$username, "resetkey" => ''), JSON_UNESCAPED_UNICODE); //Secure data $payload = generate_payload($data); //API call $responses = ioServer('/v1/authorization', $payload); //Decode Payload if (!empty($responses)){$responses = decode_payload($responses);}else{$responses = '400';} if ($responses === 'NOK'){ $usernameerr = 'Not authorized, please retry'; } else { $username_err = $reset_message; header("Refresh:5; url=index.php"); } } else { // Display an error for passord mismatch $username_err = 'Unknown error'; } } //IF POST RESETKEY & PASSWORD if (isset($_POST['resetkey']) && $_POST['resetkey'] !='' && $_POST['password_update']) { //check if resetkey is still valid $is_resetkey_valid = is_jwt_valid($_POST['resetkey']); if($is_resetkey_valid) { $resetkey = $_POST['resetkey']; //Clean up passwords $password = htmlspecialchars(trim($_POST["password"]), ENT_QUOTES); $confirm_password = htmlspecialchars(trim($_POST["password_update"]), ENT_QUOTES); //Check if passwords are equal if ($password == $confirm_password){ if (strlen(trim($password)) < 6){ $username_err = $reset_message3; $reset_id_valid = 1; } else { //UPDATE PASSWORD $data = json_encode(array("password" => $password, "resetkey" => $resetkey), JSON_UNESCAPED_UNICODE); //Secure data $payload = generate_payload($data); //API call $responses = ioServer('/v1/authorization', $payload); if (!empty($responses)){$responses = decode_payload($responses);}else{$responses = '400';} if ($responses === 'NOK'){ $usernameerr = 'Not authorized, please retry'; } else { // success $username_err = 'You will be redirected'; //redirect to login page header("Refresh:2; url=index.php"); } } $username_err = 'You will be redirected'; } else { $username_err = 'Passwords do not match'; $reset_id_valid = 1; } } } //CHECK IF RESETKEY IS SEND AND VALID if (isset($_GET['resetkey']) && $_GET['resetkey'] !=''){ //Check if key is valid $is_jwt_valid = is_jwt_valid($_GET['resetkey']); if($is_jwt_valid) { $resetkey = $_GET['resetkey']; $reset_id_valid = 1; } else { //Token not valid => display error and redirect to loginpage $username_err = $reset_message2 ; //redirect to login page header("Refresh:5; url=index.php"); } } echo' '.site_title.' '; //Maintenance mode notification message if (maintenance_mode){ echo'

'.maintenance_mode_notification.'

'; } //Logon view echo'

'.site_title.'

Customer Portal

'; if (maintenance_mode) { //Maintenance mode is on => Show maintenance mode text echo '

'.maintenance_mode_notification.'

'; } else { //Maintenance mode is off => Show login echo '

'.$username_err.'

'; } echo '

'; ?>