Password reset through mail?

Question

1.00/5 (1 vote)

See more:

Hello I have been trying to make sure my users can do a password reset if they forgot their password but now I'm a bit stuck. The problem is with the link to the file that alows users to enter a new password. I need to pass the token and the email through that url if I understand it correctly. but then it can't find the file?

this is the code that creates the url

$url = sprintf("%s://%s",isset($_SERVER['HTTPS']) && $_SERVER['HTTPS']!='off'?'https':'http',$_SERVER['HTTP_HOST'].dirname($_SERVER['PHP_SELF'])."/wachtwoordreset.php"."&token".$token);

but this gives me this url and because of this it can't find the passwordreset page

<pre lang="PHP"><pre lang="PHP">

PHP

http://localhost/bestelapp/mail/wachtwoordreset.php&tokenbf1abb1bb1b867491230577880c5da540b6a2f8b24d10fcf6a876166a313d9483367576a68ae41add7403af52a4104cc3c3d

this is the code from the email that has to send you to wachtwoordreset.php (passwordreset) but unfortunatly doesn't

<?php 
session_start();
include "mailen.php"; 
include "../config.php";?>
<!-- moet ik heir prepared statements gebruiken?-->

<html>
   <!-- sending a mail -->
   <body>
      
      <?php
      //hij stuurt emails
      //link naar wachtwoordvergeten pagina werkt.
      if(isset($_POST['email'])){
        $email = $_POST['email']; 
        $_SESSION['email'] = $email;
        $token = bin2hex(random_bytes(50));

        //url voor de wachtwoord reset pagina
        $url = sprintf("%s://%s",isset($_SERVER['HTTPS']) && $_SERVER['HTTPS']!='off'?'https':'http',$_SERVER['HTTP_HOST'].dirname($_SERVER['PHP_SELF'])."/wachtwoordreset.php"."&token".$token); //of deze http://localhost/bestelapp/wachtwoordreset.php
        //$url = "<a href='http://localhost/bestelapp/wachtwoordreset.php?key=".$email."&token=".$token."'>Click To Reset password</a>";
        //update prepared statement
        $sql = "UPDATE users SET token=? WHERE email = ? ";
        $stmt = $conn->prepare($sql); 
        $stmt->bind_param('ss', $token, $email);
        $stmt->execute();

        //select prepared statement
        $sql = "SELECT * FROM users WHERE email = ?";
        $stmt = $conn->prepare($sql); 
        $stmt->bind_param("s", $email);
        $stmt->execute();
        $result = $stmt->get_result();

          while ($row = $result->fetch_assoc()) {
            $sql = "SELECT * FROM users WHERE email = ?";
            $stmt = $conn->prepare($sql); 
            $stmt->bind_param("s", $email);
            $stmt->execute();
            
            $result = $stmt->get_result();
            
                while($row = $result-> fetch_assoc()){
                    $klant = $row['username'];
                    $onderwerp = "Wachtwoord wijzigen";
                    $bericht = 'Geachte ' . $klant. ', Uw kunt <a href="'.$url.'">hier</a> uw wachtwoord wijzigen';
                    mailen($email, $klant, $onderwerp, $bericht);
                    //werkt nu? moet nog even test maar doe dat wel op school update is 11-12-2021
                    // echo "<script>window.location.href='../delete.php?order_id=".$order_id."';</script>";
            }
          }
        // $result = mysqli_query($conn,"SELECT * FROM users WHERE email = '$email'");
     
       
        // $count = mysqli_num_rows($result);
        // if($count == 1){
        //echo "Send email to user with password";
            
            // $newtime = date('H:i', time() + 3600);
            // echo $newtime;
        }else{
        echo "email does not exist in database";
        // Location("header: login.php");
        }

            

      ?>
      
   </body>
</html>

What I have tried:

first tried looking at my previous project but can't find what is wrong I also looked on the internet what is going on but can't find my problem

Posted 7-Mar-22 21:18pm

Rebecca2002

Updated 7-Mar-22 22:32pm

v3

Add a Solution

Comments

Richard Deeming 8-Mar-22 3:23am

$sql = "SELECT * FROM users WHERE email = '$email'";

And you were doing so well up to that point! 🤦‍♂️

Your code is vulnerable to SQL Injection[^]. NEVER use string concatenation/interpolation to build a SQL query. ALWAYS use a parameterized query.

PHP: SQL Injection - Manual[^]
PHP: Prepared statements and stored procedures - Manual[^]

Richard Deeming 8-Mar-22 3:24am

Also note that you should never be able to "recover" a password; you should only be able to reset it.

If you can recover the original password, then you're storing passwords insecurely.

Troy Hunt: Everything you ever wanted to know about building a secure password reset feature[^]

Rebecca2002 8-Mar-22 3:28am

yes sorry I meant reset it I couldn't think of the right word in English sorry. but yes I indeed mean reseting the password.

Rebecca2002 8-Mar-22 3:30am

and I fixed the sql injection sorry bout that

1 solution

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Chris Copeland · Answer 1 · 2022-03-07T22:32:00

Your URL looks malformed:

wachtwoordreset.php&tokenbf1abb1bb1b867491230577880c5da540b6a2f8b24d10fcf6a876166a313d9483367576a68ae41add7403af52a4104cc3c3d

Before you can use an ampersand (&) in a URL there must be at least one parameter that's prefixed with a question mark (?), so fixing that would give you the URL:

wachtwoordreset.php?tokenbf1abb1bb1b867491230577880c5da540b6a2f8b24d10fcf6a876166a313d9483367576a68ae41add7403af52a4104cc3c3d

But then also note that GET parameters are delimited by ampersand (&) and separated by an equals (=), which the latter is missing from your URL. You need to separate the token parameter from the actual token value itself using an equals:

wachtwoordreset.php?token=bf1abb1bb1b867491230577880c5da540b6a2f8b24d10fcf6a876166a313d9483367576a68ae41add7403af52a4104cc3c3d

You just need to make adjustments to the part of the code which generates the URL. You can read more about query strings: Query string - Wikipedia[^]