From 6e60bccdd6db79dd9af392cb50de0ff2a4859d88 Mon Sep 17 00:00:00 2001
From: Karen Boniface Emmanuel <44330408+kary1998@users.noreply.github.com>
Date: Fri, 19 Jun 2020 11:02:52 +0300
Subject: [PATCH 01/12] Update index.php

---
 index.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/index.php b/index.php
index 2379936..7b872a0 100644
--- a/index.php
+++ b/index.php
@@ -40,7 +40,7 @@
   Password
 <input type="password" class="form-control"  name="password" placeholder="password">
   <br> 
-  <input type="submit" class="btn btn-primary" value="Login"><br> <a href="recover_password.php" style="font-weight:bold;color:orange">Recover lost password</a>
+  <input type="submit" class="btn btn-primary" value="Login"><br> <a href="forgot_form.php" style="font-weight:bold;color:orange">Forgot password</a>
 
 <?php 
 

From c1caa0fbc6b92e0a3dc162ff6a061c20c5917cd7 Mon Sep 17 00:00:00 2001
From: Karen Boniface Emmanuel <44330408+kary1998@users.noreply.github.com>
Date: Fri, 19 Jun 2020 11:14:00 +0300
Subject: [PATCH 02/12] Create forgot_form.php

---
 forgot_form.php | 112 ++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 112 insertions(+)
 create mode 100644 forgot_form.php

diff --git a/forgot_form.php b/forgot_form.php
new file mode 100644
index 0000000..40e85ff
--- /dev/null
+++ b/forgot_form.php
@@ -0,0 +1,112 @@
+<!DOCTYPE html>
+<head>
+    <title>PHP Login System</title>
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <!-- Bootstrap -->
+    <link href="css/bootstrap.min.css" rel="stylesheet" media="screen">
+    <link href="css/style.css" rel="stylesheet" media="screen">
+</head>
+<body>
+<script src="js/jquery.js"></script>
+<script src="js/bootstrap.min.js"></script>
+<script type="text/javascript" src="js/jquery.validate.js"></script>
+<div class="logo">
+    <h2><?php include('Connect.php');
+        echo $logotxt; ?></h2>
+
+</div>
+<form class="form-horizontal" id="forgot_pwd" method="post">
+    <h2>Forgot Password</h2>
+
+    <div class="line"></div>
+    <div class="control-group">
+        <input type="text" id="student_id" name="student_id" placeholder="Student Number">
+    </div>
+    <div class="control-group">
+        <input type="text" id="email" name="email" placeholder="Email">
+    </div>
+    <a href="registration_form.php" class="btn btn-lg btn-register">Register</a>
+
+    <button
+            type="submit" class="btn btn-lg btn-primary btn-sign-in" data-loading-text="Loading...">Password Reset
+    </button>
+    <div class="messagebox">
+        <div id="alert-message"></div>
+    </div>
+</form>
+<script type="text/javascript">
+    $(document).ready(function () {
+
+        $('#forgot_pwd').validate({
+            debug: true,
+            rules: {
+                username: {
+                    required: true
+
+                },
+                email: {
+                    required: true,
+                    email: true
+                }
+            },
+            messages: {
+                username: {
+                    required: "Enter your Student Number"
+                },
+                email: {
+                    required: "Enter your Email",
+                    email: "Enter valid email address"
+                },
+            },
+
+            errorPlacement: function (error, element) {
+                error.hide();
+                $('.messagebox').hide();
+                error.appendTo($('#alert-message'));
+                $('.messagebox').slideDown('slow');
+
+
+            },
+            highlight: function (element, errorClass, validClass) {
+                $(element).parents('.control-group').addClass('error');
+            },
+            unhighlight: function (element, errorClass, validClass) {
+                $(element).parents('.control-group').removeClass('error');
+                $(element).parents('.control-group').addClass('success');
+            }
+        });
+
+
+        $("#forgot_pwd").submit(function () {
+
+            if ($("#forgot_pwd").valid()) {
+                var data1 = $('#forgot_pwd').serialize();
+                $.ajax({
+                    type: "POST",
+                    url: "forgot_pwd.php",
+                    data: data1,
+                    success: function (msg) {
+                        console.log(msg);
+                        $('.messagebox').hide();
+                        $('#alert-message').html(msg);
+                        $('.messagebox').slideDown('slow');
+                    },
+					 error: function (msg) {
+                        $('.messagebox').hide();
+                        $('.messagebox').addClass("error-message");
+                        $('#alert-message').html(msg.result);
+                        $('.messagebox').slideDown('slow');
+                    }
+                });
+            }
+
+
+            return false;
+
+
+        });
+    });
+</script>
+</body>
+
+</html>

