如何使用 PHP Codeigniter 重置密码

【问题标题】:How to reset Password Using PHP Codeigniter如何使用 PHP Codeigniter 重置密码
【发布时间】:2018-10-13 19:05:39
【问题描述】:

正在开发一个密码重置系统,忘记密码的用户可以通过提交用于注册的电子邮件来请求密码重置链接。我成功创建了电子邮件,它发送了链接,我通过单击它来测试链接。该链接通过并加载了重置页面,但我的问题是如何让系统识别点击通过的用户并获取所有详细信息,包括名称、令牌、电子邮件,系统将使用这些详细信息确认用户是请求重置的用户链接。

以下是我到目前为止所做的:

控制器

    public function preset(){
        $data['success']='';
        $data['error']='';
        include_once ('query/user_query.php');

        $this->form_validation->set_rules('email','Email','trim|required|valid_email');
         $this->form_validation->set_error_delimiters("<div class='alert alert-warning'><span type='button' class='close' data-dismiss='alert'>&times</span>","</div>");

    if($this->form_validation->run() == false){

        $this->load->view('passwordrecovery.php', $data);
    }
    else{
        $eMail = $this->input->post('email');
         $this->db->where("email = '$eMail'");
        $this->db->from("useraccount");
        $countResult = $this->db->count_all_results();


        if($countResult >=1){
           // $data['firstName'] = '';
          //  $data['lastName'] = '';
            $this->db->where("email = '$eMail'");
            $getUserData =$this->db->get("useraccount")->result();
             foreach($getUserData as $userD){

             $data['firstName'] = $userD->firstname;
             $data['lastName'] = $userD->lastname;
             }
            $sender_email = 'xxx@gmail.com';
            $user_password = 'xxxxxx';
            $token = substr(str_shuffle("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"), 0, 50);
            $subject = 'Password Reset';
            $message = '';
            $message .= "<h2>You are receiving this message in response to your request for password reset</h2>"
                    . "<p>Follow this link to reset your password <a href='".site_url()."/authenticate/resetpassword/.$token' >Reset Password</a> </p>"
                    . "<p>If You did not make this request kindly ignore!</p>"
                    . "<P class='pj'><h2>Kind Regard: Votemate</h2></p>"
                    . "<style>"
                    . ".pj{"
                    . "color:green;"
                    . "}"
                    . "</style>"
                    . "";
            // Configure email library
 $config['protocol'] = 'smtp';
 $config['smtp_host'] = 'ssl://smtp.googlemail.com';
 $config['smtp_port'] = 465;
 $config['smtp_user'] = $sender_email;
 $config['smtp_pass'] = $user_password;
 $config['mailtype'] = 'html';

 // Load email library and passing configured values to email library
 $this->load->library('email', $config);
 //$this->email->set_newline("rn");
 $this->email->set_mailtype("html");

 // Sender email address
 $this->email->from($sender_email);
 // Receiver email address
 $this->email->to($eMail);
// Subject of email
$this->email->subject($subject);
// Message in email
$this->email->message($message);

if ($this->email->send()) {

$eMail = $this->input->post('email');
$ipadd = $this->input->ip_address();
$insert = array(
  'email' => $eMail,
    'ipaddress' => $ipadd,
    'token' => $token
 );

 $this->db->insert('passwordreset', $insert);
 $mail = $this->session->set_userdata('email');
 $data['success'] = 'Email Successfully Send !';
 $this->load->view('linksent.php', $data);
 } else {
 $data['error'] =  '<p class="error_msg">Invalid Gmail Account or Password ! 
  </p>';
 }
 $this->load->view('passwordrecovery.php', $data);
  }


        if($countResult <= 0){

            //user already registered

            $data['error'] = "<div class='alert alert-warning'> Invalid 
    email address<span type='button' class='close' data- 
    dismiss='alert'>&times</span></div>";

            $this->load->view('passwordrecovery.php',$data);

        }

        }


         }

查看

     <div>
                <h1>Password Recovery</h1>
                <h3>Enter your email to receive the password reset link in 
       your Inbox</h3>
                <br/>

                <?php echo form_open('authenticate/preset');?>
                <?php echo $error;?>
                <div class="form-group">
                    <input type="text" name="email" required="required">

                </div>
                <div class="form-group">
                    <input type="submit" value="Send" class="btn-success 
      btn" >
                </div>
                <?php echo form_close()?>
     <br/><br/><br/>


