重置密码确认无法正常工作？

Question

它工作，如果我把它像user_id = 3或当我删除where语句（WHERE user_id =“。$ user ['user_id']。”），但然后我所有的数据库密码更改。

我用get方法来获得这样的 USER_ID = 3 & reset_token = XXXXXXXXX

<?php 

if(isset($_GET['user_id']) && isset($_GET['reset_token'])) { 
$userid = $_GET['user_id']; 
$reset_token = $_GET['reset_token']; 

// Make sure user email with matching hash exist 
$req = $heidisql->prepare("SELECT * FROM users WHERE user_id='$userid' AND reset_token='$reset_token' "); 

$req->execute($userid, $reset_token); 

$user = $req->fetch(PDO::FETCH_ASSOC); 


    if ($user) { 

     if (!preg_match ('%\A(?=[-_a-zA-Z0-9]*?[A-Z])(?=[-_a-zA-Z0-9]*?[a-z])(?=[-_a-zA-Z0-9]*?[0-9])\S{8,30}\z%', $_POST['new_pass']) 
     || $_POST['new_pass'] !== $_POST['confirm_newpass']) { 

     echo 'Your new password did not match the new confirm password or is invalid!'; 
     exit(); 

     } 

    } 

    } else { 

     $newpassword = escape_data($_POST['new_pass']); 
     $newpass_hash = password_hash($newpassword, PASSWORD_BCRYPT); 

     $sql= "UPDATE users SET " 
       . "password_hashcode='$newpass_hash', " 
       . "reset_allocated_time=NULL, " 
       . "reset_token=NULL " 
       . "WHERE user_id=".$user['user_id']." "; //<- error here 

     // Make sure user email with matching hash exist 
     $result_newpass = $heidisql->prepare($sql); 

     $result_newpass->execute(); 

     echo "Your password has been reset!"; 

     exit(); 

    } 

已经尝试USER_ID = '$用户ID'/ $ _GET [ 'user_ID的']的用户ID 那么，应该如何我定义了变量user_id？

仍然不起作用 $ req = $ heidisql-> prepare（“SELECT * FROM users WHERE user_id ='：user_id'AND reset_token ='：reset_token'”）;

$req->execute([':user_id'=>$userid, ':reset_token'=>$reset_token]); 

    $sql= "UPDATE users SET password_hashcode=':password_hashcode', reset_allocated_time=NULL, reset_token=NULL WHERE user_id=:user_id"; 
    $result_newpass = $heidisql->prepare($sql); $result_newpass->execute([':user_id'=>$userid,':password_hashcode'=>$newpass_hash, ':reset_token'=>NULL, ':reset_allocated_time'=>NULL]); 

- 我认为，问题可能出在get方法的原因，似乎我无法正常访问USER_ID/URL中reset_token？

...本地主机/例子/ reset_pass.php？USER_ID = XX & reset_token = XXXXXXXXX

• 我在USER_ID越来越不确定的变量

• 任何人都知道，如果这个问题（S ）导致我的密码验证也不起作用？

Answer 1

使用预准备语句时，实际上并没有在语句中包含这些值。而是使用占位符，并在稍后绑定值。

变化：

$req = $heidisql->prepare(
    "SELECT * FROM users WHERE user_id='$userid' 
    AND reset_token='$reset_token' " 
); 
$req->execute($userid, $reset_token); 

要：

$req = $heidisql->prepare(
    "SELECT * FROM users WHERE user_id=:id 
    AND reset_token=:token " 
); 
$req->execute([':id'=>$userid, ':token'=>$reset_token]); 

See the docs

再往下，你必须：

$newpassword = escape_data($_POST['new_pass']); 
$newpass_hash = password_hash($newpassword, PASSWORD_BCRYPT); 

这可能是一个坏主意，更改密码（ ESCA pe）​​在散列之前。只是哈希它;结果将是安全的使用。如果将来您的转义函数发生变化，那么更改它可能会导致用户的真实密码无法识别。

再往下，你应该改变：

$sql= "UPDATE users SET password_hashcode='$newpass_hash'," 
    . "reset_allocated_time=NULL, reset_token=NULL " 
    . "WHERE user_id=".$user['user_id']." "; //<- error here 

$result_newpass = $heidisql->prepare($sql); 

$result_newpass->execute(); 

要：

$sql= "UPDATE users SET password_hashcode=:newpass," 
    . "reset_allocated_time=NULL, reset_token=NULL " 
    . "WHERE user_id=:id"; //<- error here 

$result_newpass = $heidisql->prepare($sql); 

$result_newpass->execute([':newpass'=>$newpass_hash, ':id'=>$userid]); 

Answer 2

更新此$sql从这里：

$sql = "UPDATE users SET 
     password_hashcode = '$newpass_hash', 
     reset_allocated_time = NULL, 
     reset_token = NULL 
     WHERE user_id = '$user['user_id']'";