From 5349fb02be97fa757c51346cc9e07bb3f20e96ae Mon Sep 17 00:00:00 2001
From: Karen Boniface Emmanuel <44330408+kary1998@users.noreply.github.com>
Date: Fri, 19 Jun 2020 22:05:16 +0300
Subject: [PATCH 03/12] Create forgot_pwd.php

---
 forgot_pwd.php | 48 ++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 48 insertions(+)
 create mode 100644 forgot_pwd.php

diff --git a/forgot_pwd.php b/forgot_pwd.php
new file mode 100644
index 0000000..304e35c
--- /dev/null
+++ b/forgot_pwd.php
@@ -0,0 +1,48 @@
+<?php
+include "Connect.php";
+$con = mysqli_connect("localhost","root","","lrr") //connect to the database server
+or die("Could not connect to mysql because " . mysqli_error());
+
+mysqli_select_db($con, "lrr") //select the database
+or die("Could not select to mysql because " . mysqli_error());
+
+//prevent sql injection
+$student_id = mysqli_real_escape_string($con, $_POST["student_id"]);
+$email = mysqli_real_escape_string($con, $_POST["email"]);
+
+$student_id = trim($student_id);
+$email = trim($email);
+
+if (!empty($student_id)) {
+    if (!empty($email)) {
+        $query = "select * from " . $table_name . " where student_id='Student_ID' and email='$Email'";
+    } else {
+        $query = "select * from " . $table_name . " where student_id='$Student_ID'";
+    }
+
+} else {
+    $query = "select * from " . $table_name . " where email='$Email'";
+}
+
+$result = mysqli_query($con, $query) or die('error');
+$row = mysqli_fetch_array($result);
+
+
+if (mysqli_num_rows($result)) {
+
+    $to = $row['email'];
+    $subject = "Password Reset";
+    $body = "Hi " . $row['Full_Name'] .
+        "<br />Your account password has been reset: <a href=\"$url/reset.php"> Please Click to set a new password</a><br /> <br /> Thanks";
+    $headers = "From:" . $from_address;
+    $headers .= 'MIME-Version: 1.0' . "\r\n";
+    $headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
+    mail($to, $subject, $body, $headers);
+    //echo $body;
+    echo "Please Check your Email for resetting your password";
+    //header('Content-type: application/json');
+    // echo json_encode( array('result'=>1,'txt'=>"Password has been successfully sent to your Email Address"));
+} else {
+    //echo json_encode( array('result'=>0,'txt'=>"User account doesn't Exist"));
+    echo "User account doesn't Exist";
+}

From 810000aa9f9c09ac6109efb3adbcbaf9c9d72593 Mon Sep 17 00:00:00 2001
From: Karen Boniface Emmanuel <44330408+kary1998@users.noreply.github.com>
Date: Fri, 19 Jun 2020 22:26:02 +0300
Subject: [PATCH 04/12] Create reset.php

