我正在编码基于令牌的用户密码验证,当用户单击“重置”按钮时,密码验证链接将发送到用户电子邮件帐户,当用户单击该电子邮件中的验证链接时,用户将使用该用户名和密码登录,一切在我的代码中也可以发送我的消息,但是此错误消息也会在我的新窗口页面中生成。我正在本地发送此电子邮件到xampp服务器。
php:
<?php
session_start();
require_once("db.php");
//if user click submit button
if(isset($_POST['submit']))
{
//escape special charater in string first
$email = $conn->real_escape_string($_POST['email']);
// query to check if email already exists or not
$sql = "SELECT email FROM user WHERE email='$email'";
$result = $conn->query($sql);
if($result->num_rows > 0)
{
$newToken = rand(100000000, 999999999);
//encrypt the token
$token = base64_encode(strrev(md5($newToken)));
//$token = $newToken;
//new register token
$sql1 = "UPDATE user SET token='$token',tokenExpire=DATE_ADD(NOW(),INTERVAL 1 HOUR) WHERE email='$email'";
if($conn->query($sql1) === TRUE)
{
//send mail
require '../phpmailer/PHPMailerAutoload.php';
if(!filter_var($email,FILTER_VALIDATE_EMAIL))
{
//SHOW ERROR MESSAGE
}
else
{
$mail = new PHPMailer(true); // Passing `true` enables exceptions
//Server settings
$mail->SMTPDebug = 2; // Enable verbose debug output
$mail->isSMTP(); // Set mailer to use SMTP
$mail->Host = 'smtp.Gmail.com'; // Specify main and backup SMTP servers
$mail->SMTPOptions = array(
'ssl'=>array(
'verify_peer'=>false,
'verify_peer_name'=>false,
'allow_self_signed'=>true
)
);
$mail->SMTPAuth = true; // Enable SMTP authentication
$mail->Username = 'luckynath4@gmail.com'; // SMTP username
$mail->Password = 'secretpassword'; // SMTP password
$mail->SMTPSecure = 'tls'; // Enable TLS encryption, `ssl` also accepted
$mail->Port = 587; // TCP port to connect to
//Recipients
$mail->setFrom("luckynath4@gmail.com","Hiring Top");
$mail->addAddress($email,"User"); // Add a recipient
//Content
$mail->isHTML(true); // Set email format to HTML
$mail->Subject = 'Hiring Top-Password Reset Message';
$mail->Body = '<!DOCTYPE html>
<html>
<head>
<title>Password Reset</title>
</head>
<body>
Hi,<h3>'.$_POST['email'].'</h3>
<p>We recieved a password reset request</p>
<p> In order to reset your password, please click on the link below,</p>
<p>if you did not make this request,you can ignore this mail.</p>
<a href="http://localhost/practise/job_portal_theme/verify1.php?token='.$token.'&email='.$email.'">verify your password</a>
<p>Thanks.</p><br />
<p>message from Hiring Top team.</p>
</body>
</html>';
if( $mail->send())
{
$_SESSION['checkEmail'] = true;
header("Location:forgot_password.php");
exit();
}
else
{
echo 'Mailer error: ' . $mail->ErrorInfo;
}
}
}
else
{
//If data failed to insert then show that error.
echo "Error:" .$sql.$conn->error;
}
}
else
{
//if email not found in database
$_SESSION['emailNotFoundError']=true;
header("Location:forgot_password.php");
exit();
}
$conn->close();
}
else
{
//redirect them back to forgot-password.php page if they didn't click Forgot Password button
header("Location:forgot_password.php");
exit();
}
?>
答案 0 :(得分:1)
发送标题之前无输出
发送/修改HTTP标头的功能必须在任何输出之前被调用。否则,呼叫将失败:
OR
尝试
使用window.location代替header
echo "<script>window.location.assign('forgot_password.php')</script>";
答案 1 :(得分:1)
每次使用此行时,这种情况对我来说都是
header("Location:forgot_password.php");
尝试以下方法:
echo '<script type="text/javascript">window.location = "domain.com/forgot_password.php"</script>';
答案 2 :(得分:0)
发送/修改HTTP标头的功能必须在任何输出之前被调用。否则,呼叫将失败:
警告:无法修改标头信息-标头已发送(输出从file:line开始) 修改HTTP标头的一些功能是:
header / header_remove session_start / session_regenerate_id setcookie / setrawcookie 输出可以是:
无意: 空格前 UTF-8字节顺序标记 先前的错误消息或通知 故意的: 打印,回显和其他产生输出的函数(例如var_dump) 之前的原始区域