これは私のコーディングです: for forget_pass.php
<?php
include_once("php_includes/check_login_status.php");
// If user is already logged in, header that weenis away
if($user_ok == true){
header("location: user.php?u=".$_SESSION["username"]);
exit();
}
?><?php
// AJAX CALLS THIS CODE TO EXECUTE
if(isset($_POST["e"])){
$e = mysqli_real_escape_string($db_conx, $_POST['e']);
$sql = "SELECT id, username FROM users WHERE email='$e' AND activated='1' LIMIT 1";
$query = mysqli_query($db_conx, $sql);
$numrows = mysqli_num_rows($query);
if($numrows > 0){
while($row = mysqli_fetch_array($query, MYSQLI_ASSOC)){
$id = $row["id"];
$u = $row["username"];
}
$emailcut = substr($e, 0, 4);
$randNum = rand(10000,99999);
$tempPass = "$emailcut$randNum";
$hashTempPass = md5($tempPass);
$sql = "UPDATE useroptions SET temp_pass='$hashTempPass' WHERE username='$u' LIMIT 1";
$query = mysqli_query($db_conx, $sql);
$to = "$e";
$from = "auto_responder@digibeem.com";
$headers ="From: $from\n";
$headers .= "MIME-Version: 1.0\n";
$headers .= "Content-type: text/html; charset=iso-8859-1 \n";
$subject ="DigiBeem Account Temporary Password Request";
$msg = '<h2>Hello '.$u.'</h2><p>This is an automated message from digibeem. If you did not recently initiate the Forgot Password process, please disregard this email.</p><p>You indicated that you forgot your login password. We can generate a temporary password for you to log in with, then once logged in you can change your password to anything you like.</p><p>After you click the link below your password to login will be:<br /><b>'.$tempPass.'</b></p><p><a href="http://www.digibeem.com/forgot_pass.php?u='.$u.'&p='.$hashTempPass.'">Click here now to apply the temporary password shown below to your account</a></p><p>If you do not click the link in this email, no changes will be made to your account. In order to set your login password to the temporary password you must click the link above.</p>';
if(mail($to,$subject,$msg,$headers)) {
echo "success";
exit();
} else {
echo "email_send_failed";
exit();
}
} else {
echo "no_exist";
}
exit();
}
?><?php
// EMAIL LINK CLICK CALLS THIS CODE TO EXECUTE
if(isset($_GET['u']) && isset($_GET['p'])){
$u = preg_replace('#[^a-z0-9]#i', '', $_GET['u']);
$temppasshash = preg_replace('#[^a-z0-9]#i', '', $_GET['p']);
if(strlen($temppasshash) < 10){
exit();
}
$sql = "SELECT id FROM useroptions WHERE username='$u' AND temp_pass='$temppasshash' LIMIT 1";
$query = mysqli_query($db_conx, $sql);
$numrows = mysqli_num_rows($query);
if($numrows == 0){
header("location: message.php?msg=There is no match for that username with that temporary password in the system. We cannot proceed.");
exit();
} else {
$row = mysqli_fetch_row($query);
$id = $row[0];
$sql = "UPDATE users SET password='$temppasshash' WHERE id='$id' AND username='$u' LIMIT 1";
$query = mysqli_query($db_conx, $sql);
$sql = "UPDATE useroptions SET temp_pass='' WHERE username='$u' LIMIT 1";
$query = mysqli_query($db_conx, $sql);
header("location: login.php");
exit();
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Password Recovery</title>
<!-- CSS -->
<link rel="stylesheet" href="css/style.css" type="text/css" media="screen" />
<!--[if IE 6]>
<link rel="stylesheet" type="text/css" media="screen" href="css/ie-hacks.css" />
<script type="text/javascript" src="js/DD_belatedPNG.js"></script>
<script>
/* EXAMPLE */
DD_belatedPNG.fix('*');
</script>
<![endif]-->
<!--[if IE 7]>
<link rel="stylesheet" href="css/ie7-hacks.css" type="text/css" media="screen" />
<![endif]-->
<!--[if IE 8]>
<link rel="stylesheet" href="css/ie8-hacks.css" type="text/css" media="screen" />
<![endif]-->
<!-- ENDS CSS -->
<!-- prettyPhoto -->
<link rel="stylesheet" href="js/prettyPhoto/css/prettyPhoto.css" type="text/css" media="screen" />
<!-- ENDS prettyPhoto -->
<!-- JS -->
<script type="text/javascript" src="js/jquery_1.4.2.js"></script>
