dousui4577 2019-05-07 10:30
浏览 124
已采纳

使用加密创建基于电子邮件的密码重置功能

Trying to Create an Email-Based Password Reset Feature but need to encrypt the URL

Change_password.php

<?php
if($_GET){
    $email=base64_decode($_GET['email']);
}
else
{
echo "Url has no user";
  }

if(isset($_POST['submit'])){
  $email=$_POST['email'];    
    $password=$_POST['password'];    

    $obj=new commands();
    $obj->update_password($email,$password);

}
?>


<form action=""  method="post" id="my_form"  class="mt-3">
   <div class="form-group">
      <label class="tags">ENTER NEW PASSWORD</label>
      <input type="text" name="email"  value="<?php echo $email;  ?>">
      <input type="password" name="password" id="password" class="form-control" autocomplete="off" placeholder="new password">
   </div>
   <div class="form-group">
      <input type="submit"  value ="submit" name="submit" class="btn btn-primary btn-block">
   </div>
</form>

forgot_password.php 

<?php
if(isset($_POST['submit'])){
    $email=$_POST['email'];    
    $obj=new commands();
    $obj->forgot_passowrd($email);

}
?>



<form action=""  method="post" id="my_form"  class="mt-3">
   <div class="form-group">
      <label class="tags">EMAIL ADDRESS</label>
      <input type="email" name="email" id="email" class="form-control" autocomplete="off" placeholder="name@address.com">
   </div>
   <div class="form-group">
      <input type="submit"  value ="submit" name="submit" class="btn btn-primary btn-block">
   </div>
</form>

Functions

function forgot_passowrd($email){
        $to = $email;
        $subject = "Forgot  Password";
      $url= base64_encode('/test/change_password.php?email=$email');
        $message = "
        <html>
        <head>
        <title></title>
        </head>
        <body>
        <h1>Hello Change ur password</h1>
        <a href='$url';>Change Password</>
        </body>
        </html>
        ";
        $headers = "MIME-Version: 1.0" . "
";
        $headers .= "Content-type:text/html;charset=UTF-8" . "
";
        $headers .= 'From: <mymemail@gmail.com>' . "
";
        mail($to,$subject,$message,$headers);
        header('Location: login.php?msgF=' . urlencode(base64_encode("Check Mail To Reset Password")));

    }


    function update_password($email,$password){
        $sql= $this->con->prepare("UPDATE user SET password=:password where email=:email");
        $sql->bindParam(':email', $email);
        $sql->bindParam(':password', base64_encode($password));
        $sql->execute();
        header('location:login.php');
        $this->con= null;
        header('Location: login.php?msgC=' . urlencode(base64_encode("Password Changes Succesfully")));


    }

Here I am using email function to send an email to user to reset the password with attached $email in the url. I want to encrypt that url but after encryption that url in not accessible(Obviously) But is there any other way to encypt my url so email will be not visible the url and still the function of changing password works.

  • 写回答

1条回答 默认 最新

  • doulian1852 2019-05-07 10:45
    关注

    if you want to hide the email address from the public, you can encrypt the email address only not the entire URL.

    '/test/change_password.php?email='.encrypt($email);

    Then receive the email address like follow,

    if($_GET){
$email=decrypt($_GET['email']);
}

    I hope this help you.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 python的qt5界面
  • ¥15 无线电能传输系统MATLAB仿真问题
  • ¥50 如何用脚本实现输入法的热键设置
  • ¥20 我想使用一些网络协议或者部分协议也行,主要想实现类似于traceroute的一定步长内的路由拓扑功能
  • ¥30 深度学习,前后端连接
  • ¥15 孟德尔随机化结果不一致
  • ¥15 apm2.8飞控罗盘bad health,加速度计校准失败
  • ¥15 求解O-S方程的特征值问题给出边界层布拉休斯平行流的中性曲线
  • ¥15 谁有desed数据集呀
  • ¥20 手写数字识别运行c仿真时,程序报错错误代码sim211-100