309 lines
10 KiB
PHP
309 lines
10 KiB
PHP
<?php
|
||
error_reporting(E_ALL);
|
||
ini_set('display_errors', 1);
|
||
require_once $_SERVER['DOCUMENT_ROOT'] . '/includes/session_bootstrap.php';
|
||
|
||
if (empty($_SESSION['logged_in'])) {
|
||
header('Location: /login/');
|
||
exit();
|
||
}
|
||
|
||
$host = "localhost";
|
||
$db = "togethere_cloud";
|
||
$user = "root";
|
||
$pass = "HasloDoSQL";
|
||
|
||
try {
|
||
$pdo = og_session_get_pdo();
|
||
if (!$pdo instanceof PDO) {
|
||
throw new PDOException('Nie udało się zainicjalizować połączenia z bazą danych.');
|
||
}
|
||
} catch (PDOException $e) {
|
||
die("Błąd połączenia z bazą danych: " . $e->getMessage());
|
||
}
|
||
|
||
$user_id = $_SESSION['user_id'];
|
||
$error = '';
|
||
|
||
require_once $_SERVER['DOCUMENT_ROOT'] . '/includes/account_suspension.php';
|
||
$suspensionState = og_is_current_user_suspended($pdo);
|
||
if (!empty($suspensionState['is_suspended'])) {
|
||
header('Location: /account/settings/?error=' . urlencode('Twoje konto jest zawieszone. Zmiana adresu email jest zablokowana.'));
|
||
exit();
|
||
}
|
||
|
||
// Sprawdź czy konto nie jest zawieszone
|
||
try {
|
||
$suspendCheck = $pdo->prepare("SELECT account_suspended FROM users WHERE id = ? LIMIT 1");
|
||
$suspendCheck->execute([$user_id]);
|
||
$suspendRow = $suspendCheck->fetch(PDO::FETCH_ASSOC);
|
||
if ($suspendRow && (int)($suspendRow['account_suspended'] ?? 0) === 1) {
|
||
header('Location: /account/profile/?error=' . urlencode('Twoje konto jest zawieszone. Nie możesz zmieniać adresu email.'));
|
||
exit();
|
||
}
|
||
} catch (Throwable $e) {
|
||
// Ignoruj jeśli kolumna nie istnieje
|
||
}
|
||
|
||
// Pobranie danych użytkownika
|
||
$stmt = $pdo->prepare("SELECT email FROM users WHERE id = ?");
|
||
$stmt->execute([$user_id]);
|
||
$userData = $stmt->fetch(PDO::FETCH_ASSOC);
|
||
|
||
if (!$userData) {
|
||
die("Nie znaleziono użytkownika");
|
||
}
|
||
|
||
// Walidacja nowego emaila
|
||
function validateEmail($email) {
|
||
if (empty($email)) {
|
||
return "Email jest wymagany";
|
||
}
|
||
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
|
||
return "Nieprawidłowy format adresu email";
|
||
}
|
||
if (strlen($email) > 255) {
|
||
return "Email jest za długi (max 255 znaków)";
|
||
}
|
||
return null;
|
||
}
|
||
|
||
if ($_SERVER["REQUEST_METHOD"] === "POST") {
|
||
$new_email = trim($_POST["new_email"] ?? "");
|
||
|
||
$validation_error = validateEmail($new_email);
|
||
|
||
if ($validation_error) {
|
||
$error = $validation_error;
|
||
} elseif (strtolower($new_email) === strtolower($userData['email'])) {
|
||
$error = "Nowy email nie może być taki sam jak obecny email.";
|
||
} else {
|
||
// Sprawdź czy email nie jest już zajęty
|
||
$check = $pdo->prepare("SELECT id FROM users WHERE LOWER(email) = LOWER(?) AND id != ?");
|
||
$check->execute([$new_email, $user_id]);
|
||
|
||
if ($check->fetch()) {
|
||
$error = "Ten adres email jest już zajęty.";
|
||
} else {
|
||
// Generowanie 6-cyfrowego kodu
|
||
$reset_code = str_pad(random_int(0, 999999), 6, '0', STR_PAD_LEFT);
|
||
$reset_expires = date('Y-m-d H:i:s', strtotime('+15 minutes'));
|
||
|
||
// Zapisanie kodu w bazie
|
||
try {
|
||
