Resetting Password
Question
On my user table I have a column called code. If a user has clicked on the forgotten password link and enters in email and then clicks on submit. It then updates the code on to the database row matching the email .
I have another controller called Forgotten which handles the $code and editCode that works fine.
The problem I am having is I have tried a few times and will not edit/change password. I currently have removed non working code.
I need to be able to check make sure the $code = URI Segment 3 matches the code and email on that database row. And then allows me to update/change password.
Controller Reset
<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
class Reset extends MX_Controller {
public function __construct() {
parent::__construct();
if ($this->user->hasPermissionAccess() == TRUE) {
$this->lang->load('admin/english', 'english');
$this->lang->load('admin/common/reset', 'english');
$this->load->library('settings');
$this->load->library('pagination');
$this->load->library('request');
$this->load->library('response');
$this->load->library('document');
$this->load->library('email');
} else {
redirect('admin/error');
}
}
public function index() {
$this->document->setTitle($this->lang->line('heading_title'));
$data['heading_title'] = $this->lang->line('heading_title');
$data['text_password'] = $this->lang->line('text_password');
$data['entry_password'] = $this->lang->line('entry_password');
$data['entry_confirm'] = $this->lang->line('entry_confirm');
$data['button_save'] = $this->lang->line('button_save');
$data['button_cancel'] = $this->lang->line('button_cancel');
$data['breadcrumbs'] = array();
$data['breadcrumbs'][] = array(
'text' => '<i class="fa fa-home"></i>' .' '. $this->lang->line('text_home'),
'href' => site_url('common/dashboard')
);
$data['breadcrumbs'][] = array(
'text' => $this->lang->line('heading_title'),
'href' => site_url('common/forgotten')
);
if (!empty($this->request->post['password'])) {
$data['password'] = $this->request->post['password'];
} else {
$data['password'] = '';
}
if (!empty($this->request->post['confirm_password'])) {
$data['confirm_password'] = $this->request->post['confirm_password'];
} else {
$data['confirm_password'] = '';
}
$data['action'] = site_url('admin/reset') .'/'. $this->uri->segment(3);
$data['cancel'] = site_url('admin/login');
$this->load->library('form_validation');
$this->form_validation->set_rules('password', 'Password','required|trim|xss_clean|matches[confirm]|min_length[3]|max_length[25]');
$this->form_validation->set_rules('confirm_password', 'Password Confirmation', 'required|trim');
if ($this->form_validation->run() == FALSE) {
return $this->load->view('common/reset', $data);
} else {
$this->load->model('admin/user/users_model');
$code = $this->uri->segment(3);
$user_info = $this->users_model->getUserByCode($code);
if($user_info) {
$this->load->model('admin/user/users_model');
$this->users_model->editUser($user_info['user_id'], $this->request->post, $data);
$this->session->set_flashdata('success', 'You have now updated your Password!');
redirect('admin');
return true;
} else {
$this->session->set_flashdata('error', 'Unable to submit changes. Please try again!');
redirect('admin');
return false;
}
}
}
}
Model
<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
class Users_model extends CI_Model {
public function addUser($data) {
$user_insert = array(
'user_group_id' => "10",
'username' => $data['username'],
'firstname' => $data['firstname'],
'lastname' => $data['lastname'],
'email' => $data['email'],
'password' => $this->hash($data['password']),
'status' => $data['status'],
'date_added' => mdate('%Y-%m-%d %H:%i:%s', now())
);
$this->db->insert_id();
$this->db->insert($this->db->dbprefix . 'user', $user_insert);
}
public function editUser($user_id, $data) {
$data['last_updated'] = mdate('%Y-%m-%d %H:%i:%s', now());
if (isset($data['password']) && $data['password']) {
$data['password'] = $this->hash($data['password']);
} else {
unset($data['password']);
}
$this->db->where('user_id', $user_id)->update('user', $data);
return $user_id;
}
public function getUserByCode($code) {
$query = $this->db->query("SELECT * FROM `" . DB_PREFIX . "user`
WHERE code = '" . $this->db->escape($code) . "' AND code != ''");
return $query->row_array();
}
public function hash($password) {
$this->load->library('PasswordHash', array('iteration_count_log2' => 8, 'portable_hashes' => FALSE));
return $this->passwordhash->HashPassword($password);
}
public function editCode($email, $code) {
$this->db->where('email', $this->request->post['email']);
$this->db->set('code', $code);
$this->db->update($this->db->dbprefix . 'user');
}
}
1 answers
solution1
0
I have been working hard at problem solving last half hour but have figured out why I need to do a couple of edit password separate from edit user and added get by code.
