帐户恢复页面无响应

时间:2018-11-30 12:58:30

标签: php html mysql forms function

在此页面上,用户将输入其电子邮件,然后代码将首先检查数据库中是否存在该电子邮件。如果存在电子邮件,则代码应生成一个新密码,并将其发送到用户的电子邮件。另外,数据库表:passwordreset应该插入用户密码重置操作的记录,并更新用户的帐户信息,以便他们可以使用新密码登录。当我输入有效的电子邮件帐户进行检查时,将提交表单,但不会更新用户的信息表或密码重置表。我不确定问题出在哪里。稍微了解一下会有所帮助。

HTML:

<!DOCTYPE html>
<html lang="en">
<head>
  <title>User Account Password Reset</title>
      <!-- Required meta tags -->
    <meta charset="utf-8">
    <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">

    <!-- Bootstrap CSS -->
    <link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min.css" integrity="sha384-MCw98/SFnGE8fJT3GXwEOngsV7Zt27NXFoaoApmYm81iuXoPkFOJwJ8ERdknLPMO" crossorigin="anonymous">
</head>
<body>
<div class="container" style="margin-top: 100px;">
  <div class="row justify-content-center">
    <div class="col-md-6 col-md-offset-3" align="center">
      <div class="border border-primary" style="padding: 80px;">
        <h2>Reset Password</h2><br>
      <form method ="post" action="forgotpassword.php">
        <input class="form-control" id="email" type="email" placeholder="Your email address..."><br>
        <input class="btn btn-primary form-control" type="submit" value="Reset Password"><br>
      </form><br><br>
      <p id="response"></p>
      </div> 
</div>    
</div>  
</div>
</body>
</html>

PHP: resetpassword.php 

<?php 
use PHPMailer\PHPMailer\PHPMailer;
include('functions.php');

if(isset($_POST['submit'])){

  $con = new mysqli('localhost','root','','db_dom');

  $email = $_POST['email'];

  //check if email entered is in DB
  $sql = $con->query("SELECT email FROM usr_t WHERE email='$email'"); 

  if ($sql->num_rows > 0) {

    //Generate new hashed password
    $newPassword = generateRandomString();
    $newPasswordHash = password_hash($newPassword, PASSWORD_BCRYPT);

    require_once "PHPMailer/PHPMailer.php";
    require_once "PHPMailer/Exception.php";

    $mail = new PHPMailer();
    $mail->addAddress($email);
    $mail->setFrom("support@webdominator.com", "Web Dominator");
    $mail->Subject = "User Account Password Recovery";
    $mail->Body = "
        Greetings,<br><br>

        We are pleased to inform you that your password recovery is successful.<br>

        Your new password is: " . $newPassword . "<br>If you didnt not request a recovery of your account password, please go to your account and change tyour password immediately. Thank you!<br><br>

        Kind Regards,<br><br>
        Support.";

    if ($mail->send()) {

      //insert record into account password reset table
      $time = date("Y-m-d H:i:s");
      $sql = "INSERT INTO passwordreset(id, user, time_reset) VALUES ('', '$email', '$time')";
      $con->query($sql);     

      //update user table with new hashed password
      $con->query("UPDATE usr_t SET password = '$newPasswordHash' WHERE email = '$email'");

      echo '<div class="alert alert-success">Please check your email inbox</div>';

    } else {
       echo '<div class="alert alert-danger">Something went wrong! Please try again.</div>';
    }
  } else {
    echo '<div class="alert alert-danger">Sorry! Email not found</div>';
  }
}
?>

functions.php 

function generateRandomString(){
        $str = "QWERTYZXCVASDLKMBJFOPTMSV1234567890";
        $str = str_shuffle($str);
        $str = substr($str, 0, 10);
        return $str;
}

答案: 我不知道问题出在哪里,但我决定尝试使用ajax代码进行提交的另一种尝试,并更改了几行。现在,我的代码可以正常工作了,用户在经过必要的验证后即可以收到电子邮件,即该电子邮件有效吗?这是最终的代码:

forgotpassword.php:

