我應該將$ get值與存儲的relavent db值進行比較嗎？

Question

我想實現在codeigniter中重置用戶密碼。

我創建了一個表單，用戶發送他們的電子郵件，並在'重置'表中創建一行，存儲它們創建的令牌，以及將鏈接發送到電子郵件的令牌。

最後一步實際上是重置密碼。在檢查附加到電子郵件中的令牌與存儲在與該電子郵件相關的數據庫中的令牌時，我不理解如何做出正確的比較，或者如果這是正確的方式去做。

在當前的代碼中，我無法通過驗證並實際重置密碼。這裏是我的代碼：

這是創建令牌和發送電子郵件的模式：

public function validate_retrieve($data) { 

      $query = $this->db->where($data)->get('users', '1'); 

      foreach ($query->result() as $user) 
      { 
       $user->email; 
       $user->salt; 
       $user->id; 

      } 

      $token = sha1($user->email.$user->salt).dechex($user->id); 
      $reset_token = array(
       'token' => $token, 
       'email' => $user->email 
      ); 

      $insert = $this->db->insert('reset', $reset_token, '1'); 
      return $reset_token; 
     } 

和控制器：

public function retrieve() 
     // REQUEST PASSWORD RESET 
     // LOADED WHEN THE FORM IS SUBMITTED OFF THE PASSWORD PAGE AND SENDS THE EMAIL WITH TOKEN AND INSTRUCTIONS 
     { 
      $this->load->library('form_validation'); 
      $this->load->library('session'); 
      $this->form_validation->set_rules('email', 'Email', 'trim|required|valid_email'); 
      $this->load->model('user_model', 'um'); 
      $this->load->library('encrypt'); 
      $this->load->helper('url'); 
      $submit = $this->input->post('submit'); 
      $salt = $this->_salt(); 

      if($submit) 
      // IF THE SUBMIT BUTTON IS SET 
      { 

       // START PROCESS TO CREATE $USER VARIABLE THAT HOLDS WHAT THE USER ENTERED IN THE FORM AND THAT CAN GET CHECKED AGAINST THE DB IN THE MODEL 
       $user = $this->um->validate_retrieve(array('email' => $this->input->post('email'))); 


       // IF THE USER IS CREATED AND CHECKS OUT AND ALL OF THE ERRORS ARE CLEARED ON THE FORM 
       if($user && $this->form_validation->run() == TRUE) { 

        $domain = "clci.dev/index.php"; 

        // CREATE A TOKEN LINK TO SEND TO THE USERS EMAIL THAT EXIST IN THE DB AND WAS ENTERED 

        $token = $user['token']; 
        $link = "http://www.".$domain."/auth/reset/?token=$token"; 


         $this->load->library('email'); 

         $this->email->from('noreply@cysticlife.org', 'CysticLife'); 
         $this->email->to($this->input->post('email')); 

         $this->email->subject('Reset Password'); 
         $this->email->message("Please go to the following web address to reset your password:\n\n$link\n\n-Your friends at CysticLife\n\nPlease remember to add the cysticlife.org domain to your address book to ensure that you receive your CysticLife e-Notifications as requested."); 

         $this->email->send(); 
         redirect('auth/success'); 
         exit; 

        } 
        $this->form_validation->run() == FALSE; 
        $data['main_content'] = 'auth/password'; 
        $this->load->view('includes/templates/main_page_template', $data); 
        $data['email_error'] = 'This email is invalid'; 
       } 
      } 

現在這裏是我遇到的麻煩是什麼，該模型用於重置：

public function verify_token($token) 
      { 
      $this->db->where('token', $token); 
      $query = $this->db->get('reset'); 

      if ($query->num_rows() == 1) { 

       return TRUE; 
      } else { 
       return FALSE; 

      } 
      } 

      public function reset_password() 
      { 
       $salt = $this->_salt(); 
       $query = $this->db->get('reset', 1); 
       $row = $query->row(); 

       $data = array(
         'password' => $this->encrypt->sha1($salt . $this->encrypt->sha1($this->input->post('password'))), 
         'salt' => $salt 
        ); 
       $this->db->where('email', $row->email); 
       $this->db->update('users', $data); 
      } 

和控制器：

public function reset_password() 
      { 
      $this->load->library('form_validation'); 
      $this->load->library('session'); 
      $this->load->model('user_model', 'um'); 
      $this->load->library('encrypt'); 
      $this->load->helper('url'); 
      $this->form_validation->set_rules('password', 'Password', 'trim|required'); 
      $this->form_validation->set_rules('password2', 'Confirm Password', 'trim|required|matches[password]'); 
      $salt = $this->_salt(); 
      $submit = $this->input->post('submit'); 


      if($submit) 
      { 
       $validToken = $this->um->verify_token($token); 
       if($this->form_validation->run() == TRUE && $validToken == TRUE) 
       { 

       $this->um->reset_password(array('password' => $this->input->post('password', $salt))); 


       $data['main_content'] = 'auth/success'; 
       $this->load->view('includes/templates/home_page_template', $data); 

       } 
       $this->form_validation->run() == FALSE; 
      $data['main_content'] = 'auth/reset'; 
      $this->load->view('includes/templates/main_page_template', $data); 
      } 
      } 

我似乎非常接近，但我肯定卡住了。任何幫助是極大的讚賞。

Answer 1

http://yoursitename.com/reset/[hashcode] 

發送鏈接到會員郵箱，密碼已被用戶重置。

的網站，你將獲取散列碼與數據庫進行比較

public function reset($hashcode) 
{ 
    if($hashcode!=null) 
    { 
     // compare with db 
     // if success 
     // redirect to create new password page 
     // or show create new password form 
    } 
}