在PHP中:在用户邮件中发送验证链接以获取忘记的密码
[英]In PHP: Sending a verification link in user mail for forgot password
问题描述
I have a task on Registration system in Php.after forgot password I have to send a verification link to user mail so that if user click on that verification link forgot password form will open I am not understanding where I am doing wrong and why my code is not working Can Anyone Point me where I am going wrong. 
我在Php中的注册系统上有一个任务。忘记密码后,我必须将验证链接发送到用户邮件,以便如果用户单击该验证链接,忘记密码表格将打开,我将无法理解我在哪里做错了以及为什么我的代码无法正常工作有人可以指出我要去哪里。 Thanks In Advance 提前致谢
<?php
require_once ( "./connect.php" );
if ( !empty( $_POST['submit'] ) ) {
$passkey = isset($_POST['$passkey']) ? $_POST['$passkey'] : '';
// Passkey that got from link
$passkey = $_POST['passkey'];
$user = "registration";
// Retrieve data from table where row that match this passkey
$sql ="SELECT * FROM `user` WHERE confirm_code ='$passkey'";
$result = $db->query($sql);
// If successfully queried
if( $result ) {
// Count how many row has this passkey
$count = mysql_num_rows( $result );
// if found this passkey in our database, retrieve data from table "temp_members_db"
if ( $count == 1 ) {
$rows = mysql_fetch_array( $result );
$username = $rows['username'];
$email = $rows['email'];
$password = $rows['password'];
$user = "registration";
// Insert data that retrieves from "temp_members_db" into table "registered_members"
$sql = "INSERT INTO $user ( name, email, password )VALUES( '$name', '$email', '$password' )";
$result = $db->query($sql);
}
// if not found passkey, display message "Wrong Confirmation code"
else {
echo "Wrong Confirmation code";
}
// if successfully moved data from table"temp_members_db" to table "registered_members" displays message "Your account has been activated" and don't forget to delete confirmation code from table "temp_members_db"
if ( $result ){
echo "Your account has been activated";
// Delete information of this user from table "temp_members_db" that has this passkey
$sql="DELETE FROM `user` WHERE confirm_code = '$passkey'";
$result = $db->query($sql);
}
}
}
?>
4 个解决方案
解决方案1
2 已采纳
I've made some changes to your code, give it a try. 我对您的代码进行了一些更改,请尝试一下。
<?php
if(isset($_POST['submit'])){
if(!empty($_POST['passkey'])){
//Get the Passkey that got from link
$passkey = $_POST['passkey'];
$user = "registration";
// Retrieve data from table where row that match this passkey
$sql ="SELECT * FROM `user` WHERE confirm_code = $passkey ";
$result = $db->query($sql);
// If successfully queried
if( $result ) {
// Count how many row has this passkey
$count = mysql_num_rows( $result );
// if found this passkey in our database, retrieve data from table "temp_members_db"
if ( $count == 1 ) {
$rows = mysql_fetch_array( $result );
$username = $rows['username'];
$email = $rows['email'];
$password = $rows['password'];
$user = "registration";
// Insert data that retrieves from "temp_members_db" into table "registered_members"
$sql = "INSERT INTO $user ( name, email, password )VALUES( $name, $email, $password )";
$result = $db->query($sql);
}
// if not found passkey, display message "Wrong Confirmation code"
else {
echo "Wrong Confirmation code";
}
// if successfully moved data from table"temp_members_db" to table "registered_members" displays message "Your account has been activated" and don't forget to delete confirmation code from table "temp_members_db"
if($result){
// add inside the massage variable the confirmation code $passkey and your customized message
// change the $from variable with the email address you want use to send the verification mail. This is the address who the user will see
$message = "To activate your account please click on the following link https://yoursite.com/?code=$passkey";
$from = "";
if(mail($email, $message, $from)){
echo "Your account has been activated";
// Delete information of this user from table "temp_members_db" that has this passkey
$sql="DELETE FROM `user` WHERE confirm_code = $passkey";
$result = $db->query($sql);
}
else{
// error
}
}
}
}
}
?>
I've added the PHP built in function mail. 我添加了PHP内置的函数邮件。 Read the doc about for more info on how to use it. 阅读有关的文档,以获取有关如何使用它的更多信息。 You can see the var $from that will hold your mail address and the var $message that will contain the link you want to send. 您会看到包含您的邮件地址的var $ from和包含您要发送的链接的var $ message。 The form variable will be passed as an header of the email that will be sended using the mail() func. form变量将作为将使用mail()函数mail()的电子邮件的标题传递。 Note the if() statement, mail function will return true if success. 注意if()语句,如果成功,邮件函数将返回true。
解决方案2
1 2018-10-26 09:08:36
There are plenty of things to point out here, all of which may contribute to the problem. 这里有很多事情要指出,所有这些都可能导致问题。
