我是否遗漏了代码中的任何漏洞

时间:2019-02-15 22:42:09

标签: php

我正在生成一个PHP代码,并且想在服务器中实现它以执行其功能。我的问题是我是否遗漏了应该纠正的漏洞?

我先尝试建立会话,然后启动SQL连接,然后要求用户输入他的电子邮件。我还添加了他的电子邮件的重置功能。

    <?php
    if ($_SESSION['admin'] !== true) {
        header('Location: /login.php?');
    }

    $conn = new mysqli("localhost","admin","password","db");

    if ($conn->connect_error) {
        die("Connection failed: " . $conn->connect_error);
    }

    $msg = '';
    if (isset($_POST['submit'])) {
        $email = $_POST['email'];
        $sql = "SELECT * FROM users WHERE email = $email;";
        $result = @$conn->query($sql);
        if ($result->num_rows == 0) {
            die("This email: $email is incorrect");
        }
        $row = $result->fetch_assoc();
        $id = $row["id"];
        $surename = $row["surename"];

        $sql = "SELECT * from users JOIN password_resets ON (password_resets.user_id=users.id)  WHERE id=$id;";
        $result = @$conn->query($query);
        if ($result->num_rows == 0) {
            $insert_sql = "INSERT INTO password_resets (user_id, reset_timestamp) VALUES ($id, unix_timestamp());";
            if ($conn->query($insert_sql) !== TRUE) {
                die("Error: " . $insert_sql . "<br>" . $conn->error);
            }
        }
        $result = $conn->query($query);
        $row = $result->fetch_assoc();

        $link = "https://".$_SERVER['SERVER_NAME']."/reset.php?id=".$row['id'] ."&timestamp=".$row['reset_timestamp'];
        $message = "Hi, $surename,

        Here's your password reset link: $link";
        $headers = "From: ".$_SESSION['first_name']." ".$_SESSION['last_name']." <".$_SESSION['email'].">";
        mail($email,"Your password reset link",$message,$headers);
        $msg = "Password reset for $email sent!";
    ?>
    <html>
    <head><title>Reset password for a user</title></head>
    <body>
      <form>
        <div class="message"><?=$msg ?></div>
        <input type="text" width=80 name="email">
        <input type="submit" name="submit" value="Send">
      </form>
    </body>
    </html>
    <?php
    }

0 个答案:

没有答案