在我的用户表上,我有一个名为code的列。如果用户点击了忘记的密码链接并输入了电子邮件,然后点击提交。然后将代码更新到与电子邮件匹配的数据库行。
我有另一个名为Forgotten的控制器,它处理$code和editCode工作正常。
我遇到的问题是我尝试了几次,不会编辑/更改密码。我目前删除了非工作代码。
我需要能够检查确保$code = URI Segment 3与该数据库行上的code和email匹配。然后允许我更新/更改密码。
控制器重置
<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
class Reset extends MX_Controller {
public function __construct() {
parent::__construct();
if ($this->user->hasPermissionAccess() == TRUE) {
$this->lang->load('admin/english', 'english');
$this->lang->load('admin/common/reset', 'english');
$this->load->library('settings');
$this->load->library('pagination');
$this->load->library('request');
$this->load->library('response');
$this->load->library('document');
$this->load->library('email');
} else {
redirect('admin/error');
}
}
public function index() {
$this->document->setTitle($this->lang->line('heading_title'));
$data['heading_title'] = $this->lang->line('heading_title');
$data['text_password'] = $this->lang->line('text_password');
$data['entry_password'] = $this->lang->line('entry_password');
$data['entry_confirm'] = $this->lang->line('entry_confirm');
$data['button_save'] = $this->lang->line('button_save');
$data['button_cancel'] = $this->lang->line('button_cancel');
$data['breadcrumbs'] = array();
$data['breadcrumbs'][] = array(
'text' => '<i class="fa fa-home"></i>' .' '. $this->lang->line('text_home'),
'href' => site_url('common/dashboard')
);
$data['breadcrumbs'][] = array(
'text' => $this->lang->line('heading_title'),
'href' => site_url('common/forgotten')
);
if (!empty($this->request->post['password'])) {
$data['password'] = $this->request->post['password'];
} else {
$data['password'] = '';
}
if (!empty($this->request->post['confirm_password'])) {
$data['confirm_password'] = $this->request->post['confirm_password'];
} else {
$data['confirm_password'] = '';
}
$data['action'] = site_url('admin/reset') .'/'. $this->uri->segment(3);
$data['cancel'] = site_url('admin/login');
$this->load->library('form_validation');
$this->form_validation->set_rules('password', 'Password','required|trim|xss_clean|matches[confirm]|min_length[3]|max_length[25]');
$this->form_validation->set_rules('confirm_password', 'Password Confirmation', 'required|trim');
if ($this->form_validation->run() == FALSE) {
return $this->load->view('common/reset', $data);
} else {
$this->load->model('admin/user/users_model');
$code = $this->uri->segment(3);
$user_info = $this->users_model->getUserByCode($code);
if($user_info) {
$this->load->model('admin/user/users_model');
$this->users_model->editUser($user_info['user_id'], $this->request->post, $data);
$this->session->set_flashdata('success', 'You have now updated your Password!');
redirect('admin');
return true;
} else {
$this->session->set_flashdata('error', 'Unable to submit changes. Please try again!');
redirect('admin');
return false;
}
}
}
}
模型
<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
class Users_model extends CI_Model {
public function addUser($data) {
$user_insert = array(
'user_group_id' => "10",
'username' => $data['username'],
'firstname' => $data['firstname'],
'lastname' => $data['lastname'],
'email' => $data['email'],
'password' => $this->hash($data['password']),
'status' => $data['status'],
'date_added' => mdate('%Y-%m-%d %H:%i:%s', now())
);
$this->db->insert_id();
$this->db->insert($this->db->dbprefix . 'user', $user_insert);
}
public function editUser($user_id, $data) {
$data['last_updated'] = mdate('%Y-%m-%d %H:%i:%s', now());
if (isset($data['password']) && $data['password']) {
$data['password'] = $this->hash($data['password']);
} else {
unset($data['password']);
}
$this->db->where('user_id', $user_id)->update('user', $data);
return $user_id;
}
public function getUserByCode($code) {
$query = $this->db->query("SELECT * FROM `" . DB_PREFIX . "user`
WHERE code = '" . $this->db->escape($code) . "' AND code != ''");
return $query->row_array();
}
public function hash($password) {
$this->load->library('PasswordHash', array('iteration_count_log2' => 8, 'portable_hashes' => FALSE));
return $this->passwordhash->HashPassword($password);
}
public function editCode($email, $code) {
$this->db->where('email', $this->request->post['email']);
$this->db->set('code', $code);
$this->db->update($this->db->dbprefix . 'user');
}
}
答案 0 :(得分:0)
我过去半小时一直在努力解决问题,但已经弄明白为什么我需要与编辑用户分开编辑一些密码并添加代码获取。
我的重置密码下面的新控制器和模型方法。我还有一个独立的忘记控制器来处理重置代码
模型
<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
class Users_model extends CI_Model {
public function addUser($data) {
$user_insert = array(
'user_group_id' => "10",
'username' => $data['username'],
'firstname' => $data['firstname'],
'lastname' => $data['lastname'],
'email' => $data['email'],
'password' => $this->hash($data['password']),
'status' => $data['status'],
'date_added' => mdate('%Y-%m-%d %H:%i:%s', now())
);
$this->db->insert_id();
$this->db->insert($this->db->dbprefix . 'user', $user_insert);
}
public function editUser($user_id, $data) {
$data['last_updated'] = mdate('%Y-%m-%d %H:%i:%s', now());
