Php reset password process, not sure how to retrive from token -



Php reset password process, not sure how to retrive from token -

i had been reading through many pages resetting password token.

i understand point of getting token link, $_get['token'];

but not next after that, do token? check if exist in database? because read on link cross referencing in reset_password table, dont understand means. looking options send users reset password emails

do check if token exist , pick email on same row? allow user reset password using email?

the thought behind using token security reason.

you create own token using info only visible you.

consider scenario understand reset one's password has specific link , add together email &email={user_email}

that create extremely unsafe.

but if hash token info know of, can like:

&email={user_email}&token={token}

and retrieve token in code, check if fits specific rules or not, , reset email password.

let me give illustration of how hash in way visible , enjoy benefits of safe features.

lets hash using email + today's date:

$token = md5($email+date('y-m-d',time()))

this create token valid today.

php token

Comments

Post a Comment

Popular posts from this blog

model view controller - MVC Rails Planning -

model view controller - MVC Rails Planning - i'm starting rails , i'm building app stores films info, user can watch film , give grade on web application. i have coded cinema model, controller , views. now, have 2 questions: should need create model , controller grading? in case, should create or should wait , create first users model , controller? yes, on model , controller grades. that'd feasible way maintain track of who's graded what. it's create first, i'd start users, since grades depend on both films , users. ruby-on-rails model-view-controller
Read more

ruby on rails - Devise Logout Error in RoR -

ruby on rails - Devise Logout Error in RoR - while using devise in ror, encountering unusual error when trying log out url different root url. displays me : actioncontroller::invalidauthenticitytoken in devise::sessionscontroller#destroy" for illustration if rooting path after log in '/structure', , seek log out '/general' error, while logging out '/structure' fine. any help highly appreciated. ruby-on-rails ruby devise
Read more

html - Submenu setup with jquery and effect 'fold' -

html - Submenu setup with jquery and effect 'fold' - i want open submenu jquery effect fold, problem if user "hover effect" fast menu remain open, how can avoid this, jquery code is: $('ul.mainmenu li').hover( function() { $(this).children('ul').show('fold', 570); }, function() { $(this).children('ul').hide('fold', 500); } ); my jsfiddle link is: http://jsfiddle.net/9wkbf/ updated fiddle the reason behind problem is, first event $(this).children('ul').show('fold', 570); queued , until completes, sec animation not start. the next snippet can workaround $('ul.mainmenu > li').hover( function() { $(this).children('ul').show('fold', 570); }, function() { $('ul:not(.mainmenu)').hide('fold', 500); } ); *important note : work current scenario. jquery html css
Read more