0

我正在构建一个密码重置页面,在此操作的完成步骤中,用户输入他的密码并通过再次输入密码来确认,比较两个输入,如果这些输入相等,则更改密码,如果不是,则用户被定向到带有“没有成功消息”的页面。

这是我的逻辑:

在密码重置页面:

echo form_open("登录名/密码重置器");

我的控制器:

   function password_reseter() {
        $password1 = $this->input->post('password');
        $password2 = $this->input->post('password2');
        if ($password1 == $password2) {
            $data["proof"]=1;
            $reg_code = $this->input->post('rec_code');
            $this->load->model("membership_model");
            $this->membership_model->password_reseter($reg_code, $password2);
        }
        else{
            $data["proof"]=0;
        }

        $data["main_content"] = "reset_password_result";
        $this->load->view("includes/template", $data);
    }

观点

<?php
if ($proof == 1) {
    ?>
    <div id="loginform">
        Your password has been changed, you may now login.
    </div>
    <?php
} else {
    ?>
    <div id="loginform">
        Your passwords don't match! <a href="javascript:history.back()">Go back.</a>
    </div>
    <?php
}
?>

我有一个很大的安全问题,如果这个页面是通过 URL 直接访问的,我数据库上的所有帐户都在重置密码,我想停止直接访问这个 password_reseter 页面。

4

5 回答 5

3

You code fails because all you do is compare password 1 to password 2.

If a user access the password_reseter function directly, then password1 is null, and password2 is null, so it passes your 'test'.

Furthermore, you then check for "$this->input->post('rec_code')", which will also be null.

I am betting that inside your model code, because "$this->input->post('rec_code')" is null (or false), your WHERE condition is getting ALL the users, and thus resetting all your passwords.

There are so many security issues here I'm not even going to fix your one problem above, but outline how to fix the issue.

I will say this - no offense - but you should not be writing an authentication library. There are so many prepared GOOD STRONG SECURITY focused libraries for codeigniter that you should just use one of them.

I recommend ion_auth, but tank_auth and community_auth are also quite good.

于 2012-09-29T12:07:48.437 回答
1

用户完成前面的步骤时,您应该设置一些会话变量。然后检查password_reseter *如果设置了这些会话变量* 如果没有将它们重定向到您想要的位置。

于 2012-09-29T13:13:41.343 回答
0

最好使用 CI_ 内置功能进行密码验证。

$autoload['libraries'] = array('database','email','form_validation');

$autoload['drivers'] = array('session');

CI_CONTROLLER

function save_password_change(){
        $this->form_validation->set_rules('password','password','trim|required|min_length[4]|xss_clean');
        $this->form_validation->set_rules('password_confirm','Password Confirmation','trim|required|matches[password]');
        if($this->form_validation->run() === FALSE){
            echo " Password Change Unsuccessful";
        }
        else{
            $this->load->model('model_password_mgr');       
            $return_value = $this->model_password_mgr->save_password(); 
            if(!$return_value)
                echo " Password Change Unsuccessful ";
            else {
                echo " Password Change Successful";
                redirect("home");
            }   
        }
    }

CI_MODEL

function save_password(){
    $this->db->where('email', $_SESSION['email'] );
    $arr = array( 'password' => $this->input->post('password'));
    $data = $this->db->update('users', $arr);
    if(!$data)
        echo "PASSWORD CHANGE UNSUCCESSFUL";
    else 
        return true;
}
于 2016-06-16T13:23:55.607 回答
0 
if (!$_SERVER['HTTP_REFERER'])
{
    $this->redirect('error');
}
于 2016-02-16T12:07:17.530 回答
-1

使用 htaccess 阻止文件将是一种解决方案:

<files login/password_reseter.php>
order allow,deny
deny from all
</files>
于 2012-09-29T11:54:11.847 回答