使用加密创建基于电子邮件的密码重置功能
Create an Email-Based Password Reset Feature with encryption
正在尝试创建基于电子邮件的密码重置功能,但需要加密 URL
Change_password.php
<?php
if($_GET){
$email=base64_decode($_GET['email']);
}
else
{
echo "Url has no user";
}
if(isset($_POST['submit'])){
$email=$_POST['email'];
$password=$_POST['password'];
$obj=new commands();
$obj->update_password($email,$password);
}
?>
<form action="" method="post" id="my_form" class="mt-3">
<div class="form-group">
<label class="tags">ENTER NEW PASSWORD</label>
<input type="text" name="email" value="<?php echo $email; ?>">
<input type="password" name="password" id="password" class="form-control" autocomplete="off" placeholder="new password">
</div>
<div class="form-group">
<input type="submit" value ="submit" name="submit" class="btn btn-primary btn-block">
</div>
</form>
forgot_password.php
<?php
if(isset($_POST['submit'])){
$email=$_POST['email'];
$obj=new commands();
$obj->forgot_passowrd($email);
}
?>
<form action="" method="post" id="my_form" class="mt-3">
<div class="form-group">
<label class="tags">EMAIL ADDRESS</label>
<input type="email" name="email" id="email" class="form-control" autocomplete="off" placeholder="name@address.com">
</div>
<div class="form-group">
<input type="submit" value ="submit" name="submit" class="btn btn-primary btn-block">
</div>
</form>
函数
function forgot_passowrd($email){
$to = $email;
$subject = "Forgot Password";
$url= base64_encode('/test/change_password.php?email=$email');
$message = "
<html>
<head>
<title></title>
</head>
<body>
<h1>Hello Change ur password</h1>
<a href='$url';>Change Password</>
</body>
</html>
";
$headers = "MIME-Version: 1.0" . "\r\n";
$headers .= "Content-type:text/html;charset=UTF-8" . "\r\n";
$headers .= 'From: <mymemail@gmail.com>' . "\r\n";
mail($to,$subject,$message,$headers);
header('Location: login.php?msgF=' . urlencode(base64_encode("Check Mail To Reset Password")));
}
function update_password($email,$password){
$sql= $this->con->prepare("UPDATE user SET password=:password where email=:email");
$sql->bindParam(':email', $email);
$sql->bindParam(':password', base64_encode($password));
$sql->execute();
header('location:login.php');
$this->con= null;
header('Location: login.php?msgC=' . urlencode(base64_encode("Password Changes Succesfully")));
}
这里我使用电子邮件功能向用户发送电子邮件以重置密码,并在 url 中附加了 $email。
我想加密 url 但在加密后 url 无法访问(显然)但是有没有其他方法可以加密我的 url 所以电子邮件将不可见 url 修改密码功能依然有效。
如果您想对 public 隐藏电子邮件地址,您可以只加密电子邮件地址而不是整个 URL。
'/test/change_password.php?email='.encrypt($email);
然后收到如下邮箱地址,
if($_GET){
$email=decrypt($_GET['email']);
}
希望对你有所帮助。
正在尝试创建基于电子邮件的密码重置功能,但需要加密 URL
Change_password.php
<?php
if($_GET){
$email=base64_decode($_GET['email']);
}
else
{
echo "Url has no user";
}
if(isset($_POST['submit'])){
$email=$_POST['email'];
$password=$_POST['password'];
$obj=new commands();
$obj->update_password($email,$password);
}
?>
<form action="" method="post" id="my_form" class="mt-3">
<div class="form-group">
<label class="tags">ENTER NEW PASSWORD</label>
<input type="text" name="email" value="<?php echo $email; ?>">
<input type="password" name="password" id="password" class="form-control" autocomplete="off" placeholder="new password">
</div>
<div class="form-group">
<input type="submit" value ="submit" name="submit" class="btn btn-primary btn-block">
</div>
</form>
forgot_password.php
<?php
if(isset($_POST['submit'])){
$email=$_POST['email'];
$obj=new commands();
$obj->forgot_passowrd($email);
}
?>
<form action="" method="post" id="my_form" class="mt-3">
<div class="form-group">
<label class="tags">EMAIL ADDRESS</label>
<input type="email" name="email" id="email" class="form-control" autocomplete="off" placeholder="name@address.com">
</div>
<div class="form-group">
<input type="submit" value ="submit" name="submit" class="btn btn-primary btn-block">
</div>
</form>
函数
function forgot_passowrd($email){
$to = $email;
$subject = "Forgot Password";
$url= base64_encode('/test/change_password.php?email=$email');
$message = "
<html>
<head>
<title></title>
</head>
<body>
<h1>Hello Change ur password</h1>
<a href='$url';>Change Password</>
</body>
</html>
";
$headers = "MIME-Version: 1.0" . "\r\n";
$headers .= "Content-type:text/html;charset=UTF-8" . "\r\n";
$headers .= 'From: <mymemail@gmail.com>' . "\r\n";
mail($to,$subject,$message,$headers);
header('Location: login.php?msgF=' . urlencode(base64_encode("Check Mail To Reset Password")));
}
function update_password($email,$password){
$sql= $this->con->prepare("UPDATE user SET password=:password where email=:email");
$sql->bindParam(':email', $email);
$sql->bindParam(':password', base64_encode($password));
$sql->execute();
header('location:login.php');
$this->con= null;
header('Location: login.php?msgC=' . urlencode(base64_encode("Password Changes Succesfully")));
}
这里我使用电子邮件功能向用户发送电子邮件以重置密码,并在 url 中附加了 $email。 我想加密 url 但在加密后 url 无法访问(显然)但是有没有其他方法可以加密我的 url 所以电子邮件将不可见 url 修改密码功能依然有效。
如果您想对 public 隐藏电子邮件地址,您可以只加密电子邮件地址而不是整个 URL。
'/test/change_password.php?email='.encrypt($email);
然后收到如下邮箱地址,
if($_GET){
$email=decrypt($_GET['email']);
}
希望对你有所帮助。