password veranderen class

Status
Niet open voor verdere reacties.

phpscript

Nieuwe gebruiker
Lid geworden
4 sep 2013
Berichten
3
beste, ik heb een class gedownload voor het inloggen.
nou gebruik ik deze code:

PHP:
<?php
include("class.login.php");
$log = new logmein();
$log->encrypt = false; //set encryption
if($_REQUEST['action'] == "resetlogin"){
    if($log->passwordreset($_REQUEST['username'], "logon", "password", "useremail") == true){
        echo "password veranderd";
    }else{
        echo "error";
    }
}
?>

maar hij geeft een legen pagina aan. het geen ik wil is dat je wachtwoord word aangepast.

dit is de class:


PHP:
function passwordreset($username, $user_table, $pass_column, $user_column){
        //conect to DB
        $this->dbconnect();
        //generate new password
        $newpassword = $this->createPassword();
 
        //make sure password column and table are set
        if($this->pass_column == ""){
            $this->pass_column = $pass_column;
        }
        if($this->user_column == ""){
            $this->user_column = $user_column;
        }
        if($this->user_table == ""){
            $this->user_table = $user_table;
        }
        //check if encryption is used
        if($this->encrypt == true){
            $newpassword_db = md5($newpassword);
        }else{
            $newpassword_db = $newpassword;
        }
 
        //update database with new password
        $qry = "UPDATE ".$this->user_table." SET ".$this->pass_column."='".$newpassword_db."' WHERE ".$this->user_column."='".stripslashes($username)."'";
        $result = mysql_query($qry) or die(mysql_error());
 
        $to = stripslashes($username);
        //some injection protection
        $illegals=array("%0A","%0D","%0a","%0d","bcc:","Content-Type","BCC:","Bcc:","Cc:","CC:","TO:","To:","cc:","to:");
        $to = str_replace($illegals, "", $to);
        $getemail = explode("@",$to);
 
        //send only if there is one email
        if(sizeof($getemail) > 2){
            return false;
        }else{
            //send email
            $from = $_SERVER['SERVER_NAME'];
            $subject = "Password Reset: ".$_SERVER['SERVER_NAME'];
            $msg = "
 
Your new password is: ".$newpassword."
 
";
 
            //now we need to set mail headers
            $headers = "MIME-Version: 1.0 rn" ;
            $headers .= "Content-Type: text/html; \r\n" ;
            $headers .= "From: $from  \r\n" ;
 
            //now we are ready to send mail
            $sent = mail($to, $subject, $msg, $headers);
            if($sent){
                return true;
            }else{
                return false;
            }
        }
    }
 
    //create random password with 8 alphanumerical characters
    function createPassword() {
        $chars = "abcdefghijkmnopqrstuvwxyz023456789";
        srand((double)microtime()*1000000);
        $i = 0;
        $pass = '' ;
        while ($i <= 7) {
            $num = rand() % 33;
            $tmp = substr($chars, $num, 1);
            $pass = $pass . $tmp;
            $i++;
        }
        return $pass;
    }

weet iemand wat er fout zit?

mvg rick
 
Welkom op Helpmij :)

Vermoedelijke komt je IF-statement in de "ELSE" en dat is niks, vandaar de lege pagina.
Daarnaast zijn $_REQUEST-variabelen niet heel veilig, je kunt beter $_GET of $_POST gebruiken (afhankelijk van hoe je formulier is ingesteld)

Probeer dit eens:
PHP:
<?php
include("class.login.php");
$log = new logmein();
$log->encrypt = false; //set encryption

// Check if a form has been submitted
if('POST' == $_SERVER['REQUEST_METHOD']) {
    if($_POST['action'] == "resetlogin") {
        if($log->passwordreset($_REQUEST['username'], "logon", "password", "useremail") == true){
            echo "password veranderd";
        }else{
            echo "error during password reset";
        }
    } else {
        echo 'The field "action" does not have the value "resetlogin"';
} else {
    echo 'No form has been submitted';
}
?>
 
Status
Niet open voor verdere reacties.
Terug
Bovenaan Onderaan