---
 reset.php | 154 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 154 insertions(+)
 create mode 100644 reset.php

diff --git a/reset.php b/reset.php
new file mode 100644
index 0000000..2cfe1c8
--- /dev/null
+++ b/reset.php
@@ -0,0 +1,154 @@
+<?php session_start(); ?>
+<!DOCTYPE html>
+<head>
+    <title>LRR</title>
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <!-- Bootstrap -->
+    <link href="css/bootstrap.min.css" rel="stylesheet" media="screen">
+    <link href="css/style.css" rel="stylesheet" media="screen">
+</head>
+<body>
+<script src="js/jquery.js"></script>
+<script src="js/bootstrap.min.js"></script>
+<script type="text/javascript" src="js/jquery.validate.js"></script>
+<div class="logo">
+    <h2><?php include 'Connect.php';
+        echo $logotxt; ?></h2>
+
+</div>
+<form class="form-horizontal" id="reset_pwd" method="post">
+    <h2>Reset Password</h2>
+
+    <div class="line"></div>
+    <?php
+    include "Connect.php";
+    $con = mysqli_connect("localhost","root","","lrr") //connect to the database server
+    or die("Could not connect to mysql because " . mysqli_error());
+
+    mysqli_select_db($con, "lrr") //select the database
+    or die("Could not select to mysql because " . mysqli_error());
+
+    $key = mysqli_real_escape_string($con, $_GET["k"]);
+    $key = htmlspecialchars($key, ENT_COMPAT);
+    if (!empty($key)) {
+
+        //query database to check status of the user
+        $query = "select * from " . $table_name . " where Status='Active'";
+        $result = mysqli_query($con, $query) or die('error');
+
+        if (mysqli_num_rows($result)) {
+            $row = mysqli_fetch_array($result);
+            if ($row['Status'] == 'Active') {
+                $student_id = trim($row['Student_ID']);
+                $_SESSION['Student_ID'] = $student_id;
+                //html
+                ?>
+
+
+                <div class="control-group">
+                    <input type="password" id="password1" name="password1" placeholder="Password">
+                </div>
+                <div class="control-group">
+                    <input type="password" id="password2" name="password2" placeholder="Retype Password">
+                </div>
+
+                <button
+                        type="submit" class="btn btn-lg btn-primary btn-sign-in" data-loading-text="Loading...">Reset
+                </button>
+
+                <div class="messagebox">
+                    <div id="alert-message"></div>
+                </div>
+
+                <?php
+            } else {
+                echo "<div class=\"messagebox\"><div id=\"alert-message\">You can login</div></div>";
+            }
+
+        } else {
+            echo "<div class=\"messagebox\"><div id=\"alert-message\">You can login</div></div>";
+            //header('Location: $url');
+        }
+    } else {
+        echo "<div class=\"messagebox\"><div id=\"alert-message\">error</div></div>";
+    }
+
+    ?>
+
+</form>
+<script type="text/javascript">
+    $(document).ready(function () {
+
+        $('#reset_pwd').validate({
+            debug: true,
+            rules: {
+                password1: {
+                    minlength: 6,
+                    required: true
+                },
+                password2: {
+                    required: true,
+                    minlength: 6,
+                    equalTo: "#password1"
+                }
+            },
+            messages: {
+                password1: {
+                    required: "Enter password "
+                },
+                password2: {
+                    required: "Retype your password",
+                    equalTo: "Passwords must match"
+
+                },
+            },
+
+            errorPlacement: function (error, element) {
+                error.hide();
+                $('.messagebox').hide();
+                error.appendTo($('#alert-message'));
+                $('.messagebox').slideDown('slow');
+
+
+            },
+            highlight: function (element, errorClass, validClass) {
+                $(element).parents('.control-group').addClass('error');
+            },
+            unhighlight: function (element, errorClass, validClass) {
+                $(element).parents('.control-group').removeClass('error');
+                $(element).parents('.control-group').addClass('success');
+            }
+        });
+
+
+        $("#reset_pwd").submit(function () {
+
+            if ($("#reset_pwd").valid()) {
+                var data1 = $('#reset_pwd').serialize();
+                $.ajax({
+                    type: "POST",
+                    url: "process_reset.php",
+                    data: data1,
+                    success: function (msg) {
+                        console.log(msg);
+
+                        $('.messagebox').hide();
+                        $('.messagebox').addClass("error-message");
+                        $('#alert-message').html(msg);
+                        $('.messagebox').slideDown('slow');
+
+
+                    }
+                });
+            }
+
+
+            return false;
+
+
+        });
+    });
+</script>
+</body>
+
+</html>

