我正在尝试重置密码,但在我提交新密码后,它会让我重新登录而不更改密码。我认为这是因为它不记得电子邮件和令牌。它向我显示了表单但在点击提交后没有做任何事情。
代码:
<?php
if (isset($_GET['email']) && isset($_GET['token'])) {
include('databaze.php');
$conn = new mysqli($servername, $username, $password, $dbname);
$email = $conn->real_escape_string($_GET['email']);
$token = $conn->real_escape_string($_GET['token']);
$data = $conn->query("SELECT did FROM tbldoc WHERE email='$email' AND
token='$token'");
if ($data->num_rows > 0) {
include('reset-form.php');
if (isset($_POST['resetPass'])) {
$password = $_POST["password"];
$password_conf = $_POST['password-conf'];
$email = $_POST["email"];
$token = $_POST["token"];
if (empty($password) || empty($password_conf)) {
echo "<br><br>Fill the form";
} elseif ($password !== $password_conf) {
echo "<br><br>Password doesn't match Password Confirmation";
}
$password = md5($password);
$conn->query("UPDATE tbldoc SET hashedpwd='$password', token='' WHERE email='$email'");
}
} else {
echo "Please check your link!";
}
} else {
header("Location: login.php");
exit();
}
?>
形式:
<form method="post" action="resetpassword.php" class="form-signin">
<h2 class="form-signin-heading">Reset Password</h2>
Password <input type="password" class="form-control" name="password" placeholder="Password">
<br>
Password Confirmation <input type="password" class="form-control" name="password-conf"
placeholder="Password Confirmation">
<br>
<input type="hidden" class="form-control" name="email" value="<?php echo $email;?>">
<input type="hidden" class="form-control" name="token" value="<?php echo $token;?>">
<input type="submit" class="btn btn-lg btn-primary btn-block" name="resetPass" value="Reset your Password">
你能帮帮我吗?
答案 0 :(得分:0)
您的表单是 POST 类型,您期望 GET
isset($_POST['email']) && isset($_POST['token'])
可能吗?
答案 1 :(得分:0)
您的表单操作是post
方法,因此您需要将条件检查为
if (isset($_POST['email']) && isset($_POST['token']))
这是完整的代码。您使用某个地点GET
和某个地方POST
方法,因此它适用于POST
方法......
<?php
if (isset($_POST['email']) && isset($_POST['token'])) {
include('databaze.php');
$conn = new mysqli($servername, $username, $password, $dbname);
$email = $conn->real_escape_string($_POST['email']);
$token = $conn->real_escape_string($_POST['token']);
$data = $conn->query("SELECT did FROM tbldoc WHERE email='$email' AND
token='$token'");
if ($data->num_rows > 0) {
include('reset-form.php');
if (isset($_POST['resetPass'])) {
$password = $_POST["password"];
$password_conf = $_POST['password-conf'];
$email = $_POST["email"];
$token = $_POST["token"];
if (empty($password) || empty($password_conf)) {
echo "<br><br>Fill the form";
} elseif ($password !== $password_conf) {
echo "<br><br>Password doesn't match Password Confirmation";
}
$password = md5($password);
$conn->query("UPDATE tbldoc SET hashedpwd='$password', token='' WHERE email='$email'");
}
} else {
echo "Please check your link!";
}
} else {
header("Location: login.php");
exit();
}
?>
或更改您的表单,如<form method="GET" action="resetpassword.php" class="form-signin">
答案 2 :(得分:0)
可能是因为这行,你的SQL无法搜索电子邮件
$email = $conn->real_escape_string($_GET['email']);
答案 3 :(得分:0)
将此添加到您的表单。它会记住电子邮件和令牌:
<input type="hidden" name="email" value="<?php echo @$email; ?>">
<input type="hidden" name="token" value="<?php echo @$token; ?>">
答案 4 :(得分:0)
您的form
方法为POST
,您正在检查GET
中的数据。所以每次其他部分都会被调用。在代码中更改此行
if (isset($_GET['email']) && isset($_GET['token'])) {
与
if (isset($_POST['email']) && isset($_POST['token'])) {