWORD, $data, $out); + + // print_r($out); + if (0) { + + $data["next_page"] = 5500; + $data["reset_id"] = $out["reset_id"]; + $data["username"] = $out["username"]; + } + } else { + $data["error_message"] = "Please enter a valid username to continue"; + } + } + + $this->load->view('auth/view_head'); + $this->load->view('auth/view_reset_password', $data); + $this->load->view('auth/view_foot'); + + } + } diff --git a/www/application/views/auth/view_reset_password.php b/www/application/views/auth/view_reset_password.php index 975ad5e..58fb4cb 100644 --- a/www/application/views/auth/view_reset_password.php +++ b/www/application/views/auth/view_reset_password.php @@ -1,5 +1,5 @@ @@ -29,7 +29,7 @@ $next_page = isset($next_page) ? $next_page : 0;

Please tell us your username.

@@ -72,7 +72,8 @@ $next_page = isset($next_page) ? $next_page : 0;
- +
+
@@ -80,23 +81,30 @@ $next_page = isset($next_page) ? $next_page : 0; -
+ + + + +
- - + +
- +
- +
+
+ +
Go Back to Login @@ -107,6 +115,30 @@ $next_page = isset($next_page) ? $next_page : 0;
+
+
+ Something went wrong + +
+ +
+ We have an error, it is possible that the link expired before you attempted the reset. Simply start the process again or contact us.. +
+ +
+ +
+
+
+
+
+ +
+
+ + diff --git a/www/application/views/home/home.php b/www/application/views/home/home.php index 0117a00..7a648e4 100644 --- a/www/application/views/home/home.php +++ b/www/application/views/home/home.php @@ -81,7 +81,7 @@
  • PLANS
  • APP
  • CONTACT
    • -
  • START
    • +
  • START
    • @@ -205,8 +205,9 @@
  • Parents
    • --> -

    Thus much I thought proper to tell you in relation to yourself, and to the trust I reposed in you.

    -

    Have a bigger team? Let‘s talk

    +

    A Modern, intuitive, effective digital learning

    experience that minimizes complexity and

    enables personalized learning at a convenience.

    + +

    Let Us Be Your Companion Let‘s talk

    @@ -232,7 +233,7 @@

  • Flexible Learning

  • Personal Assistant

    • - Make me a Pro + Upgrade
    PayQuic
    CoreGrade
    Dear {{firstname}} @@ -24,7 +24,7 @@ We have initiated your password reset process as requested as by you on {{lost_a - +
    Click the linkhttps://{{site}}/creset.html?rlink={{reset_link}}
    Click the linkhttps://{{server_name}}/auth/passreset?rlink={{reset_key}}
    Link will expire{{expire}}
     @@ -32,11 +32,11 @@ We have initiated your password reset process as requested as by you on {{lost_a
    -If it was not at your request, then please contact PayQuic support immediately. +If it was not at your request, then please contact CoreGrade support immediately. -For further support go to our website at www.PayQuic.com or call 08188697770 between the hours of 10:00 AM and 5:00 PM. -Thank you for choosing PayQuic. -PayQuic Team. +For further support go to our website at https://{{server_name}} or call 08188697770 between the hours of 10:00 AM and 5:00 PM. +Thank you for choosing CoreGrade. +CoreGrade Team.