我正在尝试在PHP中执行密码重置请求。它没有为数据库创建令牌。有人能帮我吗?

时间:2019-07-02 01:49:34

标签: php passwords reset

我正在设置密码重置功能。我需要它连接到我的数据库并使用令牌来重置密码。我可以使用电子邮件部分,但是当我尝试更改密码时,提示我需要重做。在我看来,它不是在数据库中创建令牌。我想知道自己做错了什么?

我正在运行PHP7。我尝试查看自己的语法,并观看了有关如何实现的youtube视频。我试图弄清楚为什么它不起作用。我在godaddy服务器上拥有了所有这些。

这是在我的reset-password.inc.php文件中

$userEmail = $_POST["email"];

$sql = "DELETE FROM pwdReset WHERE pwdResetEmail=?";
$stmt = mysqli_stmt_init($conn);
  if (!mysqli_stmt_prepare($stmt, $sql)) {
echo "There was an error!";
exit();
  } else {
    mysqli_stmt_bind_param($stmt, "s", $userEmail);
    mysqli_stmt_execute($stmt);

}
  $sql = "INSERT INTO pwdReset (pwdResetEmail, pwdResetSelector, 
  pwdResetToken, pwdResetExpires) VALUES (?, ?, ?, ?)";
 $stmt = mysqli_stmt_init($conn);
 if (!mysqli_stmt_prepare($stmt, $sql)) {
     echo "There was an error!";
     exit();
} else {
    $hashedToken = password_hash($token, PASSWORD_DEFAULT);
     mysqli_stmt_bind_param($stmt, "ssss", $userEmail, $selector, 
    $hashedtoken, $expires);
     mysqli_stmt_execute($stmt);
 }

  mysqli_stmt_close($stmt);
 mysqli_close($conn);

这是在我的reset-request.inc.php文件中

  $sql = "SELECT * FROM pwdReset WHERE pwdResetSelector=? AND 
  pwdResetExpires >= $currentDate";
$stmt = mysqli_stmt_init($conn);
  if (!mysqli_stmt_prepare($stmt, $sql)) {
    echo "There was an error!";
    exit();
} else {
     mysqli_stmt_bind_param($stmt, "s", $selector);
      mysqli_stmt_execute($stmt);

    $result = mysqli_stmt_get_result($stmt);
    if (!$row = mysqli_fetch_assoc($result)) {
       echo "You need to re-submit your reset request.";
        exit();

    } else {

    $tokenBin = hex2bin($validator);
    $tokenCheck = password_verify($tokenBin, $row["pwdResetToken"]);

    if ($tokenCheck === false) {
        echo "You need to re-submit your reset request.";
        exit();
    } elseif ($tokenCheck === true) {
        $tokenEmail = $row['pwdResetEmail'];

        $sql = "SELECT * FROM users WHERE emailUsers=?;";
        $stmt = mysqli_stmt_init($conn);
        if (!mysqli_stmt_prepare($stmt, $sql)) {
            echo "There was an error!";
            exit();
        } else {
            mysqli_stmt_bin_param($stmt, "s", $tokenEmail);
            mysqli_stmt_execute($stmt);
            $result = mysqli_stmt_get_result($stmt);
            if (!$row = mysqli_fetch_assoc($result)) {
            echo "There was an error!";
             exit();

我希望该功能正常工作,并且不会吐出错误,您需要重新提交重置请求。

0 个答案:

没有答案
相关问题
最新问题