From 0e593d90a8c68b75cc04de9ab0ec05e364601a8a Mon Sep 17 00:00:00 2001
From: Karen Boniface Emmanuel <44330408+kary1998@users.noreply.github.com>
Date: Fri, 19 Jun 2020 22:28:25 +0300
Subject: [PATCH 05/12] Create process_reset.php

---
 process_reset.php | 47 +++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 47 insertions(+)
 create mode 100644 process_reset.php

diff --git a/process_reset.php b/process_reset.php
new file mode 100644
index 0000000..edc855f
--- /dev/null
+++ b/process_reset.php
@@ -0,0 +1,47 @@
+<?php
+session_start();
+include "Connect.php";
+
+$con = mysqli_connect("localhost","root","","lrr") //connect to the database server
+or die("Could not connect to mysql because " . mysqli_error());
+
+mysqli_select_db($con, "lrr") //select the database
+or die("Could not select to mysql because " . mysqli_error());
+
+//prevent sql injection
+//$student_id=mysql_real_escape_string($_POST["student_id"]);
+$password = mysqli_real_escape_string($con, $_POST["password1"]);
+$student_id = $_SESSION['student_id'];
+
+//check if user is in reset process
+$query = "select * from " . $table_name . " where student_id='$Student_ID'";
+$result = mysqli_query($con, $query) or die('error');
+$row = mysqli_fetch_array($result);
+$email = $row['email'];
+
+if (mysqli_num_rows($result)) {
+    //pwd = crypt($password);
+    if (phpversion() >= 5.5) {
+        $pwd = password_hash($password, PASSWORD_DEFAULT);
+    } else {
+        $pwd = crypt($password, '987654321'); //Hash used to suppress  PHP notice
+    }
+
+    $query = "update " . $table_name . "	 set password='$Password' , where student_id='$Student_ID'";
+    $result = mysqli_query($con, $query) or die('error');
+
+    //send email for the user with password
+
+    $to = $email;
+    $subject = "Password Reset";
+    $body = "Hi student " . $Full_Name .
+        "<br /> Your new password is updated successfully<br />";
+
+    $headers = "From:" . $from_address;
+    $headers .= 'MIME-Version: 1.0' . "\r\n";
+    $headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
+    mail($to, $subject, $body, $headers);
+    echo "Password updated Successfully";
+} else {
+    echo "Cannot change password:User already active please login";
+}

From 50fc755b7a7fafe106881f4408f7dd34a65a2451 Mon Sep 17 00:00:00 2001
From: Karen Boniface Emmanuel <44330408+kary1998@users.noreply.github.com>
Date: Fri, 19 Jun 2020 22:41:23 +0300
Subject: [PATCH 06/12] Update reset.php

---
 reset.php | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/reset.php b/reset.php
index 2cfe1c8..a1ac4fd 100644
--- a/reset.php
+++ b/reset.php
@@ -28,9 +28,8 @@
     mysqli_select_db($con, "lrr") //select the database
     or die("Could not select to mysql because " . mysqli_error());
 
-    $key = mysqli_real_escape_string($con, $_GET["k"]);
-    $key = htmlspecialchars($key, ENT_COMPAT);
-    if (!empty($key)) {
+    $query = mysqli_real_escape_string($con, $_GET["Status"]);
+    if ($query=='Active') {
 
         //query database to check status of the user
         $query = "select * from " . $table_name . " where Status='Active'";