            </div>

数据库:以下是我存储信息的数据库:

   CREATE TABLE `passwordreset` (
   `resetid` int(11) NOT NULL,
   `email` varchar(150) NOT NULL,
   `ipaddress` varchar(25) NOT NULL,
   `token` varchar(512) NOT NULL
  ) ENGINE

我需要的帮助是如何获取从其电子邮件中单击链接的用户的详细信息(姓名、电子邮件、令牌),并使用它来验证并使用它来更新他的密码。谢谢

【问题讨论】:

    标签: codeigniter email password-recovery


    【解决方案1】:

    您必须创建一个数据库表来存储令牌。在发送电子邮件之前,您必须生成唯一令牌并将其添加到单独的表中。密码重置链接必须包含编码的令牌和用户 ID。单击密码重置链接后,您必须检查链接中的编码令牌和用户ID是否与数据库中的条目匹配?如果是,则显示更改密码页面,如果不是,则必须显示消息“链接已过期”或其他信息。

    这是我项目中的代码提示。

    $act_code = md5(rand(0,1000).'uniquefrasehere');
$activate['UserID']  $USERID;
$activate['TokenNumber'] = $act_code;
$activate['UserEmail'] = $email;
$activate['TokenTime'] = time();
$str_tmp = $this->db->insert_string('forgetpasswordtoken', $activate);
$query_tmp = $this->db->query($str_tmp);

    点击链接后,您必须使用以下代码进行检查:

    $record = $this->user_model->checkforgot($uid[0], base64_decode($uid[1]));
if($record == true){
    $data['uid'] = $uid[1];
}
else
{
    $msg = "You have already changed your password or your link was expired.!";
}

    checkforgotpassword 函数的作用是什么?如下:

    function checkforgot($token, $id)
{
    $qry = $this->db->query("SELECT * FROM forgetpasswordtoken WHERE TokenNumber = '".$token."' AND UserID = $id");
    $num_row = $qry->num_rows();
    if($num_row!=0)
    {
        $del = $this->db->delete('forgetpasswordtoken', array('TokenNumber' => $token, 'UserID' => $id)); 
        return true;
    }
    else
    {
        return false;
    }
}

    您可以进一步添加链接过期前几个小时的时间限制。 在您的项目中添加此内容后告诉我。

    谢谢,

    【讨论】:

    • 感谢您的支持。我已经有一个存储详细信息的数据库表。单击链接后,我将如何获取要与数据库中的数据进行比较的数据?我希望你的照片是对的?
    【解决方案2】:

    当用户单击验证链接并签入控制器方法时,在 url 或隐藏字段中传递用户电子邮件或令牌。

    <a href="<?=site_url('user_verification?user_email=' . $user_email . '&user_code=' .  $user_code);?> Click To Verifiy Email </a>

    user_verification 控制器

    public function user_verification_get()
{
   $user_email = $this->input->get('user_email');
   $user_code = $this->input->get('user_code');

   $data=$this->admin_model->user_verification($user_email,$user_code);

   if($data)
    {
        $data['message'] = 'Success.';
    }
    else
    {
        $data['message'] = 'Not Valid User.';
    }
    $this->load->template('verify', $data);
}

    型号

    public function user_verification($user_email,$user_code){

    $this->db->select('user_email');
    $this->db->where('user_email',$user_email);
    $this->db->where('user_code',$user_code);
    $query = $this->db->get('users');

    if($query->row_array() > 0)
    {
        $data['user_isactive'] = true;

        $this->db->where('user_email',$user_email);
        $this->db->update('users',$data);
        return $query->row_array();
    }
    return false;
}

    【讨论】:

    • 当您调用查看时传递 user_email 和代码或令牌。
    • 你的贡献真的激励了我。后来我想通了。我添加了 $token 作为函数的参数,通过该函数可以获取令牌的值,用于在密码重置之前检查数据库令牌是否正确 public function resetpassword($token)
    • 我对你的答案投了赞成票,但我不知道如何接受你能给我的答案。
    猜你喜欢
    • 1970-01-01
    • 2018-08-05
    • 2017-12-30
    • 1970-01-01
    • 1970-01-01
    • 1970-01-01
    • 1970-01-01
    • 2020-10-25
    • 2021-08-16
    相关资源
    最近更新 更多
    热门标签
    Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode