php - Reset password link not working -
i have reset password link seemingly won't process $_get('variable'). forgot password form:
<?php $error = $email = ""; if (isset($_post['email'])) { $email = sanitizestring($_post['email']); $com_code = md5(uniqid(rand())); if ($email == "") $error = "not fields entered<br>"; else if (!filter_var($email, filter_validate_email)) $error='email invalid'; else { $resulte = querymysql("select email users email='$email'"); if ($resulte->num_rows == 0) { $error = "<span class='error'>email error</span><br><br>"; }else { querymysql("update users set com_code='$com_code' email='$email'"); $mail_to = $email; $subject = 'reset password '; $body_message = 'please click on link reset password '; $body_message .= '<a href="http://tickets.dundaah.com/tickets/php/edit_profile/reset_pass.php?passkey=$com_code">activate</a>'; $headers = 'mime-version: 1.0' . "\r\n"; $headers .= 'content-type: text/html; charset=iso-8859-1' . "\r\n"; $mail_status = mail($mail_to, $subject, $body_message, $headers); if(isset($_session['url'])) $url = $_session['url']; else $url = "../../index.php"; header("location:$url"); } } } ?> the reset password form:
<?php $error = $pass =""; if (isset($_post['pass'])) { $pass = sanitizestring($_post['pass']); $salt1 = "qm&h*"; $salt2 = "pg!@"; $token = hash('ripemd128', "$salt1$pass$salt2"); $passkey = $_get['passkey']; if ($pass == "") $error = "enter fields"; //put if else statements here else if (preg_match("/[^a-za-z0-9_-]/", $pass)){ $error='remove spaces,numbers,special characters'; } else { $resultpassw = querymysql("select * users com_code='$passkey' "); if ($resultpassw->num_rows == 0) $error = " ✘ confirmation not sent"; else { querymysql("update users set pass='$token', updated=current_timestamp com_code='$passkey'"); header("location:../../profile.php"); } } } ?> the error keeps occurring 'confirmation not sent' implying table 'users' has no com_code inserted previously, when @ table via phpmyadmin com_code there. i'm going wrong
in forgot passaword form try below.
<?php $error = $email = ""; if (isset($_post['email'])) { $email = sanitizestring($_post['email']); $com_code = md5(uniqid(rand())); if ($email == "") $error = "not fields entered<br>"; else if (!filter_var($email, filter_validate_email)) $error='email invalid'; else { $resulte = querymysql("select email users email='$email'"); if ($resulte->num_rows == 0) { $error = "<span class='error'>email error</span><br><br>"; }else { querymysql("update users set com_code='$com_code' email='$email'"); $mail_to = $email; $subject = 'reset password '; $body_message = 'please click on link reset password '; $body_message .= '<a href="http://tickets.dundaah.com/tickets/php/edit_profile/reset_pass.php?passkey='.$com_code.'">activate</a>'; $headers = 'mime-version: 1.0' . "\r\n"; $headers .= 'content-type: text/html; charset=iso-8859-1' . "\r\n"; $mail_status = mail($mail_to, $subject, $body_message, $headers); if(isset($_session['url'])) $url = $_session['url']; else $url = "../../index.php"; header("location:$url"); } } } ?> i changed 1 line here.
$body_message .= '<a href="http://tickets.dundaah.com/tickets/php/edit_profile/reset_pass.php?passkey='.$com_code.'">activate</a>'; as $com_code dynamic value need pass in way, php can fetch value, , not take static value.
Comments
Post a Comment