Upgraded to 1.1.0

1.1.0 (2025-10-09) - **User Notifications System** - In-app notification center with 7 notification types, filtering, pagination - **Advanced Session Management** - Database-backed sessions with geolocation (country, city, ISP) - **Remote Session Control** - Terminate any device instantly with immediate logout validation - **Enhanced Profile Page** - Sidebar navigation with 4 tabs, hash-based routing (#profile, #security, #sessions) - **MVC Architecture Refactoring** - 3 new Helpers (Layout, Domain, Session), ~265 lines cleaned from views - **Geolocation Tracking** - IP-based location detection using ip-api.com, country flags with flag-icons - **Device Detection** - Browser & device type parsing (Chrome/Firefox/Safari, Desktop/Mobile/Tablet) - **Auto-Detected Cron Paths** - Settings show actual installation paths (thanks @jadeops) - **Welcome Notifications** - Sent to new users on registration or fresh install - **Upgrade Notifications** - Admins notified on system updates with version & migration count - **Web-Based Installer** - Replaces CLI, auto-generates encryption key, one-time password display - **Web-Based Updater** - `/install/update` for running new migrations with smart detection - **User Registration** - Full signup flow with email verification, password reset, resend verification - **User Management** - CRUD for users with filtering, sorting, pagination (admin-only) - **Remember Me** - 30-day secure tokens linked to sessions, cascade deletion on logout - **Session Validator** - Middleware validates sessions on every request for instant remote logout - **Consistent UI/UX** - Unified filtering, sorting, pagination across Domains, Users, Notifications, TLD Registry - **Smart Migrations** - Consolidated schema for fresh installs, incremental for upgrades - **XSS Protection** - htmlspecialchars() applied across all user-facing data (thanks @jadeops)
2025-10-09 18:02:46 +03:00
parent adc28b97f0
commit e5b9599755
61 changed files with 6838 additions and 812 deletions
--- a/app/Views/auth/reset-password.php
+++ b/app/Views/auth/reset-password.php
@@ -0,0 +1,147 @@
+<?php
+$title = 'Reset Password';
+ob_start();
+?>
+
+<!-- Logo and Title -->
+<div class="text-center mb-8">
+    <div class="inline-flex items-center justify-center w-14 h-14 bg-primary rounded-lg mb-4">
+        <i class="fas fa-lock-open text-white text-2xl"></i>
+    </div>
+    <h1 class="text-2xl font-semibold text-gray-900 mb-1">Reset Password</h1>
+    <p class="text-sm text-gray-500">Enter your new password below</p>
+</div>
+
+<!-- Error/Success Alert -->
+<?php if (isset($_SESSION['error'])): ?>
+    <div class="mb-6 bg-red-50 border border-red-200 p-3 rounded-lg">
+        <div class="flex items-center">
+            <i class="fas fa-exclamation-circle text-red-500 mr-2"></i>
+            <span class="text-sm text-red-700"><?= htmlspecialchars($_SESSION['error']) ?></span>
+        </div>
+    </div>
+    <?php unset($_SESSION['error']); ?>
+<?php endif; ?>
+
+<!-- Reset Password Form -->
+<form method="POST" action="/reset-password" class="space-y-4">
+    <!-- Hidden token field -->
+    <input type="hidden" name="token" value="<?= htmlspecialchars($token ?? '') ?>">
+
+    <!-- Password Field -->
+    <div>
+        <label for="password" class="block text-sm font-medium text-gray-700 mb-1.5">
+            New Password
+        </label>
+        <div class="relative">
+            <div class="absolute inset-y-0 left-0 pl-3 flex items-center pointer-events-none">
+                <i class="fas fa-lock text-gray-400 text-sm"></i>
+            </div>
+            <input 
+                type="password" 
+                id="password" 
+                name="password" 
+                required
+                minlength="8"
+                autofocus
+                class="w-full pl-10 pr-10 py-2.5 border border-gray-300 rounded-lg focus:ring-2 focus:ring-primary focus:border-primary transition-colors text-sm"
+                placeholder="Enter new password">
