WebImpressionen
PWforget?
Zum Passwort holen wird ein Formular benötigt.
Hinweis Menü / Formulare: eMail unter XAMPP Offline testen
das formular
  • <! DOCTYPE html>
  • <html lang = " de "> <head>
  • <meta charset = " UTF-8 ">
  • <meta name = " viewport " content = " width = device-width , initial-scale = 1 . 0 ">
  • <title> Passwort vergessen </title>
  • <meta name = " dcterms.rights " content = " locomputing ">
  • <meta name = " description " content = " Beschreibung der Website ">
  • <meta name = " keywords " content = " Keywords ">
  • <link rel = " stylesheet " href = " https : / / locomputing . de / mustercss / formular_style . css ">

  • </head>
  • <body>

  • <h4> Passwort vergessen? </h4>
  • <p> Bitte geben Sie Ihre Daten ein. </p>

  • <fieldset>

  • <p class = "fehler"> <?php echo $errror;?> </p>
  1. <form method = "post">

  2. <div class = "form-face">
  3. <label for = "uname"> User-Name: <span> * </span> </label>
  4. <span class = "fehler"> <?php echo $names_err ; ?></span>
  5. <input pattern = " [ A - Z ] [ a - z A - Z 0 - 9 _ - ] { 4 , 29 } " required = "required" placeholder = " User-Name " title = " User-Namen eintragen " type = "text" id = "uname" name = "benutzer" maxlength = "32" class = "form-control">
  6. </div>

  7. <div class = "form-face">
  8. <label for = "email"> User-Mail: <span> * </span> </label>
  9. <span class = "fehler"> <?php echo $emails_err ; ?></span>
  10. <input pattern = " ^ [ a - z ] { 2 , } [ \ w . + - ] { 0 , } @ [ a - z 0 - 9 - ] { 2 , 30 } ( [ . ] [ a - z ] { 2 , 3 } ) $ " required = "required" placeholder = " User-Mail " title = " User-Mail eintragen " type = "email" id = "email" name = "usemail" maxlength = "78" class = "form-control">
  11. </div>

  12. <div class = "form-face">
  13. <label> <span> * </span> Felder sind Pflicht! </label>
  14. <input type = "submit" class = "butt button-red" name = "passen" value = "Passwortholen">
  15. <input class = "butt button-red" type = "reset" value = "Reset">
  16. </div>

  17. </form>
  • </fieldset>

  • <p> Passwort vorhanden! <a href = "login.php"> Login hier </a> </p>

  • </body>
  • </html>
die pwforget.php
<?php
  • // Datenbank verbindung einfügen
    if ( file_exists ( ' db_conect.php ' ) = = true ) { require ( ' db_conect.php ' ) ; }

    • // Sitzung starten
  1. session_start ( ) ;

    • // Prüfen ob User eingeloggt ist
  2. if ( isset ( $_SESSION [ " loggedin " ] ) & & $_SESSION [ " loggedin " ] = = = true )
  3. {
  4. header ( "Location : welcome.php " ) ; exit ;
  5. }

    • // eMail-Absender unbedingt ändern!
      $mail_absender = " POSTMASTER-DOMAIN.DE " ;

    • // Variablen definieren und auf leere Werte setzen
  6. $names = $emails = $errror = " " ;
  7. $names_err = $emails_err = " " ;

    • // Formulardaten werden verarbeitet, wenn das Formular gesendet wird
  8. if ( isset ( $_POST [ ' passen ' ] ) && $_POST [ ' passen ' ] = = 'Passwortholen' )
  9. {

    • // POST für Username prüfen
  10. $postname = isset ( $_POST [ ' benutzer ' ] ) ? $_POST [ ' benutzer ' ] : " " ;
  11. if ( empty ( $postname ) )
  12. {
  13. $names_err = ' ERROR Da stimmt was nicht ! ' ;
  14. }
  15. elseif ( ( strlen ( trim ( $postname ) ) < 5 ) | | ( strlen ( trim ( $postname ) ) ) > 30 )
  16. {
  17. $names_err = ' ERROR Da stimmt was nicht ! ' ;
  18. }
  19. else
  20. {
  21. $names = htmlspecialchars ( $postname ) ;
  22. if ( ! preg_match ( " / ^ [ A - Z ] + [ a - z A - Z 0 - 9 - _ ' ] * $ / " , $names ) )
  23. {
  24. $names_err = ' ERROR Da stimmt was nicht ! ' ;
  25. }
  26. if ( $names = = = false )
  27. {
  28. $names_err = ' ERROR Da stimmt was nicht ! ' ;
  29. }
  30. }

    • // POST für eMail prüfen
  31. $postmail = isset ( $_POST [ ' usemail ' ] ) ? $_POST [ ' usemail ' ] : " " ;
  32. if ( empty ( $postmail ) )
  33. {
  34. $emails_err = ' ERROR Da stimmt was nicht ! ' ;
  35. }
  36. else
  37. {
  38. $emails = filter_var ( htmlspecialchars ( $postmail ) , FILTER_VALIDATE_EMAIL ) ;
  39. if ( ! preg_match ( " / ^ ( [ a - z 0 - 9 \ + _ \ - ] + ) * @ ( [ a - z 0 - 9 \ - ] { 2 , 30 } + \ . ) + [ a - z ] { 2 , 3 } $ / i x " , $emails ) )
  40. {
  41. $emails_err = ' ERROR Da stimmt was nicht ! ' ;
  42. }
  43. if ( $emails = = = false )
  44. {
  45. $emails_err = ' ERROR Da stimmt was nicht ! ' ;
  46. }
  47. }

