dousui4577 2019-05-07 10:30
浏览 124
已采纳

使用加密创建基于电子邮件的密码重置功能

Trying to Create an Email-Based Password Reset Feature but need to encrypt the URL

Change_password.php

<?php
if($_GET){
    $email=base64_decode($_GET['email']);
}
else
{
echo "Url has no user";
  }

if(isset($_POST['submit'])){
  $email=$_POST['email'];    
    $password=$_POST['password'];    

    $obj=new commands();
    $obj->update_password($email,$password);

}
?>


<form action=""  method="post" id="my_form"  class="mt-3">
   <div class="form-group">
      <label class="tags">ENTER NEW PASSWORD</label>
      <input type="text" name="email"  value="<?php echo $email;  ?>">
      <input type="password" name="password" id="password" class="form-control" autocomplete="off" placeholder="new password">
   </div>
   <div class="form-group">
      <input type="submit"  value ="submit" name="submit" class="btn btn-primary btn-block">
   </div>
</form>

forgot_password.php 

<?php
if(isset($_POST['submit'])){
    $email=$_POST['email'];    
    $obj=new commands();
    $obj->forgot_passowrd($email);

}
?>



<form action=""  method="post" id="my_form"  class="mt-3">
   <div class="form-group">
      <label class="tags">EMAIL ADDRESS</label>
      <input type="email" name="email" id="email" class="form-control" autocomplete="off" placeholder="name@address.com">
   </div>
   <div class="form-group">
      <input type="submit"  value ="submit" name="submit" class="btn btn-primary btn-block">
   </div>
</form>

Functions

function forgot_passowrd($email){
        $to = $email;
        $subject = "Forgot  Password";
      $url= base64_encode('/test/change_password.php?email=$email');
        $message = "
        <html>
        <head>
        <title></title>
        </head>
        <body>
        <h1>Hello Change ur password</h1>
        <a href='$url';>Change Password</>
        </body>
        </html>
        ";
        $headers = "MIME-Version: 1.0" . "
";
        $headers .= "Content-type:text/html;charset=UTF-8" . "
";
        $headers .= 'From: <mymemail@gmail.com>' . "
";
        mail($to,$subject,$message,$headers);
        header('Location: login.php?msgF=' . urlencode(base64_encode("Check Mail To Reset Password")));

    }


    function update_password($email,$password){
        $sql= $this->con->prepare("UPDATE user SET password=:password where email=:email");
        $sql->bindParam(':email', $email);
        $sql->bindParam(':password', base64_encode($password));
        $sql->execute();
        header('location:login.php');
        $this->con= null;
        header('Location: login.php?msgC=' . urlencode(base64_encode("Password Changes Succesfully")));


    }

Here I am using email function to send an email to user to reset the password with attached $email in the url. I want to encrypt that url but after encryption that url in not accessible(Obviously) But is there any other way to encypt my url so email will be not visible the url and still the function of changing password works.

  • 写回答

1条回答 默认 最新

  • doulian1852 2019-05-07 10:45
    关注

    if you want to hide the email address from the public, you can encrypt the email address only not the entire URL.

    '/test/change_password.php?email='.encrypt($email);

    Then receive the email address like follow,

    if($_GET){
$email=decrypt($_GET['email']);
}

    I hope this help you.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 如何实验stm32主通道和互补通道独立输出
  • ¥30 这是哪个作者做的宝宝起名网站
  • ¥60 版本过低apk如何修改可以兼容新的安卓系统
  • ¥25 由IPR导致的DRIVER_POWER_STATE_FAILURE蓝屏
  • ¥50 有数据,怎么建立模型求影响全要素生产率的因素
  • ¥50 有数据,怎么用matlab求全要素生产率
  • ¥15 TI的insta-spin例程
  • ¥15 完成下列问题完成下列问题
  • ¥15 C#算法问题, 不知道怎么处理这个数据的转换
  • ¥15 YoloV5 第三方库的版本对照问题