密码重置形式mysql和PHP

时间:2013-02-13 21:26:32

标签: php mysql

有人可以帮我,我的密码重置表格有点乱,我真的很新的PHP和MySQL所以请不要责怪我弄错了。但我真的需要一些帮助。

基本上一切正常,它允许用户输入电子邮件,然后向他们发送新密码。 (我已经附上了发送邮件/密码的代码,因为我不需要帮助。)唯一的问题是它没有检查电子邮件,它没有检查我的数据库中是否存在电子邮件,它让用户输入他们想要的任何电子邮件。但如果他们输入的数据库不在数据库中,我希望它说抱歉,不存在该类型的电子邮件或其他内容。我需要知道如何检查用户输入的电子邮件是否确实存在。

然后要么说发了电子邮件,要么就出现了问题。 

<?php
    $page_title = "Login";
    include('includes/header.php');
    include ('includes/mod_login/login_form2.php'); 

    if(!isset($_GET['err']) || isset($_GET['err'])=='') {
    $_GET['err'] = '0';
    }       
    ?>

    <?   
    $html_form = "<form name=\"forgotpasswordform\" action=\"sendpassword.php\" method=\"post\">
              <table border=\"0\" cellspacing=\"0\" cellpadding=\"3\" width=\"100%\">
                <tr>
                  <td width=\"15%\">Email Address:</td>
                  <td><input name=\"forgotpassword\" type=\"text\" value=\"\" id=\"forgotpassword\" size=\"30\"/></td>
                </tr>
                <tr>
                <td>&nbsp;</td>
                </tr>
                 <tr>
                  <td colspan=\"2\"><input type=\"submit\" name=\"submit\" value=\"Submit\" class=\"mainoption\" /></td>
                </tr>
              </table>
            </form>";


    if ($_GET['err'] == '1') { //error if message is not filled ?>

            <? echo $html_form; ?>

       <?

    } else if ($_GET['err'] == '2') { // error if email is not found

        ?>
            <h1>&nbsp;</h1>
            <p>
            Email Not Found!
            </p>
            <br />
        <?

    } else if ($_GET['err'] == '3') { // EMAIL SENT :D

         ?>
            <h1>&nbsp;</h1>
            <p>
            Thanks! Your new password has been sent.
            </p>
            <br />
        <?

    } else if ($_GET['err'] == '0') { // otherwise print email form 
       ?>


            <? echo $html_form; ?>    


        <? 
    }

    ?>

然后我们链接到sendpassword.php:

<?php

/**
 * ShuttleCMS - A basic CMS coded in PHP.
 * Password Reset - Used for allowing a user to reset password
 * 
 * @author Dan <dan@danbriant.com>
 * @version 0.0.1
 * @package ShuttleCMS
 */
define('IN_SCRIPT', true);
// Start a session
session_start();

//Connect to the MySQL Database
include 'includes/_config/connection.php';


/*
 * Checks form field for email  
 */

if ($_POST['forgotpassword']=='') {
        header('Location: http://localhost/ptb1/recover_password.php?err=1');
}
if(get_magic_quotes_gpc()) {
        $forgotpassword = htmlspecialchars(stripslashes($_POST['forgotpassword']));
} 
else {
        $forgotpassword = htmlspecialchars($_POST['forgotpassword']);

}


/*
 * Checks if the email exists
 */

$sql = "SELECT COUNT(*) FROM ptb_users WHERE email = '$forgotpassword'";
$result = mysql_query($sql)or die('Could not find member: ' . mysql_error());

if (!mysql_result($result,0,0)>0) {
    header('Location: http://localhost/ptb1/recover_password.php?err=2');
}

1 个答案:

答案 0 :(得分:1)

你正在寻找这样的东西:

if(mysql_num_rows($result)) {
    // user found
} else {
    // no user found
}

请记住,您的代码对sql注入是开放的,您不应该使用mysql_扩展名。请改用PDO

相关问题
最新问题