dousui4577 2019-05-07 10:30
浏览 124
已采纳

使用加密创建基于电子邮件的密码重置功能

Trying to Create an Email-Based Password Reset Feature but need to encrypt the URL

Change_password.php

<?php
if($_GET){
    $email=base64_decode($_GET['email']);
}
else
{
echo "Url has no user";
  }

if(isset($_POST['submit'])){
  $email=$_POST['email'];    
    $password=$_POST['password'];    

    $obj=new commands();
    $obj->update_password($email,$password);

}
?>


<form action=""  method="post" id="my_form"  class="mt-3">
   <div class="form-group">
      <label class="tags">ENTER NEW PASSWORD</label>
      <input type="text" name="email"  value="<?php echo $email;  ?>">
      <input type="password" name="password" id="password" class="form-control" autocomplete="off" placeholder="new password">
   </div>
   <div class="form-group">
      <input type="submit"  value ="submit" name="submit" class="btn btn-primary btn-block">
   </div>
</form>

forgot_password.php 

<?php
if(isset($_POST['submit'])){
    $email=$_POST['email'];    
    $obj=new commands();
    $obj->forgot_passowrd($email);

}
?>



<form action=""  method="post" id="my_form"  class="mt-3">
   <div class="form-group">
      <label class="tags">EMAIL ADDRESS</label>
      <input type="email" name="email" id="email" class="form-control" autocomplete="off" placeholder="name@address.com">
   </div>
   <div class="form-group">
      <input type="submit"  value ="submit" name="submit" class="btn btn-primary btn-block">
   </div>
</form>

Functions

function forgot_passowrd($email){
        $to = $email;
        $subject = "Forgot  Password";
      $url= base64_encode('/test/change_password.php?email=$email');
        $message = "
        <html>
        <head>
        <title></title>
        </head>
        <body>
        <h1>Hello Change ur password</h1>
        <a href='$url';>Change Password</>
        </body>
        </html>
        ";
        $headers = "MIME-Version: 1.0" . "
";
        $headers .= "Content-type:text/html;charset=UTF-8" . "
";
        $headers .= 'From: <mymemail@gmail.com>' . "
";
        mail($to,$subject,$message,$headers);
        header('Location: login.php?msgF=' . urlencode(base64_encode("Check Mail To Reset Password")));

    }


    function update_password($email,$password){
        $sql= $this->con->prepare("UPDATE user SET password=:password where email=:email");
        $sql->bindParam(':email', $email);
        $sql->bindParam(':password', base64_encode($password));
        $sql->execute();
        header('location:login.php');
        $this->con= null;
        header('Location: login.php?msgC=' . urlencode(base64_encode("Password Changes Succesfully")));


    }

Here I am using email function to send an email to user to reset the password with attached $email in the url. I want to encrypt that url but after encryption that url in not accessible(Obviously) But is there any other way to encypt my url so email will be not visible the url and still the function of changing password works.

  • 写回答

1条回答 默认 最新

  • doulian1852 2019-05-07 10:45
    关注

    if you want to hide the email address from the public, you can encrypt the email address only not the entire URL.

    '/test/change_password.php?email='.encrypt($email);

    Then receive the email address like follow,

    if($_GET){
$email=decrypt($_GET['email']);
}

    I hope this help you.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥30 YOLO检测微调结果p为1
  • ¥20 求快手直播间榜单匿名采集ID用户名简单能学会的
  • ¥15 DS18B20内部ADC模数转换器
  • ¥15 做个有关计算的小程序
  • ¥15 MPI读取tif文件无法正常给各进程分配路径
  • ¥15 如何用MATLAB实现以下三个公式(有相互嵌套)
  • ¥30 关于#算法#的问题:运用EViews第九版本进行一系列计量经济学的时间数列数据回归分析预测问题 求各位帮我解答一下
  • ¥15 setInterval 页面闪烁,怎么解决
  • ¥15 如何让企业微信机器人实现消息汇总整合
  • ¥50 关于#ui#的问题:做yolov8的ui界面出现的问题