提交表单时如何获取从另一个页面传递的变量

时间:2019-09-03 05:31:52

标签: php

我正在使用核心reset中的密码php

我正在将code的变量从reset.php发送到resetPassword.php页面,如下所示:

reset.php 

$code = uniqid(true);
$url = "http://".$_SERVER['HTTP_HOST'].dirname($_SERVER['PHP_SELF'])."/resetPassword.php?code=$code"

resetPassword.php 

global $code;
if(!isset($_GET['code'])){

    echo "There is No Code there !!!";
}

if(isset($_GET['code'])){
    $code = $_GET['code'];
    echo "The code is set at first , just at visit of the page ".$code;
}

// make sure there is row in the table that matches that passed code 
$findEmail = mysqli_query($link,"SELECT `email` from resetpasswords WHERE `code` = '$code' ");


if(mysqli_num_rows($findEmail)==0){    // if no row found

    echo "<h2 class = 'text text-center'>No Record regarding this email !</h2>";
    exit();
}



  // when form submits

    if(isset($_POST['reset'])){

    $password = md5($_POST['password']);
    $confirm  = md5($_POST['confirm']);
    if($password!=$confirm){
        echo "Password Don't matches !";
        exit();
    }
    $row = mysqli_fetch_array($findEmail);
    $email = $_POST['email'];

    $updatePass = mysqli_query($link,"UPDATE `user` SET user_password = '$confirm' where email = '$email'");
    if($updatePass){
        $query = mysqli_query($link,"DELETE FROM resetpasswords where code = '$code' ");
        exit('Password Updated, Please Login with the New Password');
    }
    else{
        exit('Something went wrong');
    }


}

在同一页resetPassword.php上,我有以下代码:

  <form action="resetPassword.php" method="POST">
               <div class="form-group">
                    <label for="password2">Password:</label>
                    <input type="password" class="form-control" name="password" id="password2" onkeyup="checkPass();">
                </div>
                <div class="form-group">
                    <label for="confirm2">Confirm Password:</label>
                    <input type="password" class="form-control" name="confirm" id="confirm2" onkeyup="checkPass();">
                    <span id="confirm-message2" class="confirm-message"></span>
                </div>
                <input type="hidden" value="<?php echo $code;?>">   
                <input type="submit" name="reset" value="Update Password" class="btn btn-success">  
        </form>

问题:

问题是,当我提交表单时,它会一直到达页面顶部,并从顶部开始执行resetPassword.php页面,这是因为resetPassowrd.php页面无法get那个$code变量。

由于我提交表单时,(!isset($_GET['code']))顶部的条件resetPassword.php成立,它为我提供了:  There is No Code there !!!

提交表格时,我想拥有$code

我尝试过的事情:

我尝试使用值为hidden的{​​{1}}字段,但是没有用。

请帮助我谢谢

2 个答案:

答案 0 :(得分:0)

请考虑以下几点

1)使用准备好的语句和参数化查询。

2)使用password_hash()password_verify()来保护密码。

3)在resetPassword.php页中,如果您使用action="resetPassword.php"提交表单,这将重定向到resetPassword.php。因此,用

替换您的操作 
$full_url = (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on' ? "https" : "http") . "://{$_SERVER['HTTP_HOST']}{$_SERVER['REQUEST_URI']}";

<form action="<?php echo $full_url ?>" method="POST">

答案 1 :(得分:0)

您在隐藏字段中缺少名称属性,因此无法找到$ code的值。

代替

<input type="hidden" value="<?php echo $code;?>">

尝试

 <input type="hidden" value="<?php echo $code;?>" name="code" />
相关问题
最新问题