Resetting new password, token became empty
Question
I am trying to write the script for resetting password, i have got the putting the token into database, and checking if the token exist in the database, and to the part where i am going to reset the database. But for some reason,it is updating the database where there are no tokens. I am not sure why.... I am very new to coding, hope my code isnt too hard to read and have too much flaws.
<?php
ini_set('display_errors', 1); error_reporting(E_ALL);
session_start();
include 'connect.php';
$token = isset($_GET['token'])?$_GET['token']:"";
echo"$token";
$check=mysqli_query($con,"SELECT email FROM Test WHERE reset = '$token'")or die( mysqli_error($con));
while($row = mysqli_fetch_array($check)){
$email = $row['email'];
}
if (mysqli_num_rows($check)==0)
echo ("Token Doesnt exist");
elseif($_POST) {
//get form data
$password1 = mysqli_real_escape_string($con,$_POST['password1']);
$password = mysqli_real_escape_string($con,$_POST['password']);
if (!$password){
echo "Please fill out all fields";
}
else if ($password1 !== $password)
{
echo "Password don't match";
}
else
{
echo"$email";
echo"token";
//encrypt password
$password = md5($password);
//check if username already taken
mysqli_query($con,"UPDATE Test SET password = '$password'
where email = '$email';") or die(mysqli_error($con));
//register into database
echo "Added";
}
}
else
{
?>
<form action='ResetPassword.php' method='POST'>
Your new password:<br />
<input type='password' name='password1'><p />
Re-enter your new password:<br />
<input type='password' name='password'><p />
<input type='submit' name='Change Password' value='Change Password'>
</form>
<?php
}
?>
1 answers
solution1
0 2014-06-25 06:10:46
try
<?php
ini_set('display_errors', 1); error_reporting(E_ALL);
session_start();
include 'connect.php';
$token = isset($_GET['token']) ? $_GET['token'] : "";
if(!empty($token)) {
$check=mysqli_query($con,"SELECT email FROM Test WHERE reset = '$token'")or die( mysqli_error($con));
if (mysqli_num_rows($check)> 0) {
$row = mysqli_fetch_array($check)
$email = $row['email'];
}
else {
echo 'Email not found with this Token';
}
}
else {
echo 'Token does not exist';
}
if(!empty($email) && isset($_POST['changepass'])) {
$password1 = mysqli_real_escape_string($con,$_POST['password1']);
$password = mysqli_real_escape_string($con,$_POST['password']);
if (!$password){
echo "Please fill out all fields";
}
else if ($password1 !== $password) {
echo "Password don't match";
}
else {
//encrypt password
$password = md5($password);
//check if username already taken
mysqli_query($con,"UPDATE Test SET password = '$password' where email = '$email'") or die(mysqli_error($con));
echo "Added";
}
}
if(!isset($_POST['changepass'])){?>
<form action='ResetPassword.php' method='POST'>
Your new password:<br />
<input type='password' name='password1'><p />
Re-enter your new password:<br />
<input type='password' name='password'><p />
<input type='hidden' name='token' value='<?php if(isset($_GET['token'])) echo $_GET['token'];?>'>
<input type='submit' name='changepass' value='Change Password'>
</form>
<?php }
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.
Related Question
Resetting Password
how to pass bearer token into the URL section for resetting password in laravel-8?
Render new template contain successfully message after resetting password
Add constraint on resetting password
Password not resetting in laravel 5.2
laravel reset password not resetting the password
Resetting Email/Password
how to know when database became empty in php
Error when resetting password with fosuserbundle
PHP data became empty after json_encode
Related Tags