Forgot Password In Codeigniter, using token
Question
My goal is to implement forgot password feature in codeigniter. But, when I try to apply this in my project, I found some error, and I don't know how to fix it.
The error is when I click in my token code:
Source code Modal:
<?php
defined('BASEPATH') OR exit('No direct script access allowed');
class M_Account extends CI_Model{
function daftar($data) {
$this->db->insert('admin',$data);
}
//Start: method tambahan untuk reset code
public function getUserInfo($id)
{
$q = $this->db->get_where('admin', array('id_admin' => $id), 1);
if($this->db->affected_rows() > 0){
$row = $q->row();
return $row;
}else{
error_log('no user found getUserInfo('.$id.')');
return false;
}
}
public function getUserInfoByEmail($email){
$q = $this->db->get_where('admin', array('email' => $email), 1);
if($this->db->affected_rows() > 0){
$row = $q->row();
return $row;
}
}
public function insertToken($user_id)
{
$token = substr(sha1(rand()), 0, 30);
$date = date('Y-m-d');
$string = array(
'token'=> $token,
'user_id'=>$user_id,
'created'=>$date
);
$query = $this->db->insert_string('tokens',$string);
$this->db->query($query);
return $token . $user_id;
}
public function isTokenValid($token)
{
$tkn = substr($token,0,30);
$uid = substr($token,30);
$q = $this->db->get_where('tokens', array(
'tokens.token' => $tkn,
'tokens.user_id' => $uid), 1);
if($this->db->affected_rows() > 0){
$row = $q->row();
$created = $row->created;
$createdTS = strtotime($created);
$today = date('Y-m-d');
$todayTS = strtotime($today);
if($createdTS != $todayTS){
return false;
}
$user_info = $this->getUserInfo($row->user_id);
return $user_info;
}else{
return false;
}
}
public function updatePassword($post)
{
$this->db->where('id_admin', $post['id_admin']);
$this->db->update('admin', array('password' => $post['password']));
return true;
}
//End: method tambahan untuk reset code
}
Source code controller:
<?php
defined('BASEPATH') OR exit('No direct script access allowed');
class Lupa_password extends CI_Controller {
function __construct(){
parent::__construct();
$this->load->model('M_Account');
}
public function index()
{
$this->form_validation->set_rules('email', 'Email', 'required|valid_email');
if($this->form_validation->run() == FALSE) {
$data['title'] = 'Halaman Reset Password | Tutorial reset password CodeIgniter @ https://recodeku.blogspot.com';
$this->load->view('admin/lupa_password',$data);
}else{
$email = $this->input->post('email');
$clean = $this->security->xss_clean($email);
$userInfo = $this->M_Account->getUserInfoByEmail($clean);
if(!$userInfo){
$this->session->set_flashdata('sukses', 'email address salah, silakan coba lagi.');
redirect(site_url('admin/loginadmin'),'refresh');
}
//build token
$token = $this->M_Account->insertToken($userInfo->id_admin);
$qstring = $this->base64url_encode($token);
$url = site_url() . 'admin/lupa_password/reset_password/token/' . $qstring;
$link = '<a href="' . $url . '">' . $url . '</a>';
$message = '';
$message .= '<strong>Hai, anda menerima email ini karena ada permintaan untuk memperbaharui
password anda.</strong><br>';
$message .= '<strong>Silakan klik link ini:</strong> ' . $link;
echo $message; //send this through mail
exit;
}
}
public function reset_password()
{
$token = $this->base64url_decode($this->uri->segment(4));
$cleanToken = $this->security->xss_clean($token);
$user_info = $this->M_Account->isTokenValid($cleanToken); //either false or array();
if(!$user_info){
$this->session->set_flashdata('sukses', 'Token tidak valid atau kadaluarsa');
redirect(site_url('login'),'refresh');
}
$data = array(
'title'=> 'Halaman Reset Password | Tutorial reset password CodeIgniter @ https://recodeku.blogspot.com',
'nama'=> $user_info->nama,
'email'=>$user_info->email,
'token'=>$this->base64url_encode($token)
);
$this->form_validation->set_rules('password', 'Password', 'required|min_length[5]');
$this->form_validation->set_rules('passconf', 'Password Confirmation', 'required|matches[password]');
if ($this->form_validation->run() == FALSE) {
$this->load->view('admin/reset_password', $data);
}else{