<script type="text/javascript" src="js/jqueryui.js"></script>
<script type="text/javascript" src="js/easing.js"></script>
<script type="text/javascript" src="js/jquery.cycle.all.js"></script>
<script type="text/javascript" src="js/tooltip/jquery.tools.min.js"></script>
<script type="text/javascript" src="js/filterable.pack.js"></script>
<script type="text/javascript" src="js/prettyPhoto/js/jquery.prettyPhoto.js"></script>
<script type="text/javascript" src="js/chirp.js"></script>
<script type="text/javascript" src="js/jquery.tabs/jquery.tabs.pack.js"></script>
<script type="text/javascript" src="js/custom.js"></script>
<!-- ENDS JS -->
<!-- Cufon -->
<script src="js/cufon-yui.js" type="text/javascript"></script>
<script src="js/fonts/bebas-neue_400.font.js" type="text/javascript"></script>
<!-- /Cufon -->
<!-- superfish -->
<link rel="stylesheet" type="text/css" media="screen" href="css/superfish-custom.css" />
<script type="text/javascript" src="js/superfish-1.4.8/js/hoverIntent.js"></script>
<script type="text/javascript" src="js/superfish-1.4.8/js/superfish.js"></script>
<!-- ENDS superfish -->
<!-- tabs -->
<link rel="stylesheet" href="css/jquery.tabs.css" type="text/css" media="print, projection, screen" />
<!-- Additional IE/Win specific style sheet (Conditional Comments) -->
<!--[if lte IE 7]>
<link rel="stylesheet" href="css/jquery.tabs-ie.css" type="text/css" media="projection, screen">
<![endif]-->
<!-- ENDS tabs -->
<style type="text/css">
#forgotpassform{
margin-top:24px;
}
#forgotpassform > div {
margin-top: 12px;
}
#forgotpassform > input {
width: 250px;
padding: 3px;
background: #F3F9DD;
}
#forgotpassbtn {
font-size:15px;
padding: 10px;
}
</style>
<script src="js/main.js"></script>
<script src="js/ajax.js"></script>
<script>
function forgotpass(){
var e = _("email").value;
if(e == ""){
_("status").innerHTML = "Type in your email address";
} else {
_("forgotpassbtn").style.display = "none";
_("status").innerHTML = 'please wait ...';
var ajax = ajaxObj("POST", "forgot_pass.php");
ajax.onreadystatechange = function() {
if(ajaxReturn(ajax) == true) {
var response = ajax.responseText;
if(response == "success"){
_("forgotpassform").innerHTML = '<h3>Step 2. Check your email inbox in a few minutes</h3><p>You can close this window or tab if you like.</p>';
} else if (response == "no_exist"){
_("status").innerHTML = "Sorry that email address is not in our system";
} else if(response == "email_send_failed"){
_("status").innerHTML = "Mail function failed to execute";
} else {
_("status").innerHTML = "An unknown error occurred";
}
}
}
ajax.send("e="+e);
}
}
</script>
</head>
<body>
<!-- HEADER --><?php include 'header.php' ?><!-- ENDS HEADER -->
<!-- MAIN -->
<div id="main">
<!-- wrapper -->
<div class="wrapper">
<!-- content -->
<div class="content">
<div class="title-holder">
<span class="title"><h2>Password Recovery Corner...</h2></span>
<span class="subtitle"><b></b></span> </div>
<!-- POSTS -->
<div align="center">
<h3>Generate a temorary log in password</h3>
<form id="forgotpassform" onsubmit="return false;">
<div>Step 1: Enter Your Email Address</div>
<input id="email" type="text" onfocus="_('status').innerHTML='';" maxlength="88">
<br /><br />
<button id="forgotpassbtn" onclick="forgotpass()">Generate Temporary Log In Password</button>
<p id="status"></p>
</form>
</div>
<!-- ENDS POSTS -->
<!-- sidebar -->
<!-- ENDS sidebar -->
</div>
<!-- ENDS content-blog -->
<div class="shadow-divider"></div>
</div>
<!-- ENDS main-wrapper -->
</div>
<!-- ENDS MAIN -->
<?php include 'footer_social.php' ?>
<!-- start cufon -->
<script type="text/javascript"> Cufon.now(); </script>
<!-- ENDS start cufon -->
</body>
</html>
上記のコーディングは、パスワードを忘れたシステムのコーディングです。私が試みたが失敗しました。そしてこれがラインNo. 55、私はこの問題に非常に悩まされているので、これを機能させる方法を教えてください。または行のいくつかのテキスト。
$numrows = mysqli_num_rows($query);