Файловый менеджер

Файловый менеджер - Редактировать - /home/d46091/invoice.ecogenix.in/index.php

Назад
<?php session_start(); require_once('includes/connection.php'); // Database connection require 'vendor/autoload.php'; // Ensure PHPMailer is autoloaded use PHPMailer\PHPMailer\PHPMailer; use PHPMailer\PHPMailer\Exception; // Initialize variables for error handling $error_message = ''; $success_message = ''; if ($_SERVER["REQUEST_METHOD"] == "POST") { // Sanitize and validate input $username = filter_var(trim($_POST['username']), FILTER_SANITIZE_EMAIL); $password = trim($_POST['password']); // Validate email format if (!filter_var($username, FILTER_VALIDATE_EMAIL)) { $error_message = "Please enter a valid email address."; } elseif (empty($password)) { $error_message = "Password is required."; } else { try { // Check user with prepared statement $stmt = $conn->prepare("SELECT id, username, email, password FROM users WHERE email = ?"); $stmt->bind_param("s", $username); $stmt->execute(); $result = $stmt->get_result(); if ($user = $result->fetch_assoc()) { if (password_verify($password, $user['password'])) { // Generate secure OTP $otp = random_int(100000, 999999); $otpExpiry = date("Y-m-d H:i:s", strtotime('+10 minutes')); // Save OTP with prepared statement $updateStmt = $conn->prepare("UPDATE users SET otp = ?, otp_expiry = ? WHERE id = ?"); $updateStmt->bind_param("ssi", $otp, $otpExpiry, $user['id']); if ($updateStmt->execute()) { // Send OTP via PHPMailer $mail = new PHPMailer(true); try { // Server settings - Move to environment variables in production $mail->isSMTP(); $mail->Host = 'ecogenix.in'; $mail->SMTPAuth = true; $mail->Username = 'no-reply@ecogenix.in'; // TODO: Move password to environment variable $mail->Password = 'freeDOM@611#'; // This should be in $_ENV['SMTP_PASSWORD'] $mail->SMTPSecure = PHPMailer::ENCRYPTION_STARTTLS; $mail->Port = 587; // Recipients $mail->setFrom('no-reply@ecogenix.in', 'Ecogenix System'); $mail->addAddress($username); $mail->addReplyTo('no-reply@ecogenix.in', 'Ecogenix System'); // Content $mail->isHTML(true); $mail->Subject = 'Your OTP Code - Ecogenix'; $mail->Body = " <!DOCTYPE html> <html> <body style='font-family: Arial, sans-serif;'> <div style='max-width: 600px; margin: 0 auto; padding: 20px;'> <h2 style='color: #333;'>Ecogenix Login Verification</h2> <p>Hi <strong>" . htmlspecialchars($user['username']) . "</strong>,</p> <p>Your One-Time Password (OTP) for login verification is:</p> <div style='background-color: #f0f0f0; padding: 15px; text-align: center; font-size: 24px; font-weight: bold; color: #e74c3c; border-radius: 5px; margin: 20px 0;'> $otp </div> <p><strong>Important:</strong> This OTP will expire in 10 minutes.</p> <p>If you didn't request this login, please ignore this email and ensure your account is secure.</p> <hr style='margin: 20px 0;'> <p style='font-size: 12px; color: #666;'>This is an automated message. Please do not reply to this email.</p> </div> </body> </html> "; if ($mail->send()) { // Store user info in session for OTP verification $_SESSION['otp_user_id'] = $user['id']; $_SESSION['temp_username'] = $user['username']; $_SESSION['temp_email'] = $user['email']; $_SESSION['otp_timestamp'] = time(); header("Location: verify_otp.php"); exit; } else { $error_message = "Failed to send OTP. Please try again."; } } catch (Exception $e) { error_log("PHPMailer Error: " . $e->getMessage()); $error_message = "Unable to send OTP at this time. Please try again later."; } } else { $error_message = "System error. Please try again."; } $updateStmt->close(); } else { $error_message = "Invalid email or password."; } } else { $error_message = "Invalid email or password."; } $stmt->close(); } catch (Exception $e) { error_log("Database Error: " . $e->getMessage()); $error_message = "System error. Please try again later."; } } } ?