From 1f92f35dcbe5c1e5b61a7eceba18bc198232a7bd Mon Sep 17 00:00:00 2001
From: Karen Boniface Emmanuel <44330408+kary1998@users.noreply.github.com>
Date: Fri, 19 Jun 2020 22:56:38 +0300
Subject: [PATCH 07/12] Update reset.php

---
 reset.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/reset.php b/reset.php
index a1ac4fd..bfeb425 100644
--- a/reset.php
+++ b/reset.php
@@ -29,7 +29,7 @@
     or die("Could not select to mysql because " . mysqli_error());
 
     $query = mysqli_real_escape_string($con, $_GET["Status"]);
-    if ($query=='Active') {
+    if (!empty($query)) {
 
         //query database to check status of the user
         $query = "select * from " . $table_name . " where Status='Active'";

From 0ebbe2dfc7d2199740ee9e93ad84d2f95a2e1701 Mon Sep 17 00:00:00 2001
From: Karen Boniface Emmanuel <44330408+kary1998@users.noreply.github.com>
Date: Sat, 20 Jun 2020 00:24:03 +0300
Subject: [PATCH 08/12] Delete forgot_pwd.php

---
 forgot_pwd.php | 48 ------------------------------------------------
 1 file changed, 48 deletions(-)
 delete mode 100644 forgot_pwd.php

diff --git a/forgot_pwd.php b/forgot_pwd.php
deleted file mode 100644
index 304e35c..0000000
--- a/forgot_pwd.php
+++ /dev/null
@@ -1,48 +0,0 @@
-<?php
-include "Connect.php";
-$con = mysqli_connect("localhost","root","","lrr") //connect to the database server
-or die("Could not connect to mysql because " . mysqli_error());
-
-mysqli_select_db($con, "lrr") //select the database
-or die("Could not select to mysql because " . mysqli_error());
-
-//prevent sql injection
-$student_id = mysqli_real_escape_string($con, $_POST["student_id"]);
-$email = mysqli_real_escape_string($con, $_POST["email"]);
-
-$student_id = trim($student_id);
-$email = trim($email);
-
-if (!empty($student_id)) {
-    if (!empty($email)) {
-        $query = "select * from " . $table_name . " where student_id='Student_ID' and email='$Email'";
-    } else {
-        $query = "select * from " . $table_name . " where student_id='$Student_ID'";
-    }
-
-} else {
-    $query = "select * from " . $table_name . " where email='$Email'";
-}
-
-$result = mysqli_query($con, $query) or die('error');
-$row = mysqli_fetch_array($result);
-
-
-if (mysqli_num_rows($result)) {
-
-    $to = $row['email'];
-    $subject = "Password Reset";
-    $body = "Hi " . $row['Full_Name'] .
-        "<br />Your account password has been reset: <a href=\"$url/reset.php"> Please Click to set a new password</a><br /> <br /> Thanks";
-    $headers = "From:" . $from_address;
-    $headers .= 'MIME-Version: 1.0' . "\r\n";
-    $headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
-    mail($to, $subject, $body, $headers);
-    //echo $body;
-    echo "Please Check your Email for resetting your password";
-    //header('Content-type: application/json');
-    // echo json_encode( array('result'=>1,'txt'=>"Password has been successfully sent to your Email Address"));
-} else {
-    //echo json_encode( array('result'=>0,'txt'=>"User account doesn't Exist"));
-    echo "User account doesn't Exist";
-}

From 7471f061103665f75ee71205dae26a0d9779598d Mon Sep 17 00:00:00 2001
From: Karen Boniface Emmanuel <44330408+kary1998@users.noreply.github.com>
Date: Sat, 20 Jun 2020 00:24:44 +0300
Subject: [PATCH 09/12] Delete reset.php

