File manager

File manager - Edit - /home/justdoit/portal.springpasscapital.com/auth/login-process.php

Back
<?php session_start(); require_once '../config/database.php'; require_once '../includes/functions.php'; if ($_SERVER['REQUEST_METHOD'] !== 'POST') { header('Location: ../index.php'); exit; } if (!isset($_POST['csrf_token']) \|\| $_POST['csrf_token'] !== $_SESSION[CSRF_TOKEN_NAME]) { header('Location: ../index.php?error=' . urlencode('Invalid security token')); exit; } $email = filter_input(INPUT_POST, 'email', FILTER_SANITIZE_EMAIL); $password = $_POST['password'] ?? ''; if (empty($email) \|\| empty($password)) { header('Location: ../index.php?error=' . urlencode('Please fill in all fields')); exit; } try { // Get user $stmt = $pdo->prepare("SELECT * FROM users WHERE email = ? LIMIT 1"); $stmt->execute([$email]); $user = $stmt->fetch(); if (!$user \|\| !password_verify($password, $user['password'])) { header('Location: ../index.php?error=' . urlencode('Invalid email or password')); exit; } if ($user['status'] !== 'active') { header('Location: ../index.php?error=' . urlencode('Account is not active. Please contact support.')); exit; } // Generate 6-digit verification code $code = str_pad(mt_rand(0, 999999), 6, '0', STR_PAD_LEFT); // Set expiry - exactly 60 seconds from now $currentTime = time(); $expiresTimestamp = $currentTime + 300; $expiresAt = date('Y-m-d H:i:s', $expiresTimestamp); // Store code in database $stmt = $pdo->prepare("INSERT INTO login_verification_codes (user_id, code, expires_at, used) VALUES (?, ?, ?, 0)"); $stmt->execute([$user['id'], $code, $expiresAt]); // Store in session $_SESSION['temp_user_id'] = $user['id']; $_SESSION['temp_user_email'] = $user['email']; $_SESSION['code_expires_at'] = $expiresAt; $_SESSION['code_expires_timestamp'] = $expiresTimestamp; // For localhost: show code on screen $_SESSION['dev_code'] = $code; // Send verification email $subject = "🔐 Verification Code - Spring Pass Capital"; $message = ' <!DOCTYPE html> <html> <head> <meta charset="UTF-8"> <style> body { font-family: Arial, sans-serif; background: #f8fbfd; margin: 0; padding: 0; } .container { max-width: 500px; margin: 0 auto; padding: 30px 20px; } .header { background: linear-gradient(135deg, #2596be, #0f5e78); color: white; padding: 30px; text-align: center; border-radius: 20px 20px 0 0; } .header .logo { font-size: 2rem; margin-bottom: 10px; } .header h2 { margin: 0; font-size: 1.3rem; } .content { background: white; padding: 30px; border-radius: 0 0 20px 20px; box-shadow: 0 4px 20px rgba(0,0,0,0.08); } .code-box { background: #f0f9ff; border: 2px dashed #2596be; border-radius: 15px; padding: 25px; text-align: center; margin: 20px 0; } .code { font-size: 2.5rem; font-weight: 700; color: #2596be; letter-spacing: 8px; font-family: monospace; } .info { color: #666; font-size: 0.9rem; line-height: 1.6; } .warning { background: #fef3e0; border-left: 4px solid #f59e0b; padding: 12px 15px; border-radius: 8px; margin: 20px 0; font-size: 0.85rem; color: #92400e; } .footer { text-align: center; color: #aaa; font-size: 0.75rem; margin-top: 20px; } </style> </head> <body> <div class="container"> <div class="header"> <div class="logo">🏔️</div> <h2>Spring Pass Capital</h2> <p style="margin:5px 0 0;opacity:0.9;">Login Verification Code</p> </div> <div class="content"> <p class="info">Hello <strong>' . htmlspecialchars($user['full_name']) . '</strong>,</p> <p class="info">Use the verification code below to complete your login:</p> <div class="code-box"> <p style="color:#888;margin:0 0 10px;">Your verification code is:</p> <div class="code">' . $code . '</div> </div> <p class="info">This code will expire in <strong>5 minute</strong>.</p> <div class="warning"> <strong>⚠️ Security Notice:</strong> If you did not request this code, please ignore this email and contact support. </div> <p class="info">Best regards,<br><strong>Spring Pass Capital Team</strong></p> </div> <div class="footer"> <p>© ' . date('Y') . ' Spring Pass Capital. All rights reserved.</p> <p>This is an automated message. Please do not reply.</p> </div> </div> </body> </html>'; $headers = "MIME-Version: 1.0\r\n"; $headers .= "Content-Type: text/html; charset=UTF-8\r\n"; $headers .= "From: Spring Pass Capital <noreply@springpasscapital.com>\r\n"; $headers .= "Reply-To: support@springpasscapital.com\r\n"; @mail($user['email'], $subject, $message, $headers); // Redirect to verification page header('Location: ../index.php?verify=1'); exit; } catch (PDOException $e) { error_log("Login error: " . $e->getMessage()); header('Location: ../index.php?error=' . urlencode('System error. Please try again.')); exit; } ?>

| ver. 1.4 | Github | . | PHP 7.0.33 | Generation time: 0.18 | proxy | phpinfo | Settings