<?php 
use PHPMailer\PHPMailer\PHPMailer;
include('functions.php');

if(isset($_POST['email'])){

  $con = new mysqli('localhost','root','','pd.com');

  $email = $con->real_escape_string($_POST['email']);

  //check if email entered is in DB
  $sql = $con->query("SELECT email FROM usr_t WHERE email='$email'"); 

  if ($sql->num_rows > 0) {

    $newPassword = generateRandomString();
    $newPasswordHash = password_hash($newPassword, PASSWORD_BCRYPT);

    require_once "PHPMailer/PHPMailer.php";
    require_once "PHPMailer/Exception.php";

    $mail = new PHPMailer();
    $mail->addAddress($email);
    $mail->setFrom("support@pd.com", "PD");
    $mail->Subject = "Account Password Recovery";
    $mail->isHTML(true);
    $mail->Body = "
        Greetings,<br><br>

        We are pleased to inform you that your password recovery is successful.<br><br>

        Your new password is: ".$newPassword."<br><br>If you didnt not request a recovery of your account password, please go to your account and change your password immediately. Thank you!<br><br>

        Kind Regards,<br><br>
        Support.";

    if ($mail->send()) {

      //insert record into account password reset table
       $sql = "INSERT INTO `passwordreset` (`id`, `user`, `time_reset`) VALUES (NULL, '$email', current_timestamp())";
       $con->query($sql);     

      //update user table with new hashed password
      $con->query("UPDATE usr_t SET password = '$newPasswordHash' WHERE email = '$email'");

      exit(json_encode(array("status" => 1, "msg" => 'Please check your email inbox!')));

    } else {
      exit(json_encode(array("status" => 0, "msg" => 'Something went wrong!')));
    }

  } else {
    exit(json_encode(array("status" => 0, "msg" => 'Sorry! Email not found!')));
  }
}
?>

HTML页面:

<!DOCTYPE html>
<html lang="en">
<head>
  <title>User Account Password Reset</title>
      <!-- Required meta tags -->
    <meta charset="utf-8">
    <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">

    <!-- Bootstrap CSS -->
    <link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min.css" integrity="sha384-MCw98/SFnGE8fJT3GXwEOngsV7Zt27NXFoaoApmYm81iuXoPkFOJwJ8ERdknLPMO" crossorigin="anonymous">
</head>
<body>

<!-- Reset Password Form -->
<div class="container" style="margin-top: 100px;">
  <div class="row justify-content-center">
    <div class="col-md-6 col-md-offset-3" align="center">

      <div class="border border-primary" style="padding: 80px;">
        <h2>Reset Password</h2><br>
          <label>Enter your email address: </label>
          <input class="form-control" id="email" placeholder="Your Email Address..."><br>
          <input type="button" class="btn btn-primary form-control"  value="Reset Password">
          <br><br>
          <p id="response"></p>
        </div> 

    </div>    
  </div>  
</div>
<script
        src="http://code.jquery.com/jquery-3.3.1.min.js"
        integrity="sha256-FgpCb/KJQlLNfOu91ta32o/NMZxltwRo8QtmkMRdAu8="
        crossorigin="anonymous"></script>
        <script type="text/javascript">
          var email = $("#email");

          $(document).ready(function () {
            $('.btn-primary').on('click', function () {
              if (email.val() != "") {
                email.css('border', '1px solid green');

                $.ajax({
                  url: 'forgotpassword.php',
                  method: 'POST',
                  dataType: 'json',
                  data: {
                    email: email.val()
                  }, success: function (response) {
                    if (!response.success)
                      $("#response").html(response.msg).css('color', "green");
                    else
                      $("#response").html(response.msg).css('color', "red");

                  }
                });

              } else {
                email.css('border', '1px solid red');
              }

            });

          });
        </script>
</body>
</html>

1 个答案:

答案 0 :(得分:-1)

您的插入语句中的字段ID不能为空。我首先要验证id中的passwordreset字段是否设置为自动递增。如果是,则应将id字段保留在查询之外,以使其变为以下内容:

  $sql = "INSERT INTO passwordreset(user, time_reset) VALUES ('$email', '$time')";
相关问题
最新问题