New controller and model methods down below for my resetting password. I still have a separate forgotten controller that handles the reset code
Model
<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
class Users_model extends CI_Model {
public function addUser($data) {
$user_insert = array(
'user_group_id' => "10",
'username' => $data['username'],
'firstname' => $data['firstname'],
'lastname' => $data['lastname'],
'email' => $data['email'],
'password' => $this->hash($data['password']),
'status' => $data['status'],
'date_added' => mdate('%Y-%m-%d %H:%i:%s', now())
);
$this->db->insert_id();
$this->db->insert($this->db->dbprefix . 'user', $user_insert);
}
public function editUser($user_id, $data) {
$data['last_updated'] = mdate('%Y-%m-%d %H:%i:%s', now());
if (isset($data['password']) && $data['password']) {
$data['password'] = $this->hash($data['password']);
} else {
unset($data['password']);
}
$this->db->where('user_id', $user_id)->update('user', $data);
return $user_id;
}
public function editPassword($user_id, $password) {
$data['password'] = $this->request->post['password'];
$this->db->query("UPDATE `" . $this->db->dbprefix . "user`
SET
password = " . $this->db->escape($this->hash($data['password'])) . ",
code = ''
WHERE
user_id = '" . (int)$user_id . "'");
}
public function hash($password) {
$this->load->library('PasswordHash', array('iteration_count_log2' => 8, 'portable_hashes' => FALSE));
return $this->passwordhash->HashPassword($password);
}
public function editCode($email, $code) {
$this->db->where('email', $this->request->post['email']);
$this->db->set('code', $code);
$this->db->update($this->db->dbprefix . 'user');
}
public function deleteUser($user_id) {
$this->db->where('user_id', $user_id);
$this->db->delete($this->db->dbprefix . 'user');
}
public function getUser($user_id) {
$query = $this->db->query("SELECT *, (SELECT ug.name FROM `" . $this->db->dbprefix . "user_group` ug WHERE ug.user_group_id = u.user_group_id) AS user_group FROM `" . $this->db->dbprefix . "user` u WHERE u.user_id = '" . (int)$user_id . "'");
return $query->row_array();
}
public function getUserByUsername($username) {
$query = $this->db->query("SELECT * FROM `" . $this->db->dbprefix . "user` WHERE username = ". $this->db->escape($username) ." ");
return $query->row();
}
public function getUserByCode($code) {
$query = $this->db->query("SELECT * FROM `" . $this->db->dbprefix . "user`
WHERE code = " . $this->db->escape($code) . " AND code != ''");
return $query->row_array();
}
public function getUsers() {
$this->db->select('*');
$this->db->from($this->db->dbprefix . 'user');
$query = $this->db->get();
if ($query->num_rows() > 0) {
return $query->result_array();
return true;
} else {
return false;
}
}
public function getTotalUsers() {
return $this->db->count_all('user');
}
public function getTotalUsersByGroupId($user_group_id) {
$query = $this->db->query("SELECT COUNT(*) AS total FROM `" . $this->db->dbprefix . "user` WHERE user_group_id = '" . (int)$user_group_id . "'");
return $query->row_array('total');
}
public function getTotalUsersByEmail($email) {
$query = $this->db->query("SELECT COUNT(*) AS total FROM `" . $this->db->dbprefix . "user` WHERE LCASE(email) = " . $this->db->escape($email) . " ");
return $query->row_array('total');
}
}
Controller
<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
class Reset extends MX_Controller {
public function __construct() {
parent::__construct();
if ($this->user->hasPermissionAccess() == TRUE) {
$this->lang->load('admin/english', 'english');
$this->lang->load('admin/common/reset', 'english');
$this->load->library('settings');
$this->load->library('pagination');
$this->load->library('request');
$this->load->library('response');
$this->load->library('document');
$this->load->library('email');
} else {
redirect('admin/error');
}
}
public function index() {
$this->document->setTitle($this->lang->line('heading_title'));
$data['heading_title'] = $this->lang->line('heading_title');
$data['text_password'] = $this->lang->line('text_password');
$data['entry_password'] = $this->lang->line('entry_password');
$data['entry_confirm'] = $this->lang->line('entry_confirm');
$data['button_save'] = $this->lang->line('button_save');
$data['button_cancel'] = $this->lang->line('button_cancel');
$data['breadcrumbs'] = array();
$data['breadcrumbs'][] = array(
'text' => '<i class="fa fa-home"></i>' .' '. $this->lang->line('text_home'),
'href' => site_url('common/dashboard')
);
$data['breadcrumbs'][] = array(
'text' => $this->lang->line('heading_title'),
'href' => site_url('common/forgotten')
);
if (isset($this->request->post['password'])) {
$data['password'] = $this->request->post['password'];
} else {
$data['password'] = '';
}
$data['action'] = site_url('admin/reset') .'/'. $this->uri->segment(3);
$data['cancel'] = site_url('admin/login');
$this->load->library('form_validation');
$this->form_validation->set_rules('password', 'Password','required|trim|xss_clean|matches[confirm_password]|min_length[3]|max_length[25]');
$this->form_validation->set_rules('confirm_password', 'Password Confirmation', 'required|trim');
if ($this->form_validation->run() == FALSE) {
return $this->load->view('common/reset', $data);
} else {
$this->load->model('admin/user/users_model');
$code = $this->uri->segment(3);
$user_info = $this->users_model->getUserByCode($code);
if($user_info) {
$this->load->model('admin/user/users_model');
$this->users_model->editPassword($user_info['user_id'], $this->request->post['password']);
$this->session->set_flashdata('success', 'You have now updated your Password!');
redirect('admin');
return true;
} else {
$this->session->set_flashdata('error', 'Unable to submit changes. Please try again!');
redirect('admin');
return false;
}
}
}
}
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.
Related Question
laravel reset password not resetting the password
Resetting Email/Password
Add constraint on resetting password
Password not resetting in laravel 5.2
Error when resetting password with fosuserbundle
Resetting new password, token became empty
Resetting password, login error after database update
Resetting MySQL Root Password with XAMPP on Localhost
How to redirect after resetting password in codeigniter
SQL error on password resetting laravel 5.1
Related Tags