The commonly referred to password retrieval function is not really able to retrieve forgotten passwords, because our passwords It is stored encrypted. Generally, after verifying the user information, developers will generate a new password through a program or generate a specific link and send an email to the user's email. The user will then go to the reset password module of the website from the email link to reset a new password.
Of course, some websites now also use mobile phone text messages to retrieve passwords. The principle is to verify your identity by sending a verification code. Just like sending an email for verification, you still have to reset your password to complete the password retrieval process.
The general steps are:
1. Enter your email address during registration in the form;
2. Verify that the user's email is correct. If the user's email does not exist in the user table of the website, it will prompt that the user's email is not registered;
3. Send an email. If the user's mailbox does exist in the user table, combine the string used to verify the user information, and construct a URL to send to the user's mailbox;
4. The user logs in to the mailbox to receive emails and clicks the URL link to the website verification program;
5. The website program queries the local user table through the string requested by the user and compares whether the user information is correct;
6. If it is correct, go to the reset password page and reset a new password. Otherwise, it will prompt the user that the verification is invalid.
HTML
We place a page on the password retrieval page that requires the user to enter the email address used for registration, and then submit the front-end js to handle the interaction.
<p><strong>输入您注册的电子邮箱,找回密码:</strong></p> <p><input type="text" class="input" name="email" id="email"><span id="chkmsg"></span></p> <p><input type="button" class="btn" id="sub_btn" value="提 交"></p>
jQuery
After the user enters the email address and clicks submit, jQuery first verifies whether the email format is correct. If it is correct, it sends an Ajax request to the background sendmail.php. sendmail.php is responsible for verifying whether the email address exists and sending the email, and will return the corresponding response. The processing results are sent to the front page, please see the jQuery code:
$(function(){
$("#sub_btn").click(function(){
var email = $("#email").val();
var preg = /^\w+([-+.]\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)*/; //匹配Email
if(email=='' || !preg.test(email)){
$("#chkmsg").html("请填写正确的邮箱!");
}else{
$("#sub_btn").attr("disabled","disabled").val('提交中..').css("cursor","default");
$.post("sendmail.php",{mail:email},function(msg){
if(msg=="noreg"){
$("#chkmsg").html("该邮箱尚未注册!");
$("#sub_btn").removeAttr("disabled").val('提 交').css("cursor","pointer");
}else{
$(".demo").html("<h3>"+msg+"</h3>");
}
});
}
});
})
The jQuery code used above is very convenient and concise to complete the front-end interactive operation. If you have a certain jQuery foundation, the above code is clear at a glance and does not require much explanation.
Of course, don’t forget to load the jQuery library file in the page. Some students often ask me why the demo downloaded from jb51.net cannot be used. 80% of the time it is because the loading path of jquery or other files is wrong and the necessary files are not loaded.
PHP
sendmail.php needs to verify whether the email exists in the system user table. If so, read the user information, encrypt the user ID, user name and password using md5 to generate a special string as a verification code to retrieve the password, and then Construct URL. At the same time, in order to control the timeliness of the URL link, we will record the operation time when the user submits the password retrieval action, and finally call the email sending class to send the email to the user's mailbox. The sending email class smtp.class.php has been packaged, please download it.
include_once("connect.php");//连接数据库
$email = stripslashes(trim($_POST['mail']));
$sql = "select id,username,password from `t_user` where `email`='$email'";
$query = mysql_query($sql);
$num = mysql_num_rows($query);
if($num==0){//该邮箱尚未注册!
echo 'noreg';
exit;
}else{
$row = mysql_fetch_array($query);
$getpasstime = time();
$uid = $row['id'];
$token = md5($uid.$row['username'].$row['password']);//组合验证码
$url = "http://www.bkjia.com/demo/resetpass/reset.php?email=".$email."
&token=".$token;//构造URL
$time = date('Y-m-d H:i');
$result = sendmail($time,$email,$url);
if($result==1){//邮件发送成功
$msg = '系统已向您的邮箱发送了一封邮件<br/>请登录到您的邮箱及时重置您的密码!';
//更新数据发送时间
mysql_query("update `t_user` set `getpasstime`='$getpasstime' where id='$uid '");
}else{
$msg = $result;
}
echo $msg;
}
//发送邮件
function sendmail($time,$email,$url){
include_once("smtp.class.php");
$smtpserver = ""; //SMTP服务器,如smtp.163.com
$smtpserverport = 25; //SMTP服务器端口
$smtpusermail = ""; //SMTP服务器的用户邮箱
$smtpuser = ""; //SMTP服务器的用户帐号
$smtppass = ""; //SMTP服务器的用户密码
$smtp = new Smtp($smtpserver, $smtpserverport, true, $smtpuser, $smtppass);
//这里面的一个true是表示使用身份验证,否则不使用身份验证.
$emailtype = "HTML"; //信件类型,文本:text;网页:HTML
$smtpemailto = $email;
$smtpemailfrom = $smtpusermail;
$emailsubject = "jb51.net - 找回密码";
$emailbody = "亲爱的".$email.":<br/>您在".$time."提交了找回密码请求。请点击下面的链接重置密码
(按钮24小时内有效)。<br/><a href='".$url."'target='_blank'>".$url."</a>";
$rs = $smtp->sendmail($smtpemailto, $smtpemailfrom, $emailsubject, $emailbody, $emailtype);
return $rs;
}
Okay, at this time, you will receive a password retrieval email from helloweba in your email. There is a URL link in the email content. Click the link to reset.php of jb51.net to verify your email.
include_once("connect.php");//连接数据库
$token = stripslashes(trim($_GET['token']));
$email = stripslashes(trim($_GET['email']));
$sql = "select * from `t_user` where email='$email'";
$query = mysql_query($sql);
$row = mysql_fetch_array($query);
if($row){
$mt = md5($row['id'].$row['username'].$row['password']);
if($mt==$token){
if(time()-$row['getpasstime']>24*60*60){
$msg = '该链接已过期!';
}else{
//重置密码...
$msg = '请重新设置密码,显示重置密码表单,<br/>这里只是演示,略过。';
}
}else{
$msg = '无效的链接';
}
}else{
$msg = '错误的链接!';
}
echo $msg;
reset.php first accepts the parameters email and token, and then queries whether the email exists in the data table t_user based on the email. If it exists, obtain the user's information, and construct the token value in the same way as the token combination in sendmail.php. Then compare it with the token passed by the URL. If the current time is more than 24 hours different from the time when the email was sent, it will prompt "The link has expired!". Otherwise, it means that the link is valid and you will be redirected to the password reset page. Finally, it is up to the user to set a new password.
Summary: Through registered email verification and password retrieval through this article’s email, we know the application of sending emails in website development and its importance. Of course, SMS verification applications are also popular now. This requires related SMS interface docking. .
Finally, attach the data table t_user structure:
CREATE TABLE `t_user` ( `id` int(11) NOT NULL auto_increment, `username` varchar(30) NOT NULL, `password` varchar(32) NOT NULL, `email` varchar(50) NOT NULL, `getpasstime` int(10) NOT NULL, PRIMARY KEY (`id`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8;
The above is the entire content of this article, I hope you all like it.
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
