我正在尝试编写一个脚本,允许用户在提供电子邮件地址和回答秘密问题后重置密码。问题是我的秘密问题脚本没有按预期工作。当用户回答秘密问题时,它会在 ajax 的帮助下发布到 PHP 脚本并返回 responseText,它应该根据返回的响应触发 ajax,但是当返回的文本满足其他一些条件时,这里的脚本总是显示 ajax 的 else 条件。 ...任何帮助将不胜感激。提前谢谢你的帮助..
这些是重置密码的步骤:
- 点击忘记密码
- 询问用户电子邮件地址
- 回答秘密问题
- 在电子邮件中发送重置链接
- 单击电子邮件中发送的链接后,用户将被引导到密码重置页面,他们可以在其中创建新密码。
这是代码
<?php
if(isset($_GET['e'])){
// CONNECT TO THE DATABASE
include_once("php_includes/connect_to_mysqli.php");
// GATHER THE POSTED EMAIL INTO LOCAL VARIABLES AND SANITIZE
$email = mysqli_real_escape_string($db_conx, $_GET['e']);
$sql = "SELECT * FROM useroptions WHERE email='$email' LIMIT 1";
$query = mysqli_query($db_conx, $sql);
$numrows = mysqli_num_rows($query);
while($row = mysqli_fetch_array($query, MYSQLI_ASSOC)){
$id = $row["id"];
$u = $row["username"];
$q1 = $row["question"];
$q2 = $row["question2"];
$a1 = $row["answer"];
$a2 = $row["answer2"];
}
if ($q1 == "" || $q2 == ""){
header ("location: messages.php?emsg=forget&u=".$u);
exit();
}
}
?>
<?php
// AJAX CALLS THIS CODE TO EXECUTE
if(isset($_POST["pa1"])){
include_once("php_includes/connect_to_mysqli.php");
$e = mysqli_real_escape_string($db_conx, $_POST['em']);
$pa1= $_POST['pa1'];
$pa2= $_POST['pa2'];
$sql = "SELECT * FROM useroptions WHERE email='$e' LIMIT 1";
$query = mysqli_query($db_conx, $sql);
$numrows = mysqli_num_rows($query);
while($row = mysqli_fetch_array($query, MYSQLI_ASSOC)){
$id = $row["id"];
$a1 = $row["answer"];
$a2 = $row["answer2"];
}
if ($pa1 == $a1 && $pa2 == $a2 && $e == $email ){
$sql = "SELECT id, username FROM user WHERE email='$e' AND activated='1' LIMIT 1";
$query = mysqli_query($db_conx, $sql);
$numrows = mysqli_num_rows($query);
if($numrows > 0){
while($row = mysqli_fetch_array($query, MYSQLI_ASSOC)){
$id = $row["id"];
$u = $row["username"];
}
$emailcut = substr($e, 0, 4);
$randNum = rand(10000,99999);
$tempPass = "$emailcut$randNum";
$hashTempPass = md5($tempPass);
$sql = "UPDATE useroptions SET temp_pass='$hashTempPass' WHERE username='$u' LIMIT 1";
$query = mysqli_query($db_conx, $sql);
$to = "$e";
$from = "auto_responder@yousite.com";
$headers ="From: $from\n";
$headers .= "MIME-Version: 1.0\n";
$headers .= "Content-type: text/html; charset=iso-8859-1 \n";
$subject ="yoursite Temporary Password";
$msg = '<h2>Hello '.$u.'</h2><p> Email with activation link</p>';
if(mail($to,$subject,$msg,$headers)) {
echo "success";
exit();
} else {
echo "email_send_failed";
exit();
}
}
} else {
echo "no_exist";
}
exit();
}
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>Security Answer-</title>
<link rel="icon" href="favicon.ico" type="image/x-icon">
<link rel="stylesheet" href="css/styles.css">
<style type="text/css">
#securityform{
margin-top:24px;
}
#securityform > div {
margin-top: 12px;
}
#securityform > input {
width: 250px;
padding: 3px;
background: #F3F9DD;
}
#anssubmitbtn {
font-size:15px;
padding: 10px;
}
</style>
<script src="js/main.js"></script>
<script src="js/ajax.js"></script>
<script>
function emptyElement(x){
_(x).innerHTML = "";
}
function ajaxObj( meth, url ) {
var x = new XMLHttpRequest();
x.open( meth, url, true );
x.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
return x;
}
function ajaxReturn(x){
if(x.readyState == 4 && x.status == 200){
return true;
}
}
function forgotpasscon(){
var em = _("email").value;
var pa1 = _("ans1").value;
var pa2 = _("ans2").value;
if(em == "" || pa1 == "" || pa2 == ""){
_("status").innerHTML = "Answer all security questions";
} else {
_("anssubmitbtn").style.display = "none";
_("status").innerHTML = 'please wait ...';
var ajax = ajaxObj("POST", "testconfirm.php");
ajax.onreadystatechange = function() {
if(ajaxReturn(ajax) == true) {
var response = ajax.responseText;
if(ajax.responseText == "success"){
_("securityform").innerHTML = '<h3>Step 2. Check your email inbox in a few minutes</h3><p>You can close this window or tab if you like.</p>';
} else if(ajax.responseText == "no_exist"){
_("status").innerHTML = "Sorry wrong answers";
} else if(ajax.responseText == "email_send_failed"){
_("status").innerHTML = "Mail function failed to execute";
} else {
_("status").innerHTML = "An unknown error occurred"+ajax.responseText;
_("anssubmitbtn").style.display = "block";
}
}
}
ajax.send("em="+em+"&pa1="+pa1+"&pa2="+pa2);
}
}
</script>
</head>
<body>
<?php include_once("template_pageTop.php"); ?>
<div id="pageMiddle">
<h3>Step : 2</h3>
<h4>Please answer the following security questions!!</h4>
<form id="securityform" onsubmit="return false;">
<div>Question 1:</div>
<p><?php echo $q1; ?></p>
<input name="ans1" id="ans1" type="text" onfocus="_('status').innerHTML='';" maxlength="100">
<br/><br/>
<div>Question 2:</div>
<p><?php echo $q2; ?></p>
<input name="ans2" id="ans2" type="text" onfocus="_('status').innerHTML='';" maxlength="100">
<br /><br />
<input name="email" id="email" type="hidden" value="<?php echo $email; ?>" />
<button id="anssubmitbtn" onclick="forgotpasscon()">Submit</button>
<p id="status"></p>
</form>
</div>
<?php include_once("template_pageBottom.php"); ?>
</body>
</html>