---
 reset.php | 153 ------------------------------------------------------
 1 file changed, 153 deletions(-)
 delete mode 100644 reset.php

diff --git a/reset.php b/reset.php
deleted file mode 100644
index bfeb425..0000000
--- a/reset.php
+++ /dev/null
@@ -1,153 +0,0 @@
-<?php session_start(); ?>
-<!DOCTYPE html>
-<head>
-    <title>LRR</title>
-    <meta name="viewport" content="width=device-width, initial-scale=1.0">
-    <!-- Bootstrap -->
-    <link href="css/bootstrap.min.css" rel="stylesheet" media="screen">
-    <link href="css/style.css" rel="stylesheet" media="screen">
-</head>
-<body>
-<script src="js/jquery.js"></script>
-<script src="js/bootstrap.min.js"></script>
-<script type="text/javascript" src="js/jquery.validate.js"></script>
-<div class="logo">
-    <h2><?php include 'Connect.php';
-        echo $logotxt; ?></h2>
-
-</div>
-<form class="form-horizontal" id="reset_pwd" method="post">
-    <h2>Reset Password</h2>
-
-    <div class="line"></div>
-    <?php
-    include "Connect.php";
-    $con = mysqli_connect("localhost","root","","lrr") //connect to the database server
-    or die("Could not connect to mysql because " . mysqli_error());
-
-    mysqli_select_db($con, "lrr") //select the database
-    or die("Could not select to mysql because " . mysqli_error());
-
-    $query = mysqli_real_escape_string($con, $_GET["Status"]);
-    if (!empty($query)) {
-
-        //query database to check status of the user
-        $query = "select * from " . $table_name . " where Status='Active'";
-        $result = mysqli_query($con, $query) or die('error');
-
-        if (mysqli_num_rows($result)) {
-            $row = mysqli_fetch_array($result);
-            if ($row['Status'] == 'Active') {
-                $student_id = trim($row['Student_ID']);
-                $_SESSION['Student_ID'] = $student_id;
-                //html
-                ?>
-
-
-                <div class="control-group">
-                    <input type="password" id="password1" name="password1" placeholder="Password">
-                </div>
-                <div class="control-group">
-                    <input type="password" id="password2" name="password2" placeholder="Retype Password">
-                </div>
-
-                <button
-                        type="submit" class="btn btn-lg btn-primary btn-sign-in" data-loading-text="Loading...">Reset
-                </button>
-
-                <div class="messagebox">
-                    <div id="alert-message"></div>
-                </div>
-
-                <?php
-            } else {
-                echo "<div class=\"messagebox\"><div id=\"alert-message\">You can login</div></div>";
-            }
-
-        } else {
-            echo "<div class=\"messagebox\"><div id=\"alert-message\">You can login</div></div>";
-            //header('Location: $url');
-        }
-    } else {
-        echo "<div class=\"messagebox\"><div id=\"alert-message\">error</div></div>";
-    }
-
-    ?>
-
-</form>
-<script type="text/javascript">
-    $(document).ready(function () {
-
-        $('#reset_pwd').validate({
-            debug: true,
-            rules: {
-                password1: {
-                    minlength: 6,
-                    required: true
-                },
-                password2: {
-                    required: true,
-                    minlength: 6,
-                    equalTo: "#password1"
-                }
-            },
-            messages: {
-                password1: {
-                    required: "Enter password "
-                },
-                password2: {
-                    required: "Retype your password",
-                    equalTo: "Passwords must match"
-
-                },
-            },
-
-            errorPlacement: function (error, element) {
-                error.hide();
-                $('.messagebox').hide();
-                error.appendTo($('#alert-message'));
-                $('.messagebox').slideDown('slow');
-
-
-            },
-            highlight: function (element, errorClass, validClass) {
-                $(element).parents('.control-group').addClass('error');
-            },
-            unhighlight: function (element, errorClass, validClass) {
-                $(element).parents('.control-group').removeClass('error');
-                $(element).parents('.control-group').addClass('success');
-            }
-        });
-
-
-        $("#reset_pwd").submit(function () {
-
-            if ($("#reset_pwd").valid()) {
-                var data1 = $('#reset_pwd').serialize();
-                $.ajax({
-                    type: "POST",
-                    url: "process_reset.php",
-                    data: data1,
-                    success: function (msg) {
-                        console.log(msg);
-
-                        $('.messagebox').hide();
-                        $('.messagebox').addClass("error-message");
-                        $('#alert-message').html(msg);
-                        $('.messagebox').slideDown('slow');
-
-
-                    }
-                });
-            }
-
-
-            return false;
-
-
-        });
-    });
-</script>
-</body>
-
-</html>

