php - ユーザー名回復コードが期待どおりに機能しない

Question

私は私が働いている会社のサイトに取り組んでいます。ユーザーは登録してログインする必要があります。すべてのデータは SQL データベースに保存されます。メールでユーザー名を復元するための「失われたユーザー名」フォームを追加しようとしています。今...私はコーダーではありません。私はかなり才能のあるコードスキマーです。これを除いて、彼らが要求したすべてを正常に完了しました。なぜそれが機能していないのか完全には理解できません.私は助けを求める時が来たと考えました.

ここに私のコントローラからのコードがあります:

        function forgot_pass(){

          $data['page_title']=" Forgot Password ";
          $data['item']="Password";

          // initializing db keys
          $data['table_name'] ="physicians";
          $data['primary_key_name']="physician_id";

           //BOF Edit physician
           if( isset( $_REQUEST['physician_forgot_pass'] ) ){

              if ($this->form_validation->run('physician_forgot_pass'))
              {
                $physician_row=$this->model_site->check_physcian_retrive_password( $_REQUEST['username'],  encode_decode($_REQUEST['email'],'encode')  );
                //echo "<pre />"; print_r($physician_row); die;
                if($physician_row){

                    $physician_exist=1;

                    if($physician_row['approved']==1){ 

                       //Generate new Randmo password
                       $this->load->helper( 'get_random_password' );
                       $new_password=get_random_password(); //echo $new_password; die;

                       $update_data=array(
                                        'password'   => md5($new_password)
                                      );
                       $this->model_site->update_table('physicians', $update_data, 'username', $_REQUEST['username']  );


                       $this->load->helper( 'email_send' );

                       //GET SENDER EMAIL ADDRESS
                       $data['email_data']=$this->model_cms->get_single_record( 'email', 'email_id', 1 );
                       //echo "<pre />"; print_r($data['email_data']); die;

                       //Sending Mail To Physician
                       $physician_email = encode_decode($physician_row['email'],'decode');

                       $data['physician_email_msg']="Your New Password is ".$new_password;
                       $data['email_sent']=email_send( $data['email_data']['email'], $data['email_data']['email_name'], $physician_email  , "Retrive Password", $data['physician_email_msg']);
                       if($data['email_sent']){
                              $data['status']=1;
                              $data['status_message']="Your password has been sent to your mail at ".$physician_email;
                              $data['notification']=  array(
                                                        "notify_type"  => "notify_site_success",
                                                        "notify_message"   => $data['status_message']
                                                     );

                              //insert to audit log table
                              $audit_log_details="Physician <b>".encode_decode($physician_row['name'],'decode')."</b> ( Username : <b>".$physician_row['username']."</b> ) requested for retrieving lost passwords. A new password was sent to Physician. Email Address of the Physician is  <i>".$physician_email."</i> . ";
                              $audit_log_id = $this->model_cms->add_audit_log_record( $physician_row['physician_id'] , $physician_row['username'] , 'physician', "Retrieving lost passwords request ", $audit_log_details, time() );

                              $data['nbc_email_msg']=$audit_log_details."Here is the email below \n Your New Password is ".$new_password;
                              $data['email_sent']=email_send( $data['email_data']['email'], $data['email_data']['email_name'], $data['email_data']['email'], "Retrive Password", $data['nbc_email_msg']);
                       }
                       else {
                          $data['status']=0;
                          $data['status_message']="Error in sending mail to National Biological Corporation. Please try again later";
                          $data['notification']=  array(
                                                    "notify_type"  => "notify_site_error",
                                                    "notify_message"   => $data['status_message']
                                                 );
                       }

                    }
                    else {
                         $data['status']=0;
                         $data['status_message']="Your account is not approved yet. you will be able to request for retrive password after your account is approved.";
                         $data['notification']=  array(
                                                    "notify_type"  => "notify_site_error",
                                                    "notify_message"   => $data['status_message']
                                                 );
                    }
                }
                else {
                         $data['status']=0;
                         $data['status_message']="Sorry! Could not found physcian with this username and email.";
                         $data['notification']=  array(
                                                    "notify_type"  => "notify_site_error",
                                                    "notify_message"   => $data['status_message']
                                                 );
                }
              }
            }
           //EOF Edit physician

          $this->load->view('site/view_header',$data);
          $this->load->view('site/view_left_panel',$data);
          $this->load->view('site/view_physician_forgot_password',$data);
          $this->load->view('site/view_footer');
    }

    function forgot_userid(){

          $data['page_title']=" Forgot Username ";
          $data['item']="Username";

          // initializing db keys
          $data['table_name'] ="physicians";
          $data['primary_key_name']="physician_id";

           //BOF Edit physician
           if( isset( $_REQUEST['physician_forgot_userid'] ) ){

              if ($this->form_validation->run('physician_forgot_userid'))
              {
                $physician_row=$this->model_site->check_physician_get_userid( $_REQUEST['dea_number'],  encode_decode($_REQUEST['email'],'encode')  );
                //echo "<pre />"; print_r($physician_row); die;
                if($physician_row){

                    $physician_exist=1;

                    if($physician_row['approved']==1){ 

                        $this->load->helper( 'email_send' );

                       //GET SENDER EMAIL ADDRESS
                       $data['email_data']=$this->model_cms->get_single_record( 'email', 'email_id', 1 );
                       //echo "<pre />"; print_r($data['email_data']); die;

                       //Sending Mail To Physician
                       $physician_email = encode_decode($physician_row['email'],'decode');

