1

When I log in with correct credentials I am correctly redirected to index.php (main page), but if use wrong credentials it also redirects me to index.php. I have login.php, register.php, index.php (correct log in should open index.php). Where have I gone wrong? Thanks in advance.

<div class="col-md-4 col-md-offset-4 well">
  <h4>Enter the Email of Your Account to Reset New Password</h4>
        <?php echo !empty($statusMsg)?'<p class="'.$statusMsgType.'">'.$statusMsg.'</p>':''; ?>
  <div class="regisFrm">
   <form action="userAccount.php" method="post">
    <input type="email" name="email" placeholder="EMAIL" required="" class="form-control">
    </br><div class="send-button">
     <input type="submit" name="forgotSubmit" value="CONTINUE" class="btn btn-primary">
    </div>
   </form>
  </div>
 </div>

elseif(isset($_POST['forgotSubmit'])){
 //check whether email is empty
    if(!empty($_POST['email'])){
  //check whether user exists in the database
  $prevCon['where'] = array('email'=>$_POST['email']);
  $prevCon['return_type'] = 'count';
  $prevUser = $user->getRows($prevCon);
  if($prevUser > 0){
   //generat unique string
   $uniqidStr = md5(uniqid(mt_rand()));;
   
   //update data with forgot pass code
   $conditions = array(
    'email' => $_POST['email']
   );
   $data = array(
    'forgot_pass_identity' => $uniqidStr
   );
   $update = $user->update($data, $conditions);
   
   if($update){
    $resetPassLink = 'http://codexworld.com/resetPassword.php?fp_code='.$uniqidStr;
    
    //get user details
    $con['where'] = array('email'=>$_POST['email']);
    $con['return_type'] = 'single';
    $userDetails = $user->getRows($con);
    
    //send reset password email
    $to = $userDetails['email'];
    $subject = "Password Update Request";
    $mailContent = 'Dear '.$userDetails['first_name'].', 
    <br/>Recently a request was submitted to reset a password for your account. If this was a mistake, just ignore this email and nothing will happen.
    <br/>To reset your password, visit the following link: <a href="'.$resetPassLink.'">'.$resetPassLink.'</a>
    <br/><br/>Regards,
    <br/>ABC';
    //set content-type header for sending HTML email
    $headers = "MIME-Version: 1.0" . "\r\n";
    $headers .= "Content-type:text/html;charset=UTF-8" . "\r\n";
    //additional headers
    $headers .= 'From: ABC<enquirybell@gmail.com>' . "\r\n";
    //send email
    mail($to,$subject,$mailContent,$headers);
    
    $sessData['status']['type'] = 'success';
    $sessData['status']['msg'] = 'Please check your e-mail, we have sent a password reset link to your registered email.';
   }else{
    $sessData['status']['type'] = 'error';
    $sessData['status']['msg'] = 'Some problem occurred, please try again.';
   }
  }else{
   $sessData['status']['type'] = 'error';
   $sessData['status']['msg'] = 'Given email is not associated with any account.'; 
  }
  
    }else{
        $sessData['status']['type'] = 'error';
        $sessData['status']['msg'] = 'Enter email to create a new password for your account.'; 
    }
 //store reset password status into the session
    $_SESSION['sessData'] = $sessData;
 //redirect to the forgot pasword page
    header("Location:forgotPassword.php");
}elseif(isset($_POST['resetSubmit'])){
 $fp_code = '';
 if(!empty($_POST['password']) && !empty($_POST['confirm_password']) && !empty($_POST['fp_code'])){
  $fp_code = $_POST['fp_code'];
  //password and confirm password comparison
        if($_POST['password'] !== $_POST['confirm_password']){
            $sessData['status']['type'] = 'error';
            $sessData['status']['msg'] = 'Confirm password must match with the password.'; 
        }else{
   //check whether identity code exists in the database
            $prevCon['where'] = array('forgot_pass_identity' => $fp_code);
            $prevCon['return_type'] = 'single';
            $prevUser = $user->getRows($prevCon);
            if(!empty($prevUser)){
    //update data with new password
    $conditions = array(
     'forgot_pass_identity' => $fp_code
    );
    $data = array(
     'password' => md5($_POST['password'])
    );
    $update = $user->update($data, $conditions);
    if($update){
     $sessData['status']['type'] = 'success';
                    $sessData['status']['msg'] = 'Your account password has been reset successfully. Please login with your new password.';
    }else{
     $sessData['status']['type'] = 'error';
     $sessData['status']['msg'] = 'Some problem occurred, please try again.';
    }
            }else{
                $sessData['status']['type'] = 'error';
                $sessData['status']['msg'] = 'You does not authorized to reset new password of this account.';
            }
        }
    }else{
        $sessData['status']['type'] = 'error';
        $sessData['status']['msg'] = 'All fields are mandatory, please fill all the fields.'; 
    }
 //store reset password status into the session
    $_SESSION['sessData'] = $sessData;
    $redirectURL = ($sessData['status']['type'] == 'success')?'index.php':'resetPassword.php?fp_code='.$fp_code;
 //redirect to the login/reset pasword page
    header("Location:".$redirectURL);
}elseif(!empty($_REQUEST['logoutSubmit'])){
 //remove session data
    unset($_SESSION['sessData']);
    session_destroy();
 //store logout status into the ession
    $sessData['status']['type'] = 'success';
    $sessData['status']['msg'] = 'You have logout successfully from your account.';
    $_SESSION['sessData'] = $sessData;
 //redirect to the home page
    header("Location:index.php");
}else{
 //redirect to the home page
    header("Location:index.php");
}
reformed
  • 4,505
  • 11
  • 62
  • 88
vidhya
  • 11
  • 2

2 Answers2

0

may be your email port block please check cpanel>port

Pankaj Kushwaha
  • 1
  • 1
0
  1. Sending email via gmail SMTP requires to "Allow less secure apps: YES" from your gmail.
  2. Check port and set it to 465
Stephan Vierkant
  • 9,674
  • 8
  • 61
  • 97
Surabhi
  • 179
  • 1
  • 6