+            <button 
+                type="button" 
+                onclick="togglePassword('password')"
+                class="absolute right-3 top-1/2 transform -translate-y-1/2 text-gray-400 hover:text-gray-600 focus:outline-none">
+                <i class="fas fa-eye text-sm" id="toggleIcon-password"></i>
+            </button>
+        </div>
+        <p class="text-xs text-gray-500 mt-1">Minimum 8 characters</p>
+    </div>
+
+    <!-- Confirm Password Field -->
+    <div>
+        <label for="password_confirm" class="block text-sm font-medium text-gray-700 mb-1.5">
+            Confirm New Password
+        </label>
+        <div class="relative">
+            <div class="absolute inset-y-0 left-0 pl-3 flex items-center pointer-events-none">
+                <i class="fas fa-lock text-gray-400 text-sm"></i>
+            </div>
+            <input 
+                type="password" 
+                id="password_confirm" 
+                name="password_confirm" 
+                required
+                minlength="8"
+                class="w-full pl-10 pr-10 py-2.5 border border-gray-300 rounded-lg focus:ring-2 focus:ring-primary focus:border-primary transition-colors text-sm"
+                placeholder="Re-enter new password">
+            <button 
+                type="button" 
+                onclick="togglePassword('password_confirm')"
+                class="absolute right-3 top-1/2 transform -translate-y-1/2 text-gray-400 hover:text-gray-600 focus:outline-none">
+                <i class="fas fa-eye text-sm" id="toggleIcon-password_confirm"></i>
+            </button>
+        </div>
+    </div>
+
+    <!-- Password Strength Indicator -->
+    <div class="bg-blue-50 border border-blue-200 rounded-lg p-3">
+        <p class="text-xs text-blue-800 mb-2">
+            <i class="fas fa-shield-alt mr-1"></i>
+            <strong>Password Requirements:</strong>
+        </p>
+        <ul class="text-xs text-blue-700 space-y-1 ml-5 list-disc">
+            <li>At least 8 characters long</li>
+            <li>Mix of uppercase and lowercase letters recommended</li>
+            <li>Include numbers and special characters for extra security</li>
+        </ul>
+    </div>
+
+    <!-- Submit Button -->
+    <button 
+        type="submit" 
+        class="w-full bg-primary hover:bg-primary-dark text-white py-2.5 rounded-lg font-medium transition-colors duration-200 flex items-center justify-center text-sm mt-6">
+        <i class="fas fa-check mr-2"></i>
+        Reset Password
+    </button>
+</form>
+
+<!-- Back to Login Link -->
+<div class="text-center mt-6 pt-6 border-t border-gray-200">
+    <a href="/login" class="inline-flex items-center text-sm text-gray-600 hover:text-gray-800">
+        <i class="fas fa-arrow-left mr-2"></i>
+        Back to Login
+    </a>
+</div>
+
+<?php
+$content = ob_get_clean();
+$scripts = <<<'SCRIPT'
+<script>
+    function togglePassword(fieldId) {
+        const passwordInput = document.getElementById(fieldId);
+        const toggleIcon = document.getElementById('toggleIcon-' + fieldId);
+        
+        if (passwordInput.type === 'password') {
+            passwordInput.type = 'text';
+            toggleIcon.classList.remove('fa-eye');
+            toggleIcon.classList.add('fa-eye-slash');
+        } else {
+            passwordInput.type = 'password';
+            toggleIcon.classList.remove('fa-eye-slash');
+            toggleIcon.classList.add('fa-eye');
+        }
+    }
+
+    // Client-side password match validation
+    document.querySelector('form').addEventListener('submit', function(e) {
+        const password = document.getElementById('password').value;
+        const passwordConfirm = document.getElementById('password_confirm').value;
+        
+        if (password !== passwordConfirm) {
+            e.preventDefault();
+            alert('Passwords do not match!');
+        }
+    });
+</script>
+SCRIPT;
+require __DIR__ . '/base-auth.php';
+?>