通过电子邮件更改PHP密码脚本
连接变量将高于$dbConnected,但出于明显的原因,我去掉了它们。至于这个问题,我似乎无法判断与数据库的连接是否存在问题,或者这是否是代码主体中的逻辑错误通过电子邮件更改PHP密码脚本,php,database,passwords,Php,Database,Passwords,连接变量将高于$dbConnected,但出于明显的原因,我去掉了它们。至于这个问题,我似乎无法判断与数据库的连接是否存在问题,或者这是否是代码主体中的逻辑错误 <?php $hostname = ""; $username = ""; $password = ""; $databaseName = ""; $dbConnected = mysql_connect($hostname, $username, $password); $dbSelected = mysql
<?php
$hostname = "";
$username = "";
$password = "";
$databaseName = "";
$dbConnected = mysql_connect($hostname, $username, $password);
$dbSelected = mysql_select_db($databaseName, $dbConnected);
if ($dbConnected) {
$email = $_POST['email'];
$query = mysql_query("SELECT * FROM Users WHERE Primary_Email = '$email'");
$numrows = mysql_num_rows($query);
// Checking to see whether the email address is registered in the database
if ($numrows == 1) {
$pass = rand();
$pass = md5($pass);
$password = $pass;
// Updating database with new password
mysql_query("UPDATE Users SET UserPassword = '$password' WHERE User_Email = '$email'");
$query = mysql_query("SELECT * FROM users WHERE User_Email = '$email' AND UserPassword = '$password'");
$numrows = mysql_num_rows($query);
if ($numrows == 1) {
// Create email
$webmaster = "admin@chaluparosa-gaming.com";
$headers = "From: Ian Monson <$webmaster>";
$subject = "Your new password";
$message = "Hello. You have requested a password reset. Your new password is below. Please do not reply to this email, as it was automated \n
Password: $password \n ";
if (mail($email, $subject, $message, $headers)) {
echo "Your password has been reset. An email has been sent with your new password!"
echo '<br />';
} else {
echo "Error in sending out the email...";
echo '<br />';
}
}
} else {
echo "Email address was invalid or not found...!";
}
} else {
echo "Error connecting to the database...!";
}
?>
您需要单独为sql添加错误消息,然后让代码的其余部分显示自己的错误消息
<?php
$hostname = "";
$username = "";
$password = "";
$databaseName = "";
$dbConnected = mysql_connect($hostname, $username, $password) or die(mysql_error()); //die() with a mysql error message
$dbSelected = mysql_select_db($databaseName);
if (isset($email = $_POST['email'])) { //Check if email has been submitted
$query = mysql_query("SELECT * FROM Users WHERE Primary_Email = '$email'") or die(mysql_error());
$numrows = mysql_num_rows($query);
// Checking to see whether the email address is registered in the database
if ($numrows == 1) {
$pass = rand();
$pass = md5($pass);
$password = $pass;
// Updating database with new password
mysql_query("UPDATE Users SET UserPassword = '$password' WHERE User_Email = '$email'") or die(mysql_error());
$query = mysql_query("SELECT * FROM users WHERE User_Email = '$email' AND UserPassword = '$password'") or die(mysql_error());
$numrows = mysql_num_rows($query);
if ($numrows == 1) {
// Create email
$webmaster = "admin@chaluparosa-gaming.com";
$headers = "From: Ian Monson <$webmaster>";
$subject = "Your new password";
$message = "Hello. You have requested a password reset. Your new password is below. Please do not reply to this email, as it was automated \n
Password: $password \n ";
if (mail($email, $subject, $message, $headers)) {
echo "Your password has been reset. An email has been sent with your new password!"
echo '<br />';
} else {
echo "Error in sending out the email...";
echo '<br />';
}
}
} else {
echo "Email address was invalid or not found...!";
}
}
是否完成了任何基本调试,如向所有查询调用添加或添加错误?您的代码都没有错误处理,只是假设查询永远不会失败。错误的假设。您也很容易受到攻击。请注意,它们已不再维护,并且正在恢复。而是学习,并使用或。将帮助您决定。或者您可以简单地添加一些回声。。说我在这里!