Yii2 Forgot password operation based on email verification
The content of this article is about the forgotten password operation of Yii2 based on email verification. It has a certain reference value. Now I share it with you. Friends in need can refer to it.
I talked about sending emails before function, now we will use the email sending function to make a small demo
Let’s first sort out what process we need to perform to realize the forgotten password
1. 弹出窗口,提示用户输入用户名和邮箱。2. 验证邮箱,利用md5等等加密拼接token,发送token,当前时间戳,账户名等属性。3. 用户点击邮箱链接,到指定控制器,验证我们的token和时间是否超时。4. 如果都验证成功,则进入修改密码操作
If you click Forget Password, we will enter the corresponding method of the current controller.
Verify the email and user name entered by the user. If the verification is successful, perform our send email operation
//模型文件代码
public function seekPass($post)
{
$this->scenario = "seekPass"; if($this->load($post)&&$this->validate())
{ $time = time(); $adminuser = $post['Admin']['adminuser'];
$token = $this->createToken($post['Admin']['adminuser'],$time);
//自定义方法,创建一个唯一token
$mailer = \Yii::$app->mailer->compose('seekpass',['text'=>'text','adminuser'=>$post['Admin']['adminuser'],'token'=>$_SERVER['HTTP_HOST'].Url::toRoute(['manage/emailchangepass'])."×tamp=".$time."&token=".$token."&adminuser=".$adminuser]);
$mailer ->setFrom("1115007981@qq.com")
->setTo("1115007981@qq.com")
->setSubject("黑势力科技")
->send(); if($mailer) return true;
} return false;
} //拼接的邮箱地址为:
http://web.demo.com/shop/access/backend/web/index.php?r=manage/Femailchangepass×tamp=1524052534&token=4575d5050f57baf4a896c3924d972c12&adminuser=adminIf we click on the spliced email address, then We will enter the emailchangepass method in our manage controller, and transmit our token, time, and adminuser attributes through the GET method
In the controllerIn the model layer, we need to write method, there is only the changepass() method. Verify that the updateAll() method is called successfully
We need to verify the timeliness of our time. The connection fails after 5 minutes
We need to To verify whether the token is the token we initially created
we need to identify whether there is a POST request currently. If there is, it means that the user has entered a modified password, and you need to enter the model file to verify the password. Rules
public function actionEmailchangepass(){ $this->layout='login'; $time = Yii::$app->request->get('timestamp'); $adminuser = Yii::$app->request->get('adminuser'); $token = Yii::$app->request->get('token'); $model = new Admin(); $mytoken = $model->createToken($adminuser,$time); if($token!=$mytoken) { $this->redirect(['public/login']); Yii::$app->end(); } if(time()-$time>300) { $this->redirect(['public/login']); Yii::$app->end(); } if(Yii::$app->request->isPost) { $post = Yii::$app->request->post(); if ($model->changepass($post)) { Yii::$app->session->setFlash('info','密码修改成功'); } } $model->adminuser = $adminuser; return $this->render('emailchangepass',['model'=>$model]); }Copy after login
This ends this sharing.
I talked about the email sending function before, now we will use the email sending function to make a small demo
Let’s first understand what process we need to perform to realize the forgotten password
1. 弹出窗口,提示用户输入用户名和邮箱。2. 验证邮箱,利用md5等等加密拼接token,发送token,当前时间戳,账户名等属性。3. 用户点击邮箱链接,到指定控制器,验证我们的token和时间是否超时。4. 如果都验证成功,则进入修改密码操作
If you click Forgot Password, we will enter the corresponding method of the current controller.
Verify the email and user name entered by the user. If the verification is successful, perform our send email operation
//模型文件代码
public function seekPass($post)
{
$this->scenario = "seekPass"; if($this->load($post)&&$this->validate())
{ $time = time(); $adminuser = $post['Admin']['adminuser']; $token = $this->createToken($post['Admin']['adminuser'],$time); //自定义方法,创建一个唯一token
$mailer = \Yii::$app->mailer->compose('seekpass',['text'=>'text','adminuser'=>$post['Admin']['adminuser'],'token'=>$_SERVER['HTTP_HOST'].Url::toRoute(['manage/emailchangepass'])."×tamp=".$time."&token=".$token."&adminuser=".$adminuser]); $mailer ->setFrom("1115007981@qq.com")
->setTo("1115007981@qq.com")
->setSubject("黑势力科技")
->send(); if($mailer) return true;
} return false;
} //拼接的邮箱地址为:
http://web.demo.com/shop/access/backend/web/index.php?r=manage/Femailchangepass×tamp=1524052534&token=4575d5050f57baf4a896c3924d972c12&adminuser=adminIf we click on the spliced email address, then We will enter the emailchangepass method in our manage controller, and transmit our token, time, and adminuser attributes through the GET method
In the controllerIn the model layer, we need to write method, there is only the changepass() method. Verify that the updateAll() method is called successfully
We need to verify the timeliness of our time. The connection fails after 5 minutes
We need to To verify whether the token is the token we initially created
we need to identify whether there is a POST request currently. If there is, it means that the user has entered a modified password, and you need to enter the model file to verify the password. Rules
public function actionEmailchangepass(){ $this->layout='login'; $time = Yii::$app->request->get('timestamp'); $adminuser = Yii::$app->request->get('adminuser'); $token = Yii::$app->request->get('token'); $model = new Admin(); $mytoken = $model->createToken($adminuser,$time); if($token!=$mytoken) { $this->redirect(['public/login']); Yii::$app->end(); } if(time()-$time>300) { $this->redirect(['public/login']); Yii::$app->end(); } if(Yii::$app->request->isPost) { $post = Yii::$app->request->post(); if ($model->changepass($post)) { Yii::$app->session->setFlash('info','密码修改成功'); } } $model->adminuser = $adminuser; return $this->render('emailchangepass',['model'=>$model]); }Copy after loginThis ends this sharing.
