在yii中,我使用安全问题创建密码重置功能.首先,用户需要输入他的电子邮件ID.我在创建emailform.php views->User1作为
<?php
$form=$this->beginWidget('CActiveForm', array(
'id'=>'email-form',
'enableClientValidation'=>true,
));
echo CHtml::textField('email');
echo CHtml::submitButton('Send');
$this->endWidget();
在控制器中我创建了方法as
public function actionPassword() {
if (isset($_POST['email'])) {
$email = $_POST['email'];
//process email....
//....
}
$this->render('_emailForm');
}
现在我想检查User表中是否存在此电子邮件ID.如果确实如此,那么我想向他展示一个安全问题.我该如何实现呢?
这将帮助您入门,您将在控制器中放置一个类似于此的方法,并在其上创建一个带有密码字段的视图.
public function actionPassword() {
if(isset($_POST['email'])) {
$record=User::model()->find(array(
'select'=>'email',
'condition'=>'email=:email',
'params'=>array(':email'=>$_POST['email']))
);
if($record===null) {
$error = 'Email invalid';
} else {
$newpassword = 'newrandomgeneratedpassword';
$record->password = $this->hash_password_secure($newpassword);
$record->save(); //you might have some issues with the user model when the password is protected for security
//Email new password to user
}
} else {
$this->render('forgetPassword'); //show the view with the password field
}
}