File Manager

X7ROOT File Manager

Current Path: /home/u126090504/domains/oca.org.in/public_html/admin

home / u126090504 / domains / oca.org.in / public_html / admin /

📁 ..
📄 achievers.php(13.81 KB)
📄 admissions.php(5.67 KB)
📄 banners.php(7.18 KB)
📄 change_password.php(3.54 KB)
📄 contacts.php(3.83 KB)
📄 dashboard.php(9.73 KB)
📄 downloads.php(4.91 KB)
📄 export_franchise.php(930 B)
📄 faculty.php(13.27 KB)
📄 forgot_password.php(6.52 KB)
📄 franchise.php(7.28 KB)
📄 gallery.php(3.08 KB)
📄 governing-body-manage.php(9.12 KB)
📄 grievance-update.php(1003 B)
📄 grievance-view.php(5.32 KB)
📄 grievances.php(5.79 KB)
📁 includes
📄 index.php(82 B)
📄 login.php(6.59 KB)
📄 logout.php(102 B)
📄 manage_albums.php(2.28 KB)
📄 manage_media.php(3.02 KB)
📄 manage_photos.php(5.66 KB)
📄 manage_videos.php(3.62 KB)
📄 new_password.php(3.9 KB)
📄 notice.php(16.36 KB)
📄 notices.php(8.24 KB)
📄 payments.php(15.23 KB)
📁 phpmailer
📄 popup.php(10.68 KB)
📄 reset_password.php(2.27 KB)
📄 secure_session.php(1000 B)
📄 settings.php(5.21 KB)
📄 submit-grievance.php(4.97 KB)
📄 testimonials.php(10.25 KB)
📄 update_status.php(1.29 KB)
📄 upi_settings.php(1.52 KB)

Editing: new_password.php

<?php
include 'secure_session.php';
require_once '../config.php';

$token = $_GET['token'] ?? '';
$id    = isset($_GET['id']) ? (int)$_GET['id'] : 0;

$showForm = false;
$error = $success = "";

// A) Validate token from GET (hashed compare)
if ($token && $id > 0) {
    $tokenHash = hash('sha256', $token);

$stmt = $conn->prepare("SELECT id FROM register WHERE id=? AND reset_token=? AND reset_expires > NOW() LIMIT 1");
    $stmt->bind_param("is", $id, $tokenHash);
    $stmt->execute();
    $stmt->bind_result($foundId);
    $valid = $stmt->fetch();
    $stmt->close();

if ($valid) {
        $showForm = true;
    } else {
        $error = "This reset link is invalid or has expired.";
    }
} else {
    $error = "Invalid request.";
}

// B) Handle POST (set new password)
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
    $id     = (int)($_POST['id'] ?? 0);
    $token  = $_POST['token'] ?? '';
    $pass   = $_POST['password'] ?? '';
    $confirm= $_POST['confirm'] ?? '';

if (strlen($pass) < 8) {
        $error = "Password must be at least 8 characters.";
    } elseif ($pass !== $confirm) {
        $error = "Passwords do not match.";
    } else {
        $tokenHash = hash('sha256', $token);

// Re-verify token (race-safe)
        $stmt = $conn->prepare("SELECT id FROM register WHERE id=? AND reset_token=? AND reset_expires > NOW() LIMIT 1");
        $stmt->bind_param("is", $id, $tokenHash);
        $stmt->execute();
        $stmt->bind_result($foundId);
        $valid = $stmt->fetch();
        $stmt->close();

if ($valid) {
            $newHash = password_hash($pass, PASSWORD_DEFAULT);

// Update password & clear token
            $stmt = $conn->prepare("UPDATE register SET password=?, reset_token=NULL, reset_expires=NULL WHERE id=?");
            $stmt->bind_param("si", $newHash, $id);
            $stmt->execute();
            $stmt->close();

$success = "✅ Password updated. You can now log in.";
            $showForm = false;
        } else {
            $error = "This reset link is invalid or has expired.";
        }
    }
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
  <meta charset="utf-8">
  <title>Reset Password – KIIT Academy</title>
  <meta name="viewport" content="width=device-width, initial-scale=1">
  <link href="https://cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/css/bootstrap.min.css" rel="stylesheet">
  <style>
    body{background:#f6f8fb;}
    .card{max-width:420px;margin:60px auto;background:#fff;border-radius:16px;box-shadow:0 6px 24px rgba(0,0,0,.08);padding:24px;}
    .msg{margin:10px 0;padding:10px;border-radius:10px}
    .ok{background:#e8fff2;border:1px solid #b2f0c0}
    .err{background:#fff0f0;border:1px solid #f0b2b2}
  </style>
</head>
<body>
  <div class="card">
    <h3>Set a New Password</h3>

<?php if ($error): ?>
      <div class="msg err"><?= htmlspecialchars($error) ?></div>
    <?php endif; ?>

<?php if ($success): ?>
      <div class="msg ok"><?= htmlspecialchars($success) ?></div>
      <a class="btn btn-primary btn-block mt-2" href="login.php">Go to Login</a>
    <?php endif; ?>

<?php if ($showForm): ?>
      <form method="post" autocomplete="off">
        <input type="hidden" name="id" value="<?= (int)$id ?>">
        <input type="hidden" name="token" value="<?= htmlspecialchars($_GET['token'] ?? '') ?>">
        <div class="form-group">
          <label>New Password</label>
          <input type="password" name="password" class="form-control" minlength="8" required>
        </div>
        <div class="form-group">
          <label>Confirm Password</label>
          <input type="password" name="confirm" class="form-control" minlength="8" required>
        </div>
        <button type="submit" class="btn btn-primary btn-block">Update Password</button>
      </form>
    <?php endif; ?>
  </div>
</body>
</html>

X7ROOT File Manager

Editing: new_password.php

Upload File

Create Folder