From 06f8951bb96656321d20b4475aebda6ce0d20405 Mon Sep 17 00:00:00 2001
From: Karen Boniface Emmanuel <44330408+kary1998@users.noreply.github.com>
Date: Sat, 20 Jun 2020 00:25:41 +0300
Subject: [PATCH 10/12] Delete forgot_form.php

---
 forgot_form.php | 112 ------------------------------------------------
 1 file changed, 112 deletions(-)
 delete mode 100644 forgot_form.php

diff --git a/forgot_form.php b/forgot_form.php
deleted file mode 100644
index 40e85ff..0000000
--- a/forgot_form.php
+++ /dev/null
@@ -1,112 +0,0 @@
-<!DOCTYPE html>
-<head>
-    <title>PHP Login System</title>
-    <meta name="viewport" content="width=device-width, initial-scale=1.0">
-    <!-- Bootstrap -->
-    <link href="css/bootstrap.min.css" rel="stylesheet" media="screen">
-    <link href="css/style.css" rel="stylesheet" media="screen">
-</head>
-<body>
-<script src="js/jquery.js"></script>
-<script src="js/bootstrap.min.js"></script>
-<script type="text/javascript" src="js/jquery.validate.js"></script>
-<div class="logo">
-    <h2><?php include('Connect.php');
-        echo $logotxt; ?></h2>
-
-</div>
-<form class="form-horizontal" id="forgot_pwd" method="post">
-    <h2>Forgot Password</h2>
-
-    <div class="line"></div>
-    <div class="control-group">
-        <input type="text" id="student_id" name="student_id" placeholder="Student Number">
-    </div>
-    <div class="control-group">
-        <input type="text" id="email" name="email" placeholder="Email">
-    </div>
-    <a href="registration_form.php" class="btn btn-lg btn-register">Register</a>
-
-    <button
-            type="submit" class="btn btn-lg btn-primary btn-sign-in" data-loading-text="Loading...">Password Reset
-    </button>
-    <div class="messagebox">
-        <div id="alert-message"></div>
-    </div>
-</form>
-<script type="text/javascript">
-    $(document).ready(function () {
-
-        $('#forgot_pwd').validate({
-            debug: true,
-            rules: {
-                username: {
-                    required: true
-
-                },
-                email: {
-                    required: true,
-                    email: true
-                }
-            },
-            messages: {
-                username: {
-                    required: "Enter your Student Number"
-                },
-                email: {
-                    required: "Enter your Email",
-                    email: "Enter valid email address"
-                },
-            },
-
-            errorPlacement: function (error, element) {
-                error.hide();
-                $('.messagebox').hide();
-                error.appendTo($('#alert-message'));
-                $('.messagebox').slideDown('slow');
-
-
-            },
-            highlight: function (element, errorClass, validClass) {
-                $(element).parents('.control-group').addClass('error');
-            },
-            unhighlight: function (element, errorClass, validClass) {
-                $(element).parents('.control-group').removeClass('error');
-                $(element).parents('.control-group').addClass('success');
-            }
-        });
-
-
-        $("#forgot_pwd").submit(function () {
-
-            if ($("#forgot_pwd").valid()) {
-                var data1 = $('#forgot_pwd').serialize();
-                $.ajax({
-                    type: "POST",
-                    url: "forgot_pwd.php",
-                    data: data1,
-                    success: function (msg) {
-                        console.log(msg);
-                        $('.messagebox').hide();
-                        $('#alert-message').html(msg);
-                        $('.messagebox').slideDown('slow');
-                    },
-					 error: function (msg) {
-                        $('.messagebox').hide();
-                        $('.messagebox').addClass("error-message");
-                        $('#alert-message').html(msg.result);
-                        $('.messagebox').slideDown('slow');
-                    }
-                });
-            }
-
-
-            return false;
-
-
-        });
-    });
-</script>
-</body>
-
-</html>

