重置新密码,token变空 [英] Resetting new password, token became empty
本文介绍了重置新密码,token变空的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我正在尝试编写用于重置密码的脚本,我已将令牌放入数据库,并检查数据库中是否存在令牌,以及我将要重置数据库的部分.但出于某种原因,它正在更新没有令牌的数据库.我不知道为什么......我对编码很陌生,希望我的代码不会太难阅读并且有太多缺陷.
I am trying to write the script for resetting password, i have got the putting the token into database, and checking if the token exist in the database, and to the part where i am going to reset the database. But for some reason,it is updating the database where there are no tokens. I am not sure why.... I am very new to coding, hope my code isnt too hard to read and have too much flaws.
<?php
ini_set('display_errors', 1); error_reporting(E_ALL);
session_start();
include 'connect.php';
$token = isset($_GET['token'])?$_GET['token']:"";
echo"$token";
$check=mysqli_query($con,"SELECT email FROM Test WHERE reset = '$token'")or die( mysqli_error($con));
while($row = mysqli_fetch_array($check)){
$email = $row['email'];
}
if (mysqli_num_rows($check)==0)
echo ("Token Doesnt exist");
elseif($_POST) {
//get form data
$password1 = mysqli_real_escape_string($con,$_POST['password1']);
$password = mysqli_real_escape_string($con,$_POST['password']);
if (!$password){
echo "Please fill out all fields";
}
else if ($password1 !== $password)
{
echo "Password don't match";
}
else
{
echo"$email";
echo"token";
//encrypt password
$password = md5($password);
//check if username already taken
mysqli_query($con,"UPDATE Test SET password = '$password'
where email = '$email';") or die(mysqli_error($con));
//register into database
echo "Added";
}
}
else
{
?>
<form action='ResetPassword.php' method='POST'>
Your new password:<br />
<input type='password' name='password1'><p />
Re-enter your new password:<br />
<input type='password' name='password'><p />
<input type='submit' name='Change Password' value='Change Password'>
</form>
<?php
}
?>
推荐答案
try
<?php
ini_set('display_errors', 1); error_reporting(E_ALL);
session_start();
include 'connect.php';
$token = isset($_GET['token']) ? $_GET['token'] : "";
if(!empty($token)) {
$check=mysqli_query($con,"SELECT email FROM Test WHERE reset = '$token'")or die( mysqli_error($con));
if (mysqli_num_rows($check)> 0) {
$row = mysqli_fetch_array($check)
$email = $row['email'];
}
else {
echo 'Email not found with this Token';
}
}
else {
echo 'Token does not exist';
}
if(!empty($email) && isset($_POST['changepass'])) {
$password1 = mysqli_real_escape_string($con,$_POST['password1']);
$password = mysqli_real_escape_string($con,$_POST['password']);
if (!$password){
echo "Please fill out all fields";
}
else if ($password1 !== $password) {
echo "Password don't match";
}
else {
//encrypt password
$password = md5($password);
//check if username already taken
mysqli_query($con,"UPDATE Test SET password = '$password' where email = '$email'") or die(mysqli_error($con));
echo "Added";
}
}
if(!isset($_POST['changepass'])){?>
<form action='ResetPassword.php' method='POST'>
Your new password:<br />
<input type='password' name='password1'><p />
Re-enter your new password:<br />
<input type='password' name='password'><p />
<input type='hidden' name='token' value='<?php if(isset($_GET['token'])) echo $_GET['token'];?>'>
<input type='submit' name='changepass' value='Change Password'>
</form>
<?php }
这篇关于重置新密码,token变空的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
