[英]Forgotten Password Logic
What I want to do is figure out how I can see if the new password and the date it was requested (0000-00-00 00:00:00) are set and then sending emails based on that. 我想做的是弄清楚如何确定是否设置了新密码及其要求的日期(0000-00-00 00:00:00),然后根据该密码发送电子邮件。 However I'm thinking I need to change my logic because if its already set I don't want it to keep mass emailing the user.
但是我在想我需要更改逻辑,因为如果已经设置了逻辑,我不希望它继续向用户发送电子邮件。 Also something I'm not certain about is what if they aren't getting the email though.
另外我不确定的是,如果他们没有收到电子邮件,该怎么办。
Any ideas on what I should do? 关于我应该做什么的任何想法?
EDIT: Just wanted to add that the new_password_key is NOT a password for the user to log in with. 编辑:只是想补充一点,new_password_key不是用户登录时使用的密码。 As of right now I was going to have them directed to a page from a link in an email where they can enter a new password.
截至目前,我将使他们从电子邮件中的链接定向到页面,在此他们可以输入新密码。
if (!isset($user_data->new_password_key) && (!isset($user_data->new_password_requested)))
{
if ($this->kow_auth->forgot_password($this->input->post('username')))
{
$this->kow_auth->send_email('forgot_password', 'KOW Manager Forgot Password Email', $user_data);
echo json_encode(array('success' => 'yes', 'message' => 'A temporary password has been emailed to you!'));
}
else
{
}
}
else
{
echo json_encode(array('success' => 'yes', 'message' => 'Check your email for your temporary password!'));
}
EDIT 2: 编辑2:
There just seems to be some logic issues I have with it because what if it gets down to the if statement if ($already_sent_password) and for some reason they didn't get it. 我似乎对此有一些逻辑问题,因为如果它归结为if语句if($ already_sent_password),又由于某种原因,他们没有得到该怎么办。 Then what?
那呢 Or what if itt gets down to if (!strtotime($user_data->new_password_requested) <= (time() - 172800)) which is starting to sounds stupid to me because why make them have to wait two days to get a new password key.
或者如果它变成if(!strtotime($ user_data-> new_password_requested)<=(time()-172800)),那对我来说听起来很愚蠢,因为为什么要让他们不得不等待两天才能获得新密码键。
function forgot_password_submit()
{
$this->form_validation->set_rules('username', 'Username', 'trim|required|xss_clean');
if (!$this->form_validation->run())
{
echo json_encode(array('error' => 'yes', 'message' => 'There was a problem submitting the form! Please refresh the window and try again!'));
return;
}
$user_data = $this->users->get_user_by_username($this->input->post('username'));
if ($user_data === NULL)
{
echo json_encode(array('error' => 'yes', 'message' => 'User does not exist in the database!'));
return;
}
$already_sent_password = (isset($user_data->new_password_key) && isset($user_data->new_password_requested));
if ($already_sent_password)
{
echo json_encode(array('success' => 'yes', 'message' => 'Check your email for your temporary password!'));
return;
}
if (!strtotime($user_data->new_password_requested) <= (time() - 172800))
{
echo json_encode(array('error' => 'yes', 'message' => 'You have to wait 2 days before a new temp password can be emailed!'));
}
else
{
if ($this->kow_auth->forgot_password($this->input->post('username')))
{
$this->kow_auth->send_email('forgot_password', 'KOW Manager Forgot Password Email', $user_data);
echo json_encode(array('error' => 'yes', 'message' => 'A temporary password has been emailed to you'));
}
else
{
echo json_encode(array('error' => 'yes', 'message' => 'A temporary password could not be created for you!'));
}
}
Personally, I wouldn't worry about mass emailing the user. 就个人而言,我不会担心向用户发送电子邮件。 If the user clicks the button 20 times they should expect to receive 20 emails.
如果用户单击按钮20次,则应该会收到20封电子邮件。
However, if you wanted to not re-send an email if the last time they requested the password was under 20 minutes ago you could do the following: 但是,如果您不想在他们上次要求密码少于20分钟前重新发送电子邮件,则可以执行以下操作:
<?php
// Assuming this is in UTC
$requested = strtotime($user_data->new_password_requested);
if (time() - $requested <= (60 * 20))
{
// Don't send the email
return false;
}
return true;
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.