$post = $this->input->post(NULL, TRUE);
$cleanPost = $this->security->xss_clean($post);
$hashed = md5($cleanPost['password']);
$cleanPost['password'] = $hashed;
$cleanPost['id_admin'] = $user_info->id_admin;
unset($cleanPost['passconf']);
if(!$this->M_Account->updatePassword($cleanPost)){
$this->session->set_flashdata('sukses', 'Update password gagal.');
}else{
$this->session->set_flashdata('sukses', 'Password anda sudah
diperbaharui. Silakan login.');
}
redirect(site_url('admin/loginadmin'),'refresh');
}
}
public function base64url_encode($data) {
return rtrim(strtr(base64_encode($data), '+/', '-_'), '=');
}
public function base64url_decode($data) {
return base64_decode(str_pad(strtr($data, '-_', '+/'), strlen($data) % 4, '=', STR_PAD_RIGHT));
}
}
Source code View lupa_password.php:
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>
<?= $title;?>
</title>
</head>
<body>
<h2>Lupa Password</h2>
<p>Untuk melakukan reset password, silakan masukkan alamat email anda. </p>
<?php echo form_open('lupa_password');?>
<p>Email:</p>
<p>
<input type="text" name="email" value="<?php echo set_value('email'); ?>"/>
</p>
<p> <?php echo form_error('email'); ?> </p>
<p>
<input type="submit" name="btnSubmit" value="Submit" />
</p>
</body>
</html>
Source code reset_password:
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>
<?= $title;?>
</title>
</head>
<body>
<h2>Reset Password</h2>
<h5>Hello <span><?php echo $nama; ?></span>, Silakan isi password baru anda.</h5>
<?php echo form_open('lupa_password/reset_password/token/'.$token); ?>
<p>Password Baru:</p>
<p>
<input type="password" name="password" value="<?php echo set_value('password'); ?>"/>
</p>
<p> <?php echo form_error('password'); ?> </p>
<p>Konfirmasi Password:</p>
<p>
<input type="password" name="passconf" value="<?php echo set_value('passconf'); ?>"/>
</p>
<p> <?php echo form_error('passconf'); ?> </p>
<p>
<input type="submit" name="btnSubmit" value="Reset" />
</p>
</body>
</html>
1 answers
solution1
0 2019-02-20 08:32:18
Maybe you can change your reset_password function to be like this :
public function reset_password($token){
$cleanToken = $this->security->xss_clean($token);
$user_info = $this->M_Account->isTokenValid($cleanToken); //either false or array();
if(!$user_info){
$this->session->set_flashdata('sukses', 'Token tidak valid atau kadaluarsa');
redirect(site_url('login'),'refresh');
}
$data = array(
'title'=> 'Halaman Reset Password | Tutorial reset password CodeIgniter @ https://recodeku.blogspot.com',
'nama'=> $user_info->nama,
'email'=>$user_info->email,
'token'=>$this->base64url_encode($token)
);
$this->form_validation->set_rules('password', 'Password', 'required|min_length[5]');
$this->form_validation->set_rules('passconf', 'Password Confirmation', 'required|matches[password]');
if ($this->form_validation->run() == FALSE) {
$this->load->view('admin/reset_password', $data);
}else{
$post = $this->input->post(NULL, TRUE);
$cleanPost = $this->security->xss_clean($post);
$hashed = md5($cleanPost['password']);
$cleanPost['password'] = $hashed;
$cleanPost['id_admin'] = $user_info->id_admin;
unset($cleanPost['passconf']);
if(!$this->M_Account->updatePassword($cleanPost)){
$this->session->set_flashdata('sukses', 'Update password gagal.');
}else{
$this->session->set_flashdata('sukses', 'Password anda sudah
diperbaharui. Silakan login.');
}
redirect(site_url('admin/loginadmin'),'refresh');
}
}
And change your form target url to
<?php echo form_open('lupa_password/reset_password/'.$token); ?>
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.
Related Question
forgot password codeigniter
Forgot password in codeigniter
Implementing forgot password in Codeigniter on localhost
insert a function forgot password Codeigniter
Forgot password function not working in CodeIgniter
Forgot password with generated code in CodeIgniter
codeigniter forgot password mail is not delivered
unable to send token and email value in mail using phpmailer for forgot password
How to Generate Random Password in Codeigniter for forgot password
forgot password tank_auth codeigniter
Related Tags