CodeIgniter:在控制器中更改密码

时间:2015-12-03 13:52:15

标签: php html codeigniter

我试图允许用户在我的网站中更改密码。 我被困在控制器里了。我怀疑$sql = $this->db->select("*")->from("logins_table")->where('lt_username',$this->session->userdata('email'))->get();是否有效。

我的控制器:

<?php

class Changepw extends MY_Controller {

    public function Changepwd(){
    }

    public function reset() // we will load models here to check with database
    {
        $sql = $this->db->select("*")->from("logins_table")->where('lt_username',$this->session->userdata('email'))->get();

        foreach ($sql->result() as $my_info) {
            $db_password = $my_info->lt_password;
            $db_id = $my_info->lt_id;
        }

        if($this->input->post('opassword') == $db_password  && ($this->input->post('npassword') != '') && ($this->input->post('cpassword')!='')) { 
                $fixed_pw = mysql_real_escape_string(md5($this->input->post('npassword')));
                $update = $this->db->query("Update 'logins_table' SET 'lt_password'= '$fixed_pw'  WHERE 'id'= '$db_id'")or die(mysql_error());
                //$this->form_validation->set_message('change',"sucess");
    echo json_encode(array("success"=>true));

        }else {
            //$this->form_validation->set_message('change', "err");

            echo json_encode(array("success"=>false));

        }
        exit;
    } 
}

我的观看页面是:

        <table width="95%" border="0" cellspacing="5" cellpadding="5">
        </tbody>
            <tr>
                <td width="35%" class="heading">Email</td>
                <td><input type="text" name="email" ></td>
            <tr>
                <td class="heading">Existing Password</td>
                <td><input type="password" name="opassword" ></td>
            </tr>
            <tr title="Ignore new password if you dont want to change password">
                <td   class="heading">New Password</td>
                <td><input type="password" name="npassword"></td>
            </tr>
            <tr>
                <td  class="heading">Confirm Password</td>
                <td><input type="password" name="cpassword"></td>
            </tr>

            <tr>
                <td>&nbsp;</td>
                <td><button name="Submit" id="forgotBtn" class="customBtn" value="Submit">Save changes</button>
                    </td>
                    <tr>
                <td>&nbsp;</td>
                <td ><div class="errorMsg" id="errMsg" style="display:none"> Error in updating </div></td>
            </tr>
            </tr> 
            </tbody>
            </table>
    </form>



$("#forgotBtn").on('click', function()
{

    $.post( "/changepw/reset",  $("#forgotForm").serialize(), // serializes the form's elements.
        function(data) {
            data = jQuery.parseJSON(data);
            if(data.error == false) {
                $("#successMsg").hide();
            }else{
                $("#errMsg").show();
            }
        } );
    return false;
});

感谢。

1 个答案:

答案 0 :(得分:0)

我认为根据代码,您的错误就在这里。

$this->input->post('opassword') == $db_password// this line

在数据库中存储密码时,您使用了md5(),但这里只是检查错误的纯文本

md5($this->input->post('opassword')) == $db_password

这应该对你有帮助。

相关问题
最新问题