    • // Keine Fehler Formular Inhalt ausführen
  48. if ( empty ( $names_err ) & & empty ( $emails_err ) )
  49. {



    • // Prüfen ob User-Name, User-Mail und Berechtigung(active & block) vorhanden ist
  50. $stmt = $sqli -> prepare ( " SELECT username , usermail FROM usertable WHERE username = ? and usermail = ? and active = ? and block = ? " ) ;
  51. $user = trim ( $names ) ;
  52. $email = trim ( $emails ) ;
  53. $aktiv = IntVal ( 1 ) ;
  54. $blok = IntVal ( 0 ) ;
  55. $stmt -> bind_param ( ' s s i i ' , $user , $email , $aktiv , $blok ) ;
  56. $result = $stmt -> execute ( ) ;
  57. $stmt -> store_result ( ) ;
  58. if ( $stmt -> num_rows = = 0 )
  59. {
    • // Prüfen ob User-Name, User-Mail und Berechtigung(active & block) vorhanden ist
  60. $stmt = $pdo -> prepare ( " SELECT username , usermail FROM usertable WHERE username = ? and usermail = ? and active = ? and block = ? " ) ;
  61. $user = trim ( $names ) ;
  62. $email = trim ( $emails ) ;
  63. $aktiv = IntVal ( 1 ) ;
  64. $blok = IntVal ( 0 ) ;
  65. $stmt -> execute ( array ( $user , $email , $aktiv , $blok ) ) ;
  66. if ( $stmt -> rowCount ( ) = = 0 )
  67. {

    • // Passwort String erstellen
  68. function PasswString ( $length = 16 )
  69. {
  70. return substr ( str_shuffle ( str_repeat ( $x = ' 0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ*+~#,.-_:; ' , ceil ( $length / strlen ( $x ) ) ) ) , 1 , $length ) ;
  71. }

    • // Passwort String als Variable
  72. $psw = PasswString ( ) ;


    • // User-Name und User-Mail für eMailversand auswählen
  73. $stmt = $sqli -> prepare ( ' SELECT id , username , usermail FROM usertable WHERE username = ? and active = ? and block = ? ' ) ;
  74. $name = trim ( $names ) ;
  75. $email = trim ( $email ) ;
  76. $aktiv = IntVal ( 1 ) ;
  77. $blok = IntVal ( 0 ) ;
  78. $stmt -> bind_param ( ' s i i ' , $name , $aktiv , $blok ) ;
  79. $stmt -> execute ( ) ;
  80. $result = $stmt -> get_result ( ) ;
  81. while ( $ul = $result -> fetch_assoc ( ) )
  82. {

    • // Daten für text/eMail versand sortieren
  83. $empfaenger = trim ( $email ) ;
  84. $betreff = "Passwort vergessen \n " ;
  85. $from = "From: " . $mail_absender . " \n " ;
  86. $text = "Hallo: " . $names . " \n " ;
  87. $text . = "Dein Passwort: " . $psw . " \n " ;

    • // Formulareingaben versenden
  88. mail ( $empfaenger , $betreff , $text , $from ) ;

    • // Passwort-String hashen
  89. $passw = password_hash ( $psw , PASSWORD_DEFAULT ) ;
  90. $stmt = $sqli -> prepare ( ' UPDATE usertable SET userpass = ? WHERE id = ? ' ) ;
  91. $password = $sqli -> real_escape_string ( $passw ) ;
  92. $id = IntVal ( $ul [ ' id ' ] ) ;
  93. $stmt -> bind_param ( ' s i ' , $password , $id ) ;
  94. $stmt -> execute ( ) ;
  95. }

    • // User-Name und User-Mail für eMailversand auswählen
  96. $stmt = $pdo -> prepare ( ' SELECT id , username , usermail FROM usertable WHERE username = ? and active = ? and block = ? ' ) ;
  97. $name = trim ( $names ) ;
  98. $email = trim ( $email ) ;
  99. $aktiv = IntVal ( 1 ) ;
  100. $blok = IntVal ( 0 ) ;
  101. $stmt -> execute ( array ( $name , $aktiv , $blok ) ) ;
  102. while ( $ul = $stmt -> fetch ( PDO : : FETCH_ASSOC ) )
  103. {

    • // Daten für text/eMail versand sortieren
  104. $empfaenger = trim ( $email ) ;
  105. $betreff = "Passwort vergessen \n " ;
  106. $from = "From: " . $mail_absender . " \n " ;
  107. $text = "Hallo: " . $names . " \n " ;
  108. $text . = "Dein Passwort: " . $psw . " \n " ;

    • // Formulareingaben versenden
  109. mail ( $empfaenger , $betreff , $text , $from ) ;

    • // Passwort-String hashen
  110. $passw = password_hash ( $psw , PASSWORD_DEFAULT ) ;
  111. $stmt = $pdo -> prepare ( ' UPDATE usertable SET userpass = ? WHERE id = ? ' ) ;
  112. $password = trim ( $passw ) ;
  113. $id = IntVal ( $ul [ ' id ' ] ) ;
  114. $stmt -> execute ( array ( $password , $id ) ) ;
  115. }

    • // Erfolgs-Meldung ausgeben
  116. echo ' <p> Die Daten wurden an die eingetragene eMail-Adresse versand. <br/>zum <a href = "login.php"> Login </a> </p> ' ; exit ;
  117. }
  118. else
  119. {
  120. $errror = ' ERROR Da stimmt was nicht ! ' ;
  121. }
  122. }
  123. }
?>
 Hier wird das formular eingefügt.