忘记密码逻辑

时间:2012-02-15 19:47:53

标签: php codeigniter

我想要做的是弄清楚如何设置新密码及其请求日期(0000-00-00 00:00:00),然后根据该密码发送电子邮件。但是我想我需要改变我的逻辑,因为如果它已经设置我不希望它继续大量通过电子邮件发送给用户。另外我不确定的是,如果他们没有收到电子邮件的话。

关于我应该做什么的任何想法?

编辑:只是想添加new_password_key不是用户登录的密码。截至目前,我将把它们从电子邮件中的链接指向一个页面,在那里他们可以输入新密码。

if (!isset($user_data->new_password_key) && (!isset($user_data->new_password_requested)))
{
    if ($this->kow_auth->forgot_password($this->input->post('username')))
    {
        $this->kow_auth->send_email('forgot_password', 'KOW Manager Forgot Password Email', $user_data);
        echo json_encode(array('success' => 'yes', 'message' => 'A temporary password has been emailed to you!'));
    }
    else
    {

    }    
}
else
{
    echo json_encode(array('success' => 'yes', 'message' => 'Check your email for your temporary password!'));
}

编辑2:

我似乎遇到了一些逻辑问题,因为如果它归结为if语句if($ already_sent_password)并且由于某种原因他们没有得到它。那又怎样?或者如果它归结为if(!strtotime($ user_data-> new_password_requested)< =(time() - 172800))这对我来说开始听起来很愚蠢,因为为什么要让他们等两天才能得到一个新密码密钥。 

function forgot_password_submit() 
{
    $this->form_validation->set_rules('username', 'Username', 'trim|required|xss_clean');

    if (!$this->form_validation->run()) 
    {
       echo json_encode(array('error' => 'yes', 'message' => 'There was a problem submitting the form! Please refresh the window and try again!')); 
        return;
    }

    $user_data = $this->users->get_user_by_username($this->input->post('username'));
    if ($user_data === NULL) 
    {
        echo json_encode(array('error' => 'yes', 'message' => 'User does not exist in the database!'));
        return;
    }

    $already_sent_password = (isset($user_data->new_password_key) && isset($user_data->new_password_requested));
    if ($already_sent_password) 
    {
        echo json_encode(array('success' => 'yes', 'message' => 'Check your email for your temporary password!'));
        return;
    }

    if (!strtotime($user_data->new_password_requested) <= (time() - 172800)) 
    {
        echo json_encode(array('error' => 'yes', 'message' => 'You have to wait 2 days before a new temp password can be emailed!'));

    } 
    else 
    {
        if ($this->kow_auth->forgot_password($this->input->post('username'))) 
        {
            $this->kow_auth->send_email('forgot_password', 'KOW Manager Forgot Password Email', $user_data);
            echo json_encode(array('error' => 'yes', 'message' => 'A temporary password has been emailed to you'));
        } 
        else 
        {
            echo json_encode(array('error' => 'yes', 'message' => 'A temporary password could not be created for you!'));
        }
    }

1 个答案:

答案 0 :(得分:2)

就个人而言,我不担心向用户发送大量电子邮件。如果用户点击按钮20次,他们应该会收到20封电子邮件。

但是,如果您想在上次请求密码时间不到20分钟前重新发送电子邮件,则可以执行以下操作:

<?php
// Assuming this is in UTC
$requested = strtotime($user_data->new_password_requested);
if (time() - $requested <= (60 * 20))
{
    // Don't send the email
    return false;
}

return true;
相关问题
最新问题