PHP Build table management, send URL to achieve member retrieve password function

Most of the Web site has a user registration, users to forget the password after registration is often the case, so have to "find password" this function. Commonly used "Retrieve the password" usually has the mailbox to retrieve the password and the short message retrieve the password two kinds, here only discusses through sends the Mail realizes "retrieves the password" the function. How to send a message through a script, a previous article has introduced the "Windows use PHP with the mail function to implement a simple mail send instance."

The user applies to retrieve the password by filling in the user name or user ID and the mailbox that was filled in before the registration. We know that the site's User information table in the Password field, is encrypted, and is irreversible (that is, even if the administrator opened this table, also can not see what the password is, to prevent the information table is stolen so that the user information leakage), that is, the user application to retrieve the password is actually found not to return the original password, What we want to do is randomly generate a new password to send to the user's mailbox, so that users login to change the password as soon as possible. The above process seems very simple, in fact, there are many places to pay attention to.

First, if some malicious person knows someone else's username and mailbox, if we "retrieve the password" Implementation is a such submission will immediately reset the password sent to the user's mailbox, it will cause malicious destruction, I although the IQ is not high, but such a way is not dare to think.

Second, as mentioned, we received "Retrieve password" application, sent to the user's mailbox should be a confirmation link, only the user login mailbox Click Link Confirmation, we will reset the password, reminding users to modify in time. As for this link, that is, how the URL should be constructed, to confirm that this is the URL we sent out, the total can not be the URL of the malicious people to change, we have to reset the password bar. Online about this, there are two main arguments, is to do not create a new password table management URL.

1, not to build the table

Constructs the URL directly. url=findpwd?id= User id&email= Mailbox &confirmcode= confirmation code. This confirmation code can be (user id+ original password + mailbox, etc.) encrypted, as long as you can receive this URL, according to similar user ID and mailbox information query user Information table, read the predetermined field (that is, the construction of the confirmation code required fields) to reconstruct the confirmation code, and received the confirmation code to compare, Correct reset password, failure means that this is not the URL we sent out. Some people say that this confirmation code can add a random field more secure, such as "Confirmation code = encryption (user id+ original password + Mail +time ())", but I do not want to, if not save this confirmation code or this random field, when we again construct the confirmation code and received the confirmation code contrast, how to construct.

2, build the table

The table structure is roughly as follows

ID Cteatetime (creation time) Confirmcode (confirmation code) visitnum (number of visits)

A user application to retrieve the password, we will create a new record, this createtime can be a timestamp, such as we specify that the URL is valid for 24 hours, is by obtaining the current timestamp and the field comparison can be, beyond the validity of the user to prompt the URL has expired. Confirmcode and no table construction, you can add random fields at this time. Visitnum can be placed in advance we allow the number of visits, the access is reduced by 1, if Zero then delete the record, if we set the URL can only access once valid, the field can not, as long as one is accessed, we delete the record can be. There is the time to clean up invalid records, through the establishment of events + storage process.

So far as the description of these two arguments ends, personal feeling with no need to build a table can be used to retrieve the password function, just think that the table should be relatively flexible, if said occupy space, I guess within a day to have 1 per thousand or even one out of 10,000 of users in the application to retrieve the password has been extremely, so the record should not occupy much space, And if you add a message back to the password function, this table is still useful.

Well, at first I thought it was going to be over. But I found out more than that in the actual implementation process. We know that the fastest access to memory, followed by the file, the slowest is the database. It is said that the hacker's usual tricks, such as writing a For loop, non-stop access to your site, so that you keep working on the database, so that your server crashes ... It is said that the site's response is to increase the graphics verification code, because graphics technology is difficult, bad breakthrough, so we see a lot of sites have verification code, what registration, login and so on are ... So I am in the actual operation of the user's mailbox is a form of verification, which contains the verification code, unfortunately, as long as a submission, the Tencent screen (because I use the QQ mailbox for testing), depressed death me. But am I the kind of person who gives up, obviously not, and I want to be able to send a URL plus the CAPTCHA information just like before, and this URL jumps to a form verification place (Tencent didn't block my url, scared me to death).

So my approach is this. The approximate process is as follows:

Feeling is not very happy Ah, if you also think I was right, that would be wrong, hahaha haha ... There is a hidden error, that is, the lifetime of the session, validation code exists in the session, and the lifetime of the sessions default to 1440 seconds, that is, 24 minutes. So this should be noted, just a little attention, but the basic implementation is OK. This page is so awkward, you can get the confirmation code and submit confirmation divided into two pages on the line.

suddenly thought, if even the verification code is useless, what to do.

Can not access a URL, or whether a URL is valid, the most direct way is what. That is, the URL does not exist, the URL does not exist, that is, the corresponding file does not exist, so that we can help us through the browser to those who mess with our URL or constantly request attempts to cause the server paralysis of malicious attackers prompted a "404" error. If the browser is not good, then how to do. Well.... Then we won't be surfing the internet. The following are specific practices:

1, the user submitted retrieve password application

2, site verification information is correct, the correct construction of a unique random string = Irreversible encryption (user id+ original password +time (), etc.), constructs url= random string. php. Id= users id&email= user mailboxes and generate PHP files with the same name as random strings. Send the URL to the user's mailbox. The simple process code is as follows:

<?php
... Omitted...

$fileName = ' random string. php ';

$content = "<?php header (' location:findpwd.php?id= $id &email= $email ')?>";

File_put_contents ($fileName, $content);//file does not exist The function is automatically generated

... Omitted...
?>

3, user login mailbox, click on the link, if the link exists, there will not be 404 errors

4, the website in

findpwd.php

<?php

Use Http_referer get jump source, judge is not from our website jump over, the legal continue to execute, this should be the content of the chain of anti-theft, because do not know how to do is perfect, to be studied.

.....

$id = $GET [' id '];

$email = $GET [' email '];

Verify the correctness of the information, reset the password, alert the user, and delete the corresponding random string. php, so you can only access once, of course, the validity of this file can be periodically cleaned (build event + stored procedure),

You can use Filemtime (random string. php) to get the latest modified time and the current time comparison to determine, such as "Current Time-filemtime (random string. php) >24 hours" is deleted

.....

?>

It's really over this time. The article used a lot of "said" .... No way, did not participate in the real production practice, do not know how the actual company is done, there is said wrong, welcome correction.