> <!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>Admin Login - ECOGENIX</title> <link href="https://fonts.googleapis.com/css2?family=Montserrat:wght@400;600&display=swap" rel="stylesheet"> <style> * { box-sizing: border-box; margin: 0; padding: 0; } body, html { height: 100%; font-family: 'Montserrat', sans-serif; background: url('https://img.freepik.com/free-vector/abstract-big-data-digital-technology-background-design_1017-22920.jpg') no-repeat center center fixed; background-size: cover; display: flex; align-items: center; justify-content: center; } .login-wrap { width: 100%; max-width: 400px; background: rgba(255, 255, 255, 0.15); backdrop-filter: blur(10px); border-radius: 15px; padding: 30px 25px; box-shadow: 0 8px 32px rgba(0, 0, 0, 0.3); color: #fff; text-align: center; } .login-wrap h2 { font-weight: 600; font-size: 28px; margin-bottom: 20px; color: #ffffff; } .alert { padding: 12px; margin-bottom: 15px; border-radius: 8px; font-size: 14px; text-align: left; } .alert-error { background-color: rgba(231, 76, 60, 0.9); color: white; border: 1px solid rgba(231, 76, 60, 0.3); } .alert-success { background-color: rgba(46, 204, 113, 0.9); color: white; border: 1px solid rgba(46, 204, 113, 0.3); } .form input { width: 100%; padding: 12px 15px; margin-bottom: 15px; border: none; border-radius: 8px; background-color: rgba(255, 255, 255, 0.9); font-size: 16px; color: #333; transition: background-color 0.3s ease; } .form input:focus { outline: none; background-color: rgba(255, 255, 255, 1); box-shadow: 0 0 0 2px rgba(231, 76, 60, 0.3); } .form input::placeholder { color: #888; } .form button { width: 100%; padding: 12px; background: linear-gradient(135deg, #e74c3c, #c0392b); border: none; border-radius: 8px; font-size: 18px; font-weight: 600; color: white; cursor: pointer; transition: all 0.3s ease; text-transform: uppercase; letter-spacing: 1px; } .form button:hover { background: linear-gradient(135deg, #c0392b, #a93226); transform: translateY(-2px); box-shadow: 0 4px 12px rgba(0, 0, 0, 0.3); } .form button:active { transform: translateY(0); } .form a { display: block; margin-bottom: 20px; color: #ffffff; font-size: 14px; text-decoration: none; transition: color 0.3s ease; } .form a:hover { color: #ffddc1; text-decoration: underline; } .security-notice { margin-top: 20px; font-size: 12px; color: rgba(255, 255, 255, 0.8); text-align: center; } @media screen and (max-width: 500px) { .login-wrap { margin: 20px; padding: 20px; } .login-wrap h2 { font-size: 24px; } } </style> </head> <body> <div class="login-wrap"> <h2>ECOGENIX ADMIN</h2> <?php if ($error_message): ?> <div class="alert alert-error"> <?php echo htmlspecialchars($error_message); ?> </div> <?php endif; ?> <?php if ($success_message): ?> <div class="alert alert-success"> <?php echo htmlspecialchars($success_message); ?> </div> <?php endif; ?> <form action="" method="POST" autocomplete="on"> <div class="form"> <input type="email" name="username" placeholder="Email Address" required autocomplete="email" value="<?php echo isset($_POST['username']) ? htmlspecialchars($_POST['username']) : ''; ?>"> <input type="password" name="password" placeholder="Password" required autocomplete="current-password"> <a href="password_reset.php">Forgot Password?</a> <button type="submit">Login</button> </div> </form> <div class="security-notice"> <p>🔒 Secure login with two-factor authentication</p> </div> </div> </body> </html>

| ver. 1.4 | Github | . | PHP 8.1.32 | Генерация страницы: 0 | proxy | phpinfo | Настройка