Question

我是网站设计的新手，我最近创建了一个网站，我想添加一个重置密码功能，它不起作用。

SQL连接位于init.php文件中

<?php
include('core/init.php');
include('includes/overall/header.php');
echo "
<h1>Reset Password</h1>


<div class='Reset' align='center'>
<form action='forgot_pass.php' method'POST'>
Enter your username<br><input type='text' name='username'><p>
<br>
Enter your email<br><input type='email' name='email'><p>
<input type='submit' value='Submit' name='submit'>
</form>
</div>
";

if (isset($_POST['submit']))
{
$username = $_POST['username'];
$email = $_POST['email'];

$query = mysql_query("SELECT * FROM `users` WHERE `username`='$username'");
$numrow = mysql_num_rows($query);

if ($numrow!=0)
{
    while($row = mysql_fetch_assoc($query))
    {
        $db_email = $row['email'];
    }
    if ($email == $db_email)
    {
        $code = rand(10000,1000000);

        $to = $db_email;
        $subject = "Password Reset";
        $body = "

        Automated email. Click the link
        http://random-html-stuff.webege.com/forgot_pass.php?code=$code&username=$username

        ";

        mysql_query("UPDATE users SET passreset='$code' WHERE username='$username'");
        mail($to,$subject,$body);

        echo "Check Email";
    }
    else
    {
        echo "Email not correct";
    }
} else {
    echo "That user does not exist";
    }


}

?>

如果有人能帮助我，我会很高兴

Answer 1

表单中有错误：

<form action='forgot_pass.php' method'POST'>

应该是

<form action='forgot_pass.php' method='POST'>
                                     ^

因为它没有正确阅读方法选项，所以它通过GET提交表单，而您的isset($_POST['submit'])将返回false并且根本不运行您的代码。

最后：正如人们在评论中所说，偏离mysql_*函数，并希望清理进出数据库的数据。

Answer 2

尝试更改查询

$query = mysql_query("SELECT * FROM `users` WHERE `username`='$username'");

到

$query = mysql_query("SELECT * FROM `users` WHERE `username`='$username' and `email`='$email'");

密码重置PHP

2 个答案: