尝试创建基于电子邮件的密码重置功能,但需要对URL进行加密
Change_password.php
<?php
if($_GET){
$email=base64_decode($_GET['email']);
}
else
{
echo "Url has no user";
}
if(isset($_POST['submit'])){
$email=$_POST['email'];
$password=$_POST['password'];
$obj=new commands();
$obj->update_password($email,$password);
}
?>
<form action="" method="post" id="my_form" class="mt-3">
<div class="form-group">
<label class="tags">ENTER NEW PASSWORD</label>
<input type="text" name="email" value="<?php echo $email; ?>">
<input type="password" name="password" id="password" class="form-control" autocomplete="off" placeholder="new password">
</div>
<div class="form-group">
<input type="submit" value ="submit" name="submit" class="btn btn-primary btn-block">
</div>
</form>
forgot_password.php
<?php
if(isset($_POST['submit'])){
$email=$_POST['email'];
$obj=new commands();
$obj->forgot_passowrd($email);
}
?>
<form action="" method="post" id="my_form" class="mt-3">
<div class="form-group">
<label class="tags">EMAIL ADDRESS</label>
<input type="email" name="email" id="email" class="form-control" autocomplete="off" placeholder="name@address.com">
</div>
<div class="form-group">
<input type="submit" value ="submit" name="submit" class="btn btn-primary btn-block">
</div>
</form>
功能
function forgot_passowrd($email){
$to = $email;
$subject = "Forgot Password";
$url= base64_encode('/test/change_password.php?email=$email');
$message = "
<html>
<head>
<title></title>
</head>
<body>
<h1>Hello Change ur password</h1>
<a href='$url';>Change Password</>
</body>
</html>
";
$headers = "MIME-Version: 1.0" . "\r\n";
$headers .= "Content-type:text/html;charset=UTF-8" . "\r\n";
$headers .= 'From: <mymemail@gmail.com>' . "\r\n";
mail($to,$subject,$message,$headers);
header('Location: login.php?msgF=' . urlencode(base64_encode("Check Mail To Reset Password")));
}
function update_password($email,$password){
$sql= $this->con->prepare("UPDATE user SET password=:password where email=:email");
$sql->bindParam(':email', $email);
$sql->bindParam(':password', base64_encode($password));
$sql->execute();
header('location:login.php');
$this->con= null;
header('Location: login.php?msgC=' . urlencode(base64_encode("Password Changes Succesfully")));
}
在这里,我正在使用电子邮件功能向用户发送电子邮件,以重置密码,并在URL中附加$ email。 我想加密该网址,但是在加密该网址后无法访问(很明显),但是还有其他方法可以加密我的网址,因此电子邮件将不会显示该网址,并且更改密码的功能仍然有效。
答案 0 :(得分:0)
如果您想对公众隐藏电子邮件地址,则只能加密电子邮件地址,而不是整个URL。
public function verify(Request $request)
{
if ($request->route('id') != $request->user()->getKey()) {
throw new AuthorizationException;
}
if ($request->user()->hasVerifiedEmail()) {
return redirect($this->redirectPath());
}
// markEmailAsVerified() is updating your database
if ($request->user()->markEmailAsVerified()) {
//here do what ever you want to do.
event(new Verified($request->user()));
}
// simply redirect to login here
return redirect()->route('Login')->with('message','Your email is successfully verified. Please Login Here');
}
然后接收如下的电子邮件地址,
'/test/change_password.php?email='.encrypt($email);
希望对您有帮助。