我正在生成一个PHP代码,并且想在服务器中实现它以执行其功能。我的问题是我是否遗漏了应该纠正的漏洞?
我先尝试建立会话,然后启动SQL连接,然后要求用户输入他的电子邮件。我还添加了他的电子邮件的重置功能。
<?php
if ($_SESSION['admin'] !== true) {
header('Location: /login.php?');
}
$conn = new mysqli("localhost","admin","password","db");
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$msg = '';
if (isset($_POST['submit'])) {
$email = $_POST['email'];
$sql = "SELECT * FROM users WHERE email = $email;";
$result = @$conn->query($sql);
if ($result->num_rows == 0) {
die("This email: $email is incorrect");
}
$row = $result->fetch_assoc();
$id = $row["id"];
$surename = $row["surename"];
$sql = "SELECT * from users JOIN password_resets ON (password_resets.user_id=users.id) WHERE id=$id;";
$result = @$conn->query($query);
if ($result->num_rows == 0) {
$insert_sql = "INSERT INTO password_resets (user_id, reset_timestamp) VALUES ($id, unix_timestamp());";
if ($conn->query($insert_sql) !== TRUE) {
die("Error: " . $insert_sql . "<br>" . $conn->error);
}
}
$result = $conn->query($query);
$row = $result->fetch_assoc();
$link = "https://".$_SERVER['SERVER_NAME']."/reset.php?id=".$row['id'] ."×tamp=".$row['reset_timestamp'];
$message = "Hi, $surename,
Here's your password reset link: $link";
$headers = "From: ".$_SESSION['first_name']." ".$_SESSION['last_name']." <".$_SESSION['email'].">";
mail($email,"Your password reset link",$message,$headers);
$msg = "Password reset for $email sent!";
?>
<html>
<head><title>Reset password for a user</title></head>
<body>
<form>
<div class="message"><?=$msg ?></div>
<input type="text" width=80 name="email">
<input type="submit" name="submit" value="Send">
</form>
</body>
</html>
<?php
}