"error", "message" => "All fields are required" ]); exit; } $stmt = $conn->prepare( "INSERT INTO contact_messages (name, email, subject, message) VALUES (?, ?, ?, ?)" ); $stmt->bind_param("ssss", $name, $email, $subject, $message); if ($stmt->execute()) { echo json_encode([ "status" => "success", "message" => "Thank you for contacting us! We'll get back to you soon." ]); } else { echo json_encode([ "status" => "error", "message" => "Database error" ]); } $stmt->close(); exit; } //signup process elseif ($action === 'signup') { $name = $_POST['fullname']; $email = $_POST['email']; $password = password_hash($_POST['password'], PASSWORD_DEFAULT); //Check if email already exists $checkEmail = "SELECT id FROM users WHERE email='$email'"; $checkResult = mysqli_query($conn, $checkEmail); if (mysqli_num_rows($checkResult) > 0) { // if Email already registered - BLOCK signup echo ""; exit; } $sql = "INSERT INTO users (name, email, password) VALUES ('$name', '$email', '$password')"; if (mysqli_query($conn, $sql)) { $mail = new PHPMailer(true); try { $mail->isSMTP(); $mail->Host = 'smtp.gmail.com'; $mail->SMTPAuth = true; $mail->Username = 'bhagya.20231820@iit.ac.lk'; $mail->Password = 'wtrg smle xqsz nsmu'; // Gmail App Password $mail->SMTPSecure = 'tls'; $mail->Port = 587; $mail->setFrom('bhagya.20231820@iit.ac.lk', 'DisasterX'); $mail->addAddress($email, $name); $mail->isHTML(true); $mail->Subject = 'Welcome to DisasterX!'; $mail->Body = "Hello {$name},

Thank you for signing up at DisasterX!
We’re excited to have you onboard."; $mail->send(); } catch (Exception $e) { // Email failure should NOT block signup } echo ""; } else { echo ""; } //login process } elseif ($action === 'login') { $email = $_POST['email']; $password = $_POST['password']; $sql = "SELECT * FROM users WHERE email='$email'"; $result = mysqli_query($conn, $sql); if (mysqli_num_rows($result) === 1) { $user = mysqli_fetch_assoc($result); if (password_verify($password, $user['password'])) { echo "Login successful. Welcome " . $user['name']; } else { echo "Invalid password"; } } else { echo "User not found"; } //forgot password process } elseif ($action === 'forgot') { $email = $_POST['email']; $sql = "SELECT * FROM users WHERE email='$email'"; $result = mysqli_query($conn, $sql); if (mysqli_num_rows($result) === 1) { $user = mysqli_fetch_assoc($result); $tempPassword = substr(str_shuffle("abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"), 0, 8); $hashedPassword = password_hash($tempPassword, PASSWORD_DEFAULT); mysqli_query($conn, "UPDATE users SET password='$hashedPassword' WHERE email='$email'"); $mail = new PHPMailer(true); try { //Server settings $mail->isSMTP(); $mail->Host = 'smtp.gmail.com'; // use Gmail SMTP $mail->SMTPAuth = true; $mail->Username = 'bhagya.20231820@iit.ac.lk'; // your Gmail address $mail->Password = 'wtrg smle xqsz nsmu'; // Gmail App Password $mail->SMTPSecure = 'tls'; $mail->Port = 587; //Recipients $mail->setFrom('bhagya.20231820@iit.ac.lk', 'DisasterX'); $mail->addAddress($email, $user['name']); // Content $mail->isHTML(true); $mail->Subject = 'DisasterX Password Reset'; $mail->Body = "Hello {$user['name']},

Your temporary password is: $tempPassword
Please login and change it immediately."; $mail->send(); echo "Password reset email sent! Check your inbox."; } catch (Exception $e) { echo "Failed to send email: {$mail->ErrorInfo}"; } } else { echo "User not found with this email."; } } mysqli_close($conn); ?>