felito Posted March 21, 2011 Share Posted March 21, 2011 hi guys I have two functions and they work well, but now i have a problem in the last if the email is sent like www.yoursite.com/reset_password.php?userid=0&code= and not http://your.url/set_new_password.php?userid=564979&code=54c4a2767c2f485185ab72cdcf03ab59 so, the problem is that i can get the value of hash and the userid. If i do an echo "$hash" in the function code(); it shows the value like 564979&code=54c4a2767c2f485185ab72cdcf03ab59 my question is, how i can do the same in the last if? above two functions. Same occur in the last select select userid from password_reset where code=? none userid is showed, it is always zero. <? function check($sql, $db, $email) { if(!empty($_POST['email'])) { $email = $_POST["email"]; if ($sql = $db->prepare("select email from users where email=?")) { $sql->bind_param('s', $email); $sql->execute(); $sql->bind_result($email); if ($sql->fetch()) { return true; } else { return false; } } } } function code($sql, $db, $hash, $pwdHasher, $userExists, $sendPass) { if (check($sql, $db, $email)) { $pwdHasher = new PasswordHash(8, FALSE); $hash = $pwdHasher->HashPassword($userExists["email"]); $sendPass=$hash; ($sql = $db->prepare('insert into password_reset (code) values (?)')); $sql->bind_param('s', $hash); $sql->execute(); $sql->fetch(); return true; } } if (code($sql, $db, $hash, $pwdHasher, $userExists, $sendPass)) { ($sql = $db->prepare("select userid from password_reset where code=?")); $sql->bind_param('s', $hash); $sql->execute(); $sql->bind_result($hash); $sql->fetch(); echo $hash; $pwrurl = "www.yoursite.com/reset_password.php?userid=" .$hash . "&code=" . $sendPass; $mailbody = "Dear user,<br><br>If this e-mail does not apply to you please ignore it. It appears that you have requested a password reset at our website www.yoursitehere.com<br> To reset your password, please click the link below. If you cannot click it, please paste it into your web browser's address bar.<br> <a href='$pwrurl'>$pwrurl</a> <br> <br> Thanks,\nThe Administration"; $mail->MsgHTML($mailbody); $mail->AddAddress($email,"Membro"); $mail->IsHTML(true); if(!$mail->Send()) { echo "Deu erro: " . $mail->ErrorInfo; } else { echo "Enviado com sucesso"; } $sql->close(); $db->close(); } ?> any help? thanks Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.