$update = $pdo->prepare("UPDATE users SET email_change_code = ?, email_change_expires = ?, new_email = ? WHERE id = ?");
|
||
$update->execute([$reset_code, $reset_expires, $new_email, $user_id]);
|
||
} catch (PDOException $e) {
|
||
die("Błąd aktualizacji bazy: " . $e->getMessage() . "<br><br>Czy dodałeś kolumny email_change_code, email_change_expires i new_email do tabeli users?<br><br>Wykonaj w phpMyAdmin:<br><pre>ALTER TABLE users\nADD COLUMN email_change_code VARCHAR(6) NULL,\nADD COLUMN email_change_expires DATETIME NULL,\nADD COLUMN new_email VARCHAR(255) NULL;</pre>");
|
||
}
|
||
|
||
// Wysłanie emaila z kodem NA NOWY ADRES
|
||
require_once $_SERVER['DOCUMENT_ROOT'] . '/includes/smtp_helper.php';
|
||
|
||
$subject = "Kod weryfikacyjny - Wspólnie";
|
||
$message = "
|
||
<!DOCTYPE html>
|
||
<html>
|
||
<head>
|
||
<meta charset='utf-8'>
|
||
<style>
|
||
body { font-family: 'Lato', Arial, sans-serif; background: #f0f8ff; padding: 20px; }
|
||
.container { max-width: 600px; margin: 0 auto; background: white; padding: 40px; border-radius: 15px; box-shadow: 0 4px 6px rgba(0,0,0,0.1); }
|
||
h1 { color: #2196F3; text-align: center; }
|
||
.code { font-size: 32px; font-weight: bold; color: #2196F3; text-align: center; letter-spacing: 5px; margin: 30px 0; padding: 20px; background: #e3f2fd; border-radius: 10px; }
|
||
p { color: #2c3e50; line-height: 1.6; }
|
||
.footer { margin-top: 30px; padding-top: 20px; border-top: 2px solid #e3f2fd; text-align: center; color: #7f8c8d; font-size: 14px; }
|
||
</style>
|
||
</head>
|
||
<body>
|
||
<div class='container'>
|
||
<h1>📧 Weryfikacja nowego adresu email</h1>
|
||
<p>Otrzymaliśmy prośbę o zmianę adresu email na to konto w serwisie Wspólnie.</p>
|
||
<p>Twój kod weryfikacyjny to:</p>
|
||
<div class='code'>$reset_code</div>
|
||
<p>Kod jest ważny przez <strong>15 minut</strong>.</p>
|
||
<p><strong>Jeśli to nie Ty zażądałeś tej zmiany, zignoruj tę wiadomość.</strong></p>
|
||
<div class='footer'>
|
||
<p>© 2026 Wspólnie. Wszelkie prawa zastrzeżone.</p>
|
||
</div>
|
||
</div>
|
||
</body>
|
||
</html>
|
||
";
|
||
|
||
sendEmailSMTP($new_email, $subject, $message);
|
||
|
||
// Przekierowanie do strony weryfikacji
|
||
header('Location: /account/settings/change_email_verify.php');
|
||
exit();
|
||
}
|
||
}
|
||
}
|
||
?>
|
||
<!DOCTYPE html>
|
||
<html>
|
||
<head>
|
||
<title>Zmiana adresu email | Wspólnie</title>
|
||
<meta name="viewport" content="width=device-width, initial-scale=1">
|
||
<meta charset="utf-8">
|
||
<link rel="stylesheet" href="/css/header.css" type="text/css" media="all"/>
|
||
<link rel="stylesheet" href="/css/footer.css" type="text/css" media="all"/>
|
||
<link href="/css/font-awesome.min.css" rel="stylesheet" type="text/css" media="all">
|
||
<link href="//fonts.googleapis.com/css?family=Lato:400,500,600,700,800,900" rel="stylesheet">
|
||
<style>
|
||
body {
|
||
background: linear-gradient(135deg, #e3f2fd 0%, #ffffff 100%);
|
||
min-height: 100vh;
|
||
display: flex;
|
||
flex-direction: column;
|
||
}
|
||
|
||
.request-container {
|
||
max-width: 500px;
|
||
margin: 80px auto;
|
||
padding: 40px;
|
||
background: white;
|
||
border-radius: 15px;
|
||
box-shadow: 0 10px 30px rgba(33, 150, 243, 0.2);
|
||
flex: 1;
|
||
}
|
||
|
||
h1 {
|
||
color: #1976d2;
