在我的表中,密码是加密形式。 我使用MD5加密密码。如果数据库中存在emailid,我想发送密码。 一切正常......但密码以加密形式通过电子邮件发送给用户。
如何在发送电子邮件并将原始密码发送给用户电子邮件之前对此进行解密。
下面是我的代码..
function forgotpassword() {
$this->layout = "layout_login";
if (!empty($this->request->data)) {
$email = $this->request->data['User']['email'];
if (!empty($email)) {
$user = $this->User->find('first', array(
'conditions' => array(
'User.email' => $this->request->data['User']['email'],
'User.status' => 1
)
));
if(!$user) {
$this->Session->setFlash("No Such E-mail address registerd with us");
} else {
$subject = "Account Password from Kaya Dispatch";
$this->Email->from = 'luckybajpai87@gmail.com';
$to = trim($this->request->data['User']['email']);
$this->Email->sendAs = 'both';
$this->Email->to = $to;
$this->Email->subject = $subject;
$email = $user['User']['email'];
$password = md5($user['User']['password']);
$message = "";
$message .= "Please find the below Email ID and Password of your account: <br/><br/>";
$message .= "<b>Your Email:</b> " .$email. "<br/>";
$message .= "<b>Your Password:</b> " . $password . "<br/>";
$message .= "<br/>Thanks, <br/>Support Team";
if ($this->Email->send($message)) {
$this->Session->setFlash("Password Send Successfully to your email");
} else {
$this->Session->setFlash("Something Went Wrong.Email is not send");
}
}
}
}
}
答案 0 :(得分:0)
如果你想要make方法forgotPassword,你可以分两步完成:
第一步:
通过电子邮件查找用户,如果存在,生成临时令牌,我们通过邮件将其发送给用户,我们也将保存在数据库中
查看:(Users / forgot_password.ctp)
<?= $this -> Form -> create('User') ?>
<?= __('Forgot password'); ?>
<?= $this -> Flash -> render('auth') ?>
<?= $this -> Form -> input('email' , ['type' => 'text','label' => ['text' => __('Email')]]) ?>
<?= $this -> Form -> button(__('Send mail'), ['class' => 'btn btn-lg btn-primary btn-block']) ?>
<?= $this -> Form -> end() ?>
方法:
(用户模型应该有'passwod_digest'字段来保存临时令牌)
public function forgotPassword() {
if($this -> request -> is('post')) {
$user_email = $this -> request -> data['email'];
if(filter_var($user_email, FILTER_VALIDATE_EMAIL)) {
$user = $this -> Users -> findByEmail($user_email) -> first();
if($user){
$token = sha1($user_email . time());
$user['password_digest'] = $token;
$this -> Users -> save($user);
$email = new Email('default');
$path = Router::url('/', true);
$prefix = null;
if(isset($this -> request -> params['prefix'])) {
$prefix = $this -> request->params['prefix'] . DS;
}
$message = __('To regenerate password follow this link: ') . $path . $prefix .'users' . DS . 'resetPassword' . DS . $token;
$email
-> from([yourAppEmail@yourAppEmail.com => yourAppName])
-> to($user_email)
-> subject(__('Reset password'))
-> send($message);
$this -> Flash -> success(__('Please check your email'));
} else{
$this -> Flash -> error(__('This email not extist in our data base.'));
}
} else {
$this -> Flash -> error(__('It´s not email format.'));
}
}
}
像这样收到邮件的用户:
要重新生成密码,请点击以下链接:
HTTP ://www.yourAppUrl.com/users/resetPassword/9bf31c7ff062936a96d3c8bd1f8f2ff3
现在我们迈出第二步创建新密码:
查看:(Users / rest_password.ctp)
<?= $this -> Form -> create(null, ['class'=>'form-register', 'error' => false]) ?>
<?= $this -> Flash -> render('auth') ?>
<?= $this -> Form -> input('password', ['type' => 'password', 'label' => ['text' => __('Password')]]) ?>
<?= $this -> Form -> input('confirm_password' , ['type' => 'password', 'label' => ['text' => __('Confirm Password')]]) ?>
<?= $this -> Form -> button(__('Send'), ['class' => 'btn btn-lg btn-primary btn-block']) ?>
<?= $this -> Form -> end() ?>
方法:
public function resetPassword() {
//Check if param exist and exist user with token pass
if(isset($this -> request -> params['pass'][0]) && $this -> Users -> exists(['password_digest' => $this -> request->params['pass'][0]])) {
if($this -> request -> is('post')) {
//Find user with magical function by find by Password Digest
$user = $this -> Users -> findByPasswordDigest($this -> request -> params['pass'][0]) -> first();
$user = $this -> Users -> patchEntity($user, $this -> request -> data);
$user['password_digest'] = null; //Clean token in data base
if ($this -> Users -> save($user)) {
$this -> Flash -> success(__('The new password has been saved!, please Login now with your new password'));
return $this -> redirect(['action' => 'login']);
} else {
$this -> Flash -> error(__('This is not valid password.'));
}
}
} else {
//No param or not user with this token
$this -> Flash -> error(__('This is not valid token.'));
return $this -> redirect(['controller' => 'Pages', 'action' => 'home']);
}
}
[编辑] 别忘了在没有注册的情况下添加这些方法:
// In AppController.php
public function beforeFilter(Event $event) {
//Autorized acctions without registration
$this -> Auth -> allow(array('forgotPassword', 'resetPassword'));
}
或
//In UsersController.php
public function beforeFilter(Event $event) {
parent::beforeFilter($event);
$this -> Auth -> allow(['forgotPassword', 'resetPassword']);
}