Related recommendations:
yii2 resetful authorization verification
The above is the detailed content of Yii2 Forgot password operation based on email verification. For more information, please follow other related articles on the PHP Chinese website!
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
1386
52
How to verify signature in PDF
Feb 18, 2024 pm 05:33 PM
We usually receive PDF files from the government or other agencies, some with digital signatures. After verifying the signature, we see the SignatureValid message and a green check mark. If the signature is not verified, the validity is unknown. Verifying signatures is important, let’s see how to do it in PDF. How to Verify Signatures in PDF Verifying signatures in PDF format makes it more trustworthy and the document more likely to be accepted. You can verify signatures in PDF documents in the following ways. Open the PDF in Adobe Reader Right-click the signature and select Show Signature Properties Click the Show Signer Certificate button Add the signature to the Trusted Certificates list from the Trust tab Click Verify Signature to complete the verification Let
Detailed method to unblock using WeChat friend-assisted verification
Mar 25, 2024 pm 01:26 PM
1. After opening WeChat, click the search icon, enter WeChat team, and click the service below to enter. 2. After entering, click the self-service tool option in the lower left corner. 3. After clicking, in the options above, click the option of unblocking/appealing for auxiliary verification.
How to verify whether the input is full-width characters in golang
Jun 25, 2023 pm 02:03 PM
In golang, Unicode encoding and rune type are required to verify whether the input is full-width characters. Unicode encoding is a character encoding standard that assigns a unique numeric code point to each character in the character set, which includes full-width characters and half-width characters. The rune type is the type used to represent Unicode characters in golang. The first step is to convert the input into a rune type slice. This can be converted by using golang's []rune type, e.g.
How to validate IFSC code using regular expressions?
Aug 26, 2023 pm 10:17 PM
Indian Financial System Code is the abbreviation. Indian bank branches participating in the electronic funds transfer system are identified by a special 11-character code. The Reserve Bank of India uses this code in internet transactions to transfer funds between banks. IFSC code is divided into two parts. Banks are identified by the first four characters, while branches are identified by the last six characters. NEFT (National Electronic Funds Transfer), RTGS (Real Time Gross Settlement) and IMPS (Immediate Payment Service) are some of the electronic transactions that require IFSC codes. Method Some common ways to validate IFSC codes using regular expressions are: Check if the length is correct. Check the first four characters. Checkthefifthcharacter.Che
How to verify whether input is uppercase letters in golang
Jun 24, 2023 am 09:06 AM
Golang is a high-performance, modern programming language that often involves string processing in daily development. Among them, validating whether the input is in uppercase letters is a common requirement. This article will introduce how to verify whether the input is uppercase letters in Golang. Method 1: Use the unicode package. The unicode package in Golang provides a series of functions to determine the encoding type of characters. For uppercase letters, the corresponding encoding range is 65-90 (decimal), so we can use unicod
New features in PHP 8: Added verification and signing
Mar 27, 2024 am 08:21 AM
PHP8 is the latest version of PHP, bringing more convenience and functionality to programmers. This version has a special focus on security and performance, and one of the noteworthy new features is the addition of verification and signing capabilities. In this article, we'll take a closer look at these new features and their uses. Verification and signing are very important security concepts in computer science. They are often used to ensure that the data transmitted is complete and authentic. Verification and signatures become even more important when dealing with online transactions and sensitive information because if someone is able to tamper with the data, it could potentially
Authentication using Google reCAPTCHA in PHP
Jun 19, 2023 pm 05:38 PM
In the modern online world, website security and the protection of user privacy have become increasingly important topics. Among them, the technical method of human-machine verification has become one of the indispensable ways to prevent malicious attacks. GooglereCAPTCHA is a tool that is widely used for human-machine verification. Its concept has been deeply rooted in the hearts of the people, and its presence can even be seen on many websites we use every day. In this article, we will explore how to use GooglereCAPTCHA for verification in PHP
How to verify whether the input is all Chinese characters in golang
Jun 24, 2023 am 09:16 AM
With the development of the times, we pay more and more attention to the verification of data, especially the verification of user input. For language verification, how to accurately determine whether the input is all Chinese characters has become an important issue. In golang, we can use the unicode package and regexp package to achieve this requirement. 1. Unicode package The unicode package provides a series of core support for Unicode. We can use the functions in this package to accurately determine whether a character is a Chinese character.