From dfc3831600d2512640a2622e203ca71e606f7b69 Mon Sep 17 00:00:00 2001
From: Karen Boniface Emmanuel <44330408+kary1998@users.noreply.github.com>
Date: Sat, 20 Jun 2020 00:26:17 +0300
Subject: [PATCH 11/12] Delete process_reset.php

---
 process_reset.php | 47 -----------------------------------------------
 1 file changed, 47 deletions(-)
 delete mode 100644 process_reset.php

diff --git a/process_reset.php b/process_reset.php
deleted file mode 100644
index edc855f..0000000
--- a/process_reset.php
+++ /dev/null
@@ -1,47 +0,0 @@
-<?php
-session_start();
-include "Connect.php";
-
-$con = mysqli_connect("localhost","root","","lrr") //connect to the database server
-or die("Could not connect to mysql because " . mysqli_error());
-
-mysqli_select_db($con, "lrr") //select the database
-or die("Could not select to mysql because " . mysqli_error());
-
-//prevent sql injection
-//$student_id=mysql_real_escape_string($_POST["student_id"]);
-$password = mysqli_real_escape_string($con, $_POST["password1"]);
-$student_id = $_SESSION['student_id'];
-
-//check if user is in reset process
-$query = "select * from " . $table_name . " where student_id='$Student_ID'";
-$result = mysqli_query($con, $query) or die('error');
-$row = mysqli_fetch_array($result);
-$email = $row['email'];
-
-if (mysqli_num_rows($result)) {
-    //pwd = crypt($password);
-    if (phpversion() >= 5.5) {
-        $pwd = password_hash($password, PASSWORD_DEFAULT);
-    } else {
-        $pwd = crypt($password, '987654321'); //Hash used to suppress  PHP notice
-    }
-
-    $query = "update " . $table_name . "	 set password='$Password' , where student_id='$Student_ID'";
-    $result = mysqli_query($con, $query) or die('error');
-
-    //send email for the user with password
-
-    $to = $email;
-    $subject = "Password Reset";
-    $body = "Hi student " . $Full_Name .
-        "<br /> Your new password is updated successfully<br />";
-
-    $headers = "From:" . $from_address;
-    $headers .= 'MIME-Version: 1.0' . "\r\n";
-    $headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
-    mail($to, $subject, $body, $headers);
-    echo "Password updated Successfully";
-} else {
-    echo "Cannot change password:User already active please login";
-}

From fc47c175c43efac585212bf2b44ce2b81959a1e9 Mon Sep 17 00:00:00 2001
From: Karen Boniface Emmanuel <44330408+kary1998@users.noreply.github.com>
Date: Sat, 20 Jun 2020 00:28:14 +0300
Subject: [PATCH 12/12] Update index.php

---
 index.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/index.php b/index.php
index 7b872a0..2379936 100644
--- a/index.php
+++ b/index.php
@@ -40,7 +40,7 @@
   Password
 <input type="password" class="form-control"  name="password" placeholder="password">
   <br> 
-  <input type="submit" class="btn btn-primary" value="Login"><br> <a href="forgot_form.php" style="font-weight:bold;color:orange">Forgot password</a>
+  <input type="submit" class="btn btn-primary" value="Login"><br> <a href="recover_password.php" style="font-weight:bold;color:orange">Recover lost password</a>
 
 <?php 
 