|
||
font-size: 2em;
|
||
margin-bottom: 10px;
|
||
text-align: center;
|
||
}
|
||
|
||
.subtitle {
|
||
text-align: center;
|
||
color: #7f8c8d;
|
||
margin-bottom: 30px;
|
||
font-size: 0.95em;
|
||
}
|
||
|
||
.info-box {
|
||
background: #e3f2fd;
|
||
border-left: 4px solid #42a5f5;
|
||
padding: 15px;
|
||
margin-bottom: 25px;
|
||
border-radius: 5px;
|
||
font-size: 0.95em;
|
||
color: #2c3e50;
|
||
}
|
||
|
||
.error {
|
||
background: #ffebee;
|
||
color: #c62828;
|
||
padding: 15px;
|
||
border-radius: 8px;
|
||
margin-bottom: 20px;
|
||
text-align: center;
|
||
border-left: 4px solid #c62828;
|
||
}
|
||
|
||
.form-group {
|
||
margin-bottom: 25px;
|
||
}
|
||
|
||
label {
|
||
display: block;
|
||
margin-bottom: 10px;
|
||
font-weight: 600;
|
||
color: #2c3e50;
|
||
}
|
||
|
||
input[type="email"] {
|
||
width: 100%;
|
||
padding: 15px;
|
||
border: 2px solid #e3f2fd;
|
||
border-radius: 8px;
|
||
font-size: 16px;
|
||
transition: all 0.3s ease;
|
||
box-sizing: border-box;
|
||
}
|
||
|
||
input:focus {
|
||
outline: none;
|
||
border-color: #2196F3;
|
||
box-shadow: 0 0 0 3px rgba(33, 150, 243, 0.1);
|
||
}
|
||
|
||
button {
|
||
width: 100%;
|
||
padding: 15px;
|
||
background: linear-gradient(135deg, #2196F3 0%, #1976d2 100%);
|
||
color: white;
|
||
border: none;
|
||
border-radius: 8px;
|
||
font-size: 1.1em;
|
||
font-weight: 600;
|
||
cursor: pointer;
|
||
transition: all 0.3s ease;
|
||
}
|
||
|
||
button:hover {
|
||
transform: translateY(-2px);
|
||
box-shadow: 0 5px 15px rgba(33, 150, 243, 0.3);
|
||
background: linear-gradient(135deg, #1976d2 0%, #1565c0 100%);
|
||
}
|
||
|
||
a {
|
||
color: #2196F3;
|
||
text-decoration: none;
|
||
font-weight: 600;
|
||
}
|
||
|
||
a:hover {
|
||
text-decoration: underline;
|
||
}
|
||
</style>
|
||
</head>
|
||
<body>
|
||
<?php
|
||
if (!empty($_SESSION['logged_in'])) {
|
||
include $_SERVER['DOCUMENT_ROOT'].'/global/navLogined.php';
|
||
} else {
|
||
include $_SERVER['DOCUMENT_ROOT'].'/global/navNoLogined.php';
|
||
}
|
||
?>
|
||
|
||
<div class="request-container">
|
||
<h1>📧 Zmiana adresu email</h1>
|
||
<p class="subtitle">Wprowadź nowy adres email</p>
|
||
|
||
<?php if ($error): ?>
|
||
<div class="error"><?= htmlspecialchars($error) ?></div>
|
||
<?php endif; ?>
|
||
|
||
<div class="info-box">
|
||
<strong>📧 Obecny email:</strong> <?= htmlspecialchars($userData['email']) ?><br><br>
|
||
ℹ️ Kod weryfikacyjny zostanie wysłany na <strong>nowy adres email</strong>, aby potwierdzić, że masz do niego dostęp.
|
||
</div>
|
||
|
||
<form method="POST">
|
||
<div class="form-group">
|
||
<label for="new_email">Nowy adres email</label>
|
||
<input type="email" id="new_email" name="new_email"
|
||
placeholder="nowy@email.com" required autofocus>
|
||
</div>
|
||
|
||
<button type="submit">Wyślij kod weryfikacyjny</button>
|
||
</form>
|
||
|
||
<div style="text-align: center; margin-top: 20px;">
|
||
<a href="/account/settings/">← Powrót do ustawień</a>
|
||
</div>
|
||
</div>
|
||
|
||
<?php
|
||
if (!empty($_SESSION['logged_in'])) {
|
||
include $_SERVER['DOCUMENT_ROOT'].'/global/footerLogined.php';
|
||
} else {
|
||
include $_SERVER['DOCUMENT_ROOT'].'/global/footerNoLogined.php';
|
||
}
|
||
?>
|
||
</body>
|
||
</html>
|
||
|