Forgot Password script PHP mysqli

2019-06-14 17:57发布

站内问答 / PHP
1158 3 6

Hi I am trying to make a script forgot password so when user enter email in it it will verify that if entered email matches the database email if yes then sends confirmation email to his email address. It was working fine untill I was using mysql but after converting it to mysqli it not working. When user enter email in it it does't send email or even it doesn't echo that email sent or no errors.

Here is my Forgot.php script (UPDATED SCRIPT AGAIN)

<?php 
    error_reporting(0);
    if($_POST['submit']=='Send') {
        //keep it inside
        $email=$_POST['email'];

        $con=mysqli_connect("lovehost","root","123","user");
        // Check connection
        if (mysqli_connect_errno()) {
            echo "Failed to connect to MySQL: " . mysqli_connect_error();
        }
        $query = mysqli_query($con,"select * from login where user_email='$email'") or die(mysqli_error($con)); 

        $numrows = $query->num_rows();                                  

        if ($numrows == 1) {  
            $code=rand(100,999);
            $message='You activation link is: http://bing.fun2pk.com/forgot.php?email=$email&code=$code';
            mail($email, "Subject Goes Here", $message);
            echo 'Email sent';
        } else {
            echo 'No user exist with this email id';
        }
    }
?>
<form action="forgot.php" method="post">
    Enter you email ID: <input type="text" name="email">
    <input type="submit" name="submit" value="Send">
</form>

3条回答
▲ chillily
2楼-- · 2019-06-14 18:23

I tried to fix this using a test in my website and your codes should be like this even that there are a lot of bugs and your database can easily get 'hacked' by anonymous users still just to show the problem. Forgot.php

<?php 
    error_reporting(0);
    require('includes/db.php');
    if (isset($_POST['email'])) {
        $email = $_POST['email'];
        $code = rand(100,999);
        $query = "SELECT * FROM `users` WHERE email = '$email'";
        $result = mysql_query($query) or die(mysql_error());
        $count = mysql_num_rows($result);

        if ($count == 1) {
            mysql_query("update users set activation_code='$code' where email='$email'");
            //That Mail code should be put here    <----------------------
        } else {
        }
        echo " Something Here for a response";
    }
?>

<form action="" method="post">
    Enter you email ID: <input type="text" name="email">
    <input type="submit" name="submit" value="Send">
</form>

This worked after I tested :/

查看更多
0人赞 添加讨论(0) 举报
爱情/是我丢掉的垃圾
3楼-- · 2019-06-14 18:25

I think u should use mysqli_num_rows ($query) method inside your if condition to check if email exist or not.

for example:

if (mysqli_num_rows ($query)==1)
{
//your mail method
}
查看更多
0人赞 添加讨论(0) 举报
神经病院院长
4楼-- · 2019-06-14 18:43

If I see it correctly then $_GET['ID'] is not set, because you submit the form to forgot.php without a GET value named ID

查看更多
0人赞 添加讨论(0) 举报
登录 后发表回答
相关问题
查看全部
相关文章
查看全部
收藏的人(6)