if (isset($data['password']) && $data['password']) {
$data['password'] = $this->hash($data['password']);
} else {
unset($data['password']);
}
$this->db->where('user_id', $user_id)->update('user', $data);
return $user_id;
}
public function editPassword($user_id, $password) {
$data['password'] = $this->request->post['password'];
$this->db->query("UPDATE `" . $this->db->dbprefix . "user`
SET
password = " . $this->db->escape($this->hash($data['password'])) . ",
code = ''
WHERE
user_id = '" . (int)$user_id . "'");
}
public function hash($password) {
$this->load->library('PasswordHash', array('iteration_count_log2' => 8, 'portable_hashes' => FALSE));
return $this->passwordhash->HashPassword($password);
}
public function editCode($email, $code) {
$this->db->where('email', $this->request->post['email']);
$this->db->set('code', $code);
$this->db->update($this->db->dbprefix . 'user');
}
public function deleteUser($user_id) {
$this->db->where('user_id', $user_id);
$this->db->delete($this->db->dbprefix . 'user');
}
public function getUser($user_id) {
$query = $this->db->query("SELECT *, (SELECT ug.name FROM `" . $this->db->dbprefix . "user_group` ug WHERE ug.user_group_id = u.user_group_id) AS user_group FROM `" . $this->db->dbprefix . "user` u WHERE u.user_id = '" . (int)$user_id . "'");
return $query->row_array();
}
public function getUserByUsername($username) {
$query = $this->db->query("SELECT * FROM `" . $this->db->dbprefix . "user` WHERE username = ". $this->db->escape($username) ." ");
return $query->row();
}
public function getUserByCode($code) {
$query = $this->db->query("SELECT * FROM `" . $this->db->dbprefix . "user`
WHERE code = " . $this->db->escape($code) . " AND code != ''");
return $query->row_array();
}
public function getUsers() {
$this->db->select('*');
$this->db->from($this->db->dbprefix . 'user');
$query = $this->db->get();
if ($query->num_rows() > 0) {
return $query->result_array();
return true;
} else {
return false;
}
}
public function getTotalUsers() {
return $this->db->count_all('user');
}
public function getTotalUsersByGroupId($user_group_id) {
$query = $this->db->query("SELECT COUNT(*) AS total FROM `" . $this->db->dbprefix . "user` WHERE user_group_id = '" . (int)$user_group_id . "'");
return $query->row_array('total');
}
public function getTotalUsersByEmail($email) {
$query = $this->db->query("SELECT COUNT(*) AS total FROM `" . $this->db->dbprefix . "user` WHERE LCASE(email) = " . $this->db->escape($email) . " ");
return $query->row_array('total');
}
}
控制器
<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
class Reset extends MX_Controller {
public function __construct() {
parent::__construct();
if ($this->user->hasPermissionAccess() == TRUE) {
$this->lang->load('admin/english', 'english');
$this->lang->load('admin/common/reset', 'english');
$this->load->library('settings');
$this->load->library('pagination');
$this->load->library('request');
$this->load->library('response');
$this->load->library('document');
$this->load->library('email');
} else {
redirect('admin/error');
}
}
public function index() {
$this->document->setTitle($this->lang->line('heading_title'));
$data['heading_title'] = $this->lang->line('heading_title');
$data['text_password'] = $this->lang->line('text_password');
$data['entry_password'] = $this->lang->line('entry_password');
$data['entry_confirm'] = $this->lang->line('entry_confirm');
$data['button_save'] = $this->lang->line('button_save');
$data['button_cancel'] = $this->lang->line('button_cancel');
$data['breadcrumbs'] = array();
$data['breadcrumbs'][] = array(
'text' => '<i class="fa fa-home"></i>' .' '. $this->lang->line('text_home'),
'href' => site_url('common/dashboard')
);
$data['breadcrumbs'][] = array(
'text' => $this->lang->line('heading_title'),
'href' => site_url('common/forgotten')
);
if (isset($this->request->post['password'])) {
$data['password'] = $this->request->post['password'];
} else {
$data['password'] = '';
}
$data['action'] = site_url('admin/reset') .'/'. $this->uri->segment(3);
$data['cancel'] = site_url('admin/login');
$this->load->library('form_validation');
$this->form_validation->set_rules('password', 'Password','required|trim|xss_clean|matches[confirm_password]|min_length[3]|max_length[25]');
$this->form_validation->set_rules('confirm_password', 'Password Confirmation', 'required|trim');
if ($this->form_validation->run() == FALSE) {
return $this->load->view('common/reset', $data);
} else {
$this->load->model('admin/user/users_model');
$code = $this->uri->segment(3);
$user_info = $this->users_model->getUserByCode($code);
if($user_info) {
$this->load->model('admin/user/users_model');
$this->users_model->editPassword($user_info['user_id'], $this->request->post['password']);
$this->session->set_flashdata('success', 'You have now updated your Password!');
redirect('admin');
return true;
} else {
$this->session->set_flashdata('error', 'Unable to submit changes. Please try again!');
redirect('admin');
return false;
}
}
}
}