提交后重置密码不会更改密码

时间:2017-09-08 10:34:35

标签: php

我正在尝试重置密码,但在我提交新密码后,它会让我重新登录而不更改密码。我认为这是因为它不记得电子邮件和令牌。它向我显示了表单但在点击提交后没有做任何事情。

代码:

<?php

if (isset($_GET['email']) && isset($_GET['token'])) {
include('databaze.php');
$conn = new mysqli($servername, $username, $password, $dbname);
$email = $conn->real_escape_string($_GET['email']);
$token = $conn->real_escape_string($_GET['token']);

  $data = $conn->query("SELECT did FROM tbldoc WHERE email='$email' AND 
  token='$token'");
if ($data->num_rows > 0) {
    include('reset-form.php');
    if (isset($_POST['resetPass'])) {
        $password = $_POST["password"];
        $password_conf = $_POST['password-conf'];
        $email = $_POST["email"];
        $token = $_POST["token"];
        if (empty($password) || empty($password_conf)) {
            echo "<br><br>Fill the form";
        } elseif ($password !== $password_conf) {
            echo "<br><br>Password doesn't match Password Confirmation";
        }
        $password = md5($password);

        $conn->query("UPDATE tbldoc SET hashedpwd='$password', token='' WHERE email='$email'");


    }
} else {

    echo "Please check your link!";

  }
} else {

   header("Location: login.php");
   exit();
 }
?>

形式:

 <form method="post" action="resetpassword.php" class="form-signin">
<h2 class="form-signin-heading">Reset Password</h2>
Password <input type="password" class="form-control" name="password" placeholder="Password">
<br>

Password Confirmation <input type="password" class="form-control" name="password-conf"
                             placeholder="Password Confirmation">
<br>
<input type="hidden" class="form-control" name="email" value="<?php echo $email;?>">
<input type="hidden" class="form-control" name="token" value="<?php echo $token;?>">


<input type="submit" class="btn btn-lg btn-primary btn-block" name="resetPass" value="Reset your Password">

你能帮帮我吗?

5 个答案:

答案 0 :(得分:0)

您的表单是 POST 类型,您期望 GET

isset($_POST['email']) && isset($_POST['token'])

可能吗?

答案 1 :(得分:0)

您的表单操作是post方法,因此您需要将条件检查为

if (isset($_POST['email']) && isset($_POST['token']))

这是完整的代码。您使用某个地点GET和某个地方POST方法,因此它适用于POST方法......

<?php

if (isset($_POST['email']) && isset($_POST['token'])) {
include('databaze.php');
$conn = new mysqli($servername, $username, $password, $dbname);
$email = $conn->real_escape_string($_POST['email']);
$token = $conn->real_escape_string($_POST['token']);

  $data = $conn->query("SELECT did FROM tbldoc WHERE email='$email' AND 
  token='$token'");
if ($data->num_rows > 0) {
    include('reset-form.php');
    if (isset($_POST['resetPass'])) {
        $password = $_POST["password"];
        $password_conf = $_POST['password-conf'];
        $email = $_POST["email"];
        $token = $_POST["token"];
        if (empty($password) || empty($password_conf)) {
            echo "<br><br>Fill the form";
        } elseif ($password !== $password_conf) {
            echo "<br><br>Password doesn't match Password Confirmation";
        }
        $password = md5($password);

        $conn->query("UPDATE tbldoc SET hashedpwd='$password', token='' WHERE email='$email'");


    }
} else {

    echo "Please check your link!";

  }
} else {

   header("Location: login.php");
   exit();
 }
?>

或更改您的表单,如<form method="GET" action="resetpassword.php" class="form-signin">

答案 2 :(得分:0)

可能是因为这行,你的SQL无法搜索电子邮件

$email = $conn->real_escape_string($_GET['email']);

答案 3 :(得分:0)

将此添加到您的表单。它会记住电子邮件和令牌:

<input type="hidden" name="email" value="<?php echo @$email; ?>">
<input type="hidden" name="token" value="<?php echo @$token; ?>">

答案 4 :(得分:0)

您的form方法为POST,您正在检查GET中的数据。所以每次其他部分都会被调用。在代码中更改此行

if (isset($_GET['email']) && isset($_GET['token'])) {

if (isset($_POST['email']) && isset($_POST['token'])) {