我找到了密码恢复教程,并尝试将其实现到我当前的页面中。当用户点击更改密码时,他应该输入他的电子邮件并将其链接到他的框中。到目前为止还不错。问题是当用户设置他的新密码时。它没有保存到数据库中。
这是reset.php
if(isset($_POST['submit']))
{
//basic validation
if(strlen($_POST['password']) < 3)
{
$error[] = 'Password is too short.';
}
if(strlen($_POST['passwordConfirm']) < 3)
{
$error[] = 'Confirm password is too short.';
}
if($_POST['password'] != $_POST['passwordConfirm'])
{
$error[] = 'Passwords do not match.';
}
//if no errors have been created carry on
if(!isset($error))
{
try
{
$stmt = $pdo->prepare("UPDATE users SET password = :password, resetComplete = 'Yes' WHERE resetToken = :token");
$stmt->execute(array(
':password' => sha1($password),
':token' => $row['resetToken']
));
//redirect to index page
header('Location: index.php?action=resetAccount');
exit;
//else catch the exception and show the error.
}
catch(PDOException $e)
{
$error[] = $e->getMessage();
}
}
}
表格
<form role="form" method="post" action="" autocomplete="off">
<h2>Change Password</h2>
<hr>
<div class="form-group">
<input type="password" name="password" id="password" class="form-control input-lg" placeholder="Password" tabindex="1">
</div>
</div>
<div class="col-xs-6 col-sm-6 col-md-6">
<div class="form-group">
<input type="password" name="passwordConfirm" id="passwordConfirm" class="form-control input-lg" placeholder="Confirm Password" tabindex="1">
</div>
</div>
</div>
<hr>
<div class="row">
<div class="col-xs-6 col-md-6"><input type="submit" name="submit" value="Change Password" class="btn btn-primary btn-block btn-lg" tabindex="3"></div>
</div>
</form>
仅更新resetComplete = 'Yes'密码不会更改。所以我怀疑这可能是密码部分的内容。
答案 0 :(得分:3)
在sha1($password)中,您尝试将新密码作为简单变量访问。以前您将其作为post变量访问。 $_POST['password']
你应该在sha line之前添加它:
$password = $_POST['password']
或使用这种方式访问它:
sha1($_POST['password'])