First off, the $result variable is being checked multiple times without being reset in between. 首先,将多次检查$ result变量,而不会在两次之间重置。 This means that you may get both the output "Wrong Confirmation code" and "Your account has been activated" from the same form submission (if the first query is successful, but no matching passkey is found in the db). 这意味着您可以从同一表单提交中获得输出“错误的确认代码”和“您的帐户已被激活”(如果第一个查询成功,但是在数据库中找不到匹配的密码)。
This line looks like it probably won't do anything: 这行看起来可能什么也不做:
$passkey = isset($_POST['$passkey']) ? $_POST['$passkey'] : '';
It should probably be: 它可能应该是:
$passkey = isset($_POST['passkey']) ? $_POST['passkey'] : '';
This doesn't matter much though, since $passkey is assigned a new value on the next line of code. 不过,这并不重要,因为$ passkey在下一行代码中分配了一个新值。
Finally, this insert uses the variable $name instead of $username: 最后,此插入使用变量$ name代替$ username:
$sql = "INSERT INTO $user ( name, email, password )VALUES( '$name', '$email', '$password' )";
This is probably what is intended: 这可能是预期的:
$sql = "INSERT INTO $user ( name, email, password )VALUES( '$username', '$email', '$password' )";
解决方案3
1 2018-10-26 09:50:21
I think the problem is with $_POST array. 我认为问题在于$ _POST数组。 usually we send confirmation link in email the confirmation link contains the confirmation code as query string. 通常我们通过电子邮件发送确认链接,确认链接包含确认代码作为查询字符串。 when we click on the link the redirected page get the confirmation code and proceed. 当我们单击链接时,重定向的页面将获得确认代码并继续。
<?php
require_once ( "./connect.php" );
if ( isset($_GET['passkey']) && !empty( $_GET['passkey'] ) ) {
$passkey = $_GET['passkey'];
// Passkey that got from link
$passkey = $_GET['passkey'];
$user = "registration";
// Retrieve data from table where row that match this passkey
$sql ="SELECT * FROM `user` WHERE confirm_code ='$passkey'";
$result = $db->query($sql);
// If successfully queried
if( $result ) {
// Count how many row has this passkey
$count = mysql_num_rows( $result );
// if found this passkey in our database, retrieve data from table "temp_members_db"
if ( $count == 1 ) {
$rows = mysql_fetch_array( $result );
$username = $rows['username'];
$email = $rows['email'];
$password = $rows['password'];
$user = "registration";
// Insert data that retrieves from "temp_members_db" into table "registered_members"
$sql = "INSERT INTO $user ( name, email, password )VALUES( '$name', '$email', '$password' )";
$result = $db->query($sql);
}
// if not found passkey, display message "Wrong Confirmation code"
else {
echo "Wrong Confirmation code";
}
// if successfully moved data from table"temp_members_db" to table "registered_members" displays message "Your account has been activated" and don't forget to delete confirmation code from table "temp_members_db"
if ( $result ){
echo "Your account has been activated";
// Delete information of this user from table "temp_members_db" that has this passkey
$sql="DELETE FROM `user` WHERE confirm_code = '$passkey'";
$result = $db->query($sql);
}
}
}
?>
I hope this will work for you. 希望这对您有用。 I copy your code and made some changes. 我复制了您的代码并进行了一些更改。 :) :)
解决方案4
0 2018-10-26 11:23:23
<?php
require_once ( "./connect.php" );
if (!empty($_POST['submit'])) {
$passkey = isset($_POST['passkey']) ? $_POST['passkey'] : '';
// Passkey that got from link
$passkey = $_POST['passkey'];
$user = "registration";
// Retrieve data from table where row that match this passkey
$sql = "SELECT * FROM `user` WHERE confirm_code ='$passkey'";
$result = $db->query($sql);
// If successfully queried
if ($result) {
// Count how many row has this passkey
$count = mysql_num_rows($result);
// if found this passkey in our database, retrieve data from table "temp_members_db"
if ($count == 1) {
$rows = mysql_fetch_array($result);
$username = $rows['username'];
$email = $rows['email'];
$password = $rows['password'];
$user = "registration";
// Insert data that retrieves from "temp_members_db" into table "registered_members"
$sql = "INSERT INTO $user ( name, email, password )VALUES( '$username', '$email', '$password' )";
$result = $db->query($sql);
}
// if not found passkey, display message "Wrong Confirmation code"
else {
echo "Wrong Confirmation code";
}
// if successfully moved data from table"temp_members_db" to table "registered_members" displays message "Your account has been activated" and don't forget to delete confirmation code from table "temp_members_db"
if ($result) {
echo "Your account has been activated";
// Delete information of this user from table "temp_members_db" that has this passkey
$sql = "DELETE FROM `user` WHERE confirm_code = '$passkey'";
$result = $db->query($sql);
}
}
}
?>
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.