                       $data['physician_email_msg']="According to our records, your registered username is ".$physician_row['username'];
                       $data['email_sent']=email_send( $data['email_data']['email'], $data['email_data']['email_name'], $physician_email  , "Your requested username reminder from phototherapydoctor.com", $data['physician_email_msg']);
                       if($data['email_sent']){
                              $data['status']=1;
                              $data['status_message']="Your username has been sent to your mail at ".$physician_email;
                              $data['notification']=  array(
                                                        "notify_type"  => "notify_site_success",
                                                        "notify_message"   => $data['status_message']
                                                     );

                              //insert to audit log table
                              $audit_log_details="Physician <b>".encode_decode($physician_row['name'],'decode')."</b> ( Username : <b>".$physician_row['username']."</b> ) requested for retrieving lost passwords. A new password was sent to Physician. Email Address of the Physician is  <i>".$physician_email."</i> . ";
                              $audit_log_id = $this->model_cms->add_audit_log_record( $physician_row['physician_id'] , $physician_row['username'] , 'physician', "Retrieving lost passwords request ", $audit_log_details, time() );

                              $data['nbc_email_msg']=$audit_log_details."Here is the email below \n Your New Password is ".$physician_row['username'];
                              $data['email_sent']=email_send( $data['email_data']['email'], $data['email_data']['email_name'], $data['email_data']['email'], "Retrive Password", $data['nbc_email_msg']);
                       }
                       else {
                          $data['status']=0;
                          $data['status_message']="Error in sending mail to National Biological Corporation. Please try again later";
                          $data['notification']=  array(
                                                    "notify_type"  => "notify_site_error",
                                                    "notify_message"   => $data['status_message']
                                                 );
                       }

                    }
                    else {
                         $data['status']=0;
                         $data['status_message']="Your account is not approved yet. You will be able to request username after your account is approved.";
                         $data['notification']=  array(
                                                    "notify_type"  => "notify_site_error",
                                                    "notify_message"   => $data['status_message']
                                                 );
                    }
                }
                else {
                         $data['status']=0;
                         $data['status_message']="Sorry! We could not find a physician with this DEA number and email.";
                         $data['notification']=  array(
                                                    "notify_type"  => "notify_site_error",
                                                    "notify_message"   => $data['status_message']
                                                 );
                }
              }
            }
           //EOF Edit physician

          $this->load->view('site/view_header',$data);
          $this->load->view('site/view_left_panel',$data);
          $this->load->view('site/view_physician_forgot_userid',$data);
          $this->load->view('site/view_footer');
    }

これが私のモデルのチャンクです...：

  function check_physician_get_userid( $dea_number, $email ) {  //check if physcian exist with this dea number and password

    $query = $this->db->get_where( "physicians", array( "dea_number" => $dea_number , "email" => $email ) ) ;

    if( $query->num_rows() > 0 ) {
        return $query->row_array();
    }
    else {
        return false;
    }

} //end check_physcian_retrive_userid

ここに私の form_validation エントリがあります:

                  'physician_forgot_userid'=> array(
                               array(
                                        'field' => 'dea_number',
                                        'label' => 'DEA Number',
                                        'rules' => 'required'
                                     ),
                               array(
                                        'field' => 'email',
                                        'label' => 'Email',
                                        'rules' => 'required|valid_email'
                                     )
                                ),

そして最後に、私の見解：

<div class="middle_panel">

 <p style="color:#424A8D;font-family:Verdana,Arial,Helvetica,sans-serif;font-size:15pt;font-weight:bold;">Retrieve Lost Username</p>

 <div class="physician_join_form">

    <?php echo  form_open('physician/forgot_userid'); ?>

       <div class="register_box_text">DEA Number : </div>
       <div class="register_box_field">
         <input name="dea_number" id="dea_number" value="<?php echo set_value('dea_number'); ?>" type="dea_number" size="20">
         <?php echo form_error('dea_number'); ?>
       </div>

       <div class="register_box_text">Email : </div>
       <div class="register_box_field">
         <input name="email" id="email" value="<?php echo set_value('email'); ?>" type="email" size="20">
         <?php echo form_error('email'); ?>
       </div>

       <div class="register_box_text" style="background:#F9F9F9;"> &nbsp; </div>
       <div class="register_box_field">
          <input type="submit" id="physician_forgot_userid" name="physician_forgot_userid" value="Submit">
       </div>

    <?php echo form_close(); ?>

 </div>

score 1 · Accepted Answer

ビューで: DEA 番号フィールドの入力タイプを有効な入力タイプに変更します: [ただし、これでは問題は解決しません。]

type="dea_number"
physiciansテーブルからすべての詳細を取得する別の関数とモデルを作成するだけです。

コントローラー:現在のコントローラーの内部。



    function fetch_details_ctrl($dea_number) {
           if(!empty($dea_number)) {
               $result = $this->model_cms->fetch_details_model($dea_number);
               print_r($result);
           }
           else
               echo 'Pls. provide a DEA NUMBER';
    }

モデル: models/model_cms.php 内



    function fetch_details_model($dea_number) {
       $query = $this->db->get_where("physicians",array("dea_number"=>$dea_number));
       if( $query->num_rows() > 0 ) {
           return $query->row_array();
       }
       else {
           return false;
       }
    }

次のようにコントローラー関数を呼び出します: http://{YOURSITE}.com/{CONTROLLER_NAME}/fetch_details_ctrl/[DEA_NUMBER]
DEA_NUMBER は、ユーザーが回復ビューで提供される入力フィールドに入力するものである必要があります。
これで結果が得られた場合、問題は厳密には正確な数値ではないことを意味します。そうでない場合、次の 2 つの理由が考えられます
。 1. ユーザーが入力した DEA 番号がデータベースに存在しない。
2. メールアドレスの暗号化に問題がありますが、逆に正しく機能していることは明らかでした [パスワードを忘れた]。しかし、私はそのコードを見たことがないので、まだ疑いがあります。

php - ユーザー名回復コードが期待どおりに機能しない

1 に答える 1

Related

Reference