在我的应用程序中,我有一个密码忘记功能,所以如果用户丢失了他们的密码,他们可以点击一个菜单,他们会收到一封带有URL的电子邮件来重置他们的密码。
我想给这个特性加一个时间限制。因此,如果超过一定时间,用户将无法使用电子邮件中发送的相同URL重置密码。
public function password_post()
{
// $email = trim($this->input->get_post('email'));
$data = array (
'username' => $this->input->get_post('username'),
'idcardno' => $this->input->get_post('idcardno')
);
$result = $this->model->user_exist($data);
if ($result) {
$idcardno = $data['idcardno'];
$data['email'] = $this->db->get_where('mytable', array('idcardno' => $idcardno))->row()->email;
$this->send_forgot_password($data);
$this->response(array('success' => 'New password has sent to your email'), 200); // 200 being the HTTP response code
} else {
$this->response(array('error' => 'Your account doesnt exist'), 404);
}
}
,这是发送电子邮件的方法。
private function send_forgot_password($data) {
require(APPPATH.'controllers/mail-master/PHPMailerAutoload.php');
// $email_encode=urlencode($data['email']);
$mail = new PHPMailer;
// $mail->SMTPDebug = 3;
$mail->isSMTP();
$mail->Host = 'mail-id.myweb.com';
$mail->SMTPAuth = true;
$mail->Username = 'testing-alert@myweb.com';
$mail->Password = 'mobile14';
$mail->SMTPSecure = 'tls';
$mail->Port = 25;
$emailcode = md5($this->config->item('salt') . $username);
// Email body
$mail->From = 'testing-alert@myweb.com';
$mail->FromName = 'BNI Life';
$mail->addAddress($data['email']);
$mail->isHTML(true);
$mail->Subject = 'Forgot Password';
$mail->Body =
' ';
$mail->send();
}
在user表中,需要存储发送重置密码邮件的时间戳。
然后,当您验证用户对所提供的重置链接的请求时,必须将数据库中存储的时间戳与当前时间戳进行比较。
类似以下语句的内容:
$diff = time() - $mail_sent_timestamp;
//If $diff > 60*60*24*7,
//Diff greater then 7 days; Don't send the new PW to user.
//Else
//Send new password