How to generate the "Password Reset" one-time link RT. & nbsp; is like the password reset link provided by some websites for users who forget their passwords. The one sent to the user's registered email address can only be triggered once. once used, it cannot be used. Sometimes there is a time limit, such as a valid link within 24 hours. Who knows how to implement this in PHP. & Nbsp; thank you ------ solution -------------------- the timeline controls how to generate "one-time link" of "password reset"
RT.
It is like a link provided by some websites to reset passwords for users who forget their passwords.
The one sent to the user's registered email address can only be triggered once. once used, it cannot be used.
Sometimes there is a time limit, such as a valid link within 24 hours.
Who knows how to implement this in PHP.
Thank you.
------ Solution --------------------
Timeline control. Set a connection, record the generation time, and then set the death time. Over 24 hours or once
------ Solution --------------------
Generate a reversible encrypted string based on the timestamp and then restore it to verify whether the verification time has timed out.
------ Solution --------------------
To achieve one-time encryption, you have to record the encrypted string. each time you receive a connection request, you can query it in the record.
------ Solution --------------------
"One-time "???
It is very simple. you only need to query the table and pass it in the table; otherwise, the table will be rejected.
Only one field char (32) in the table is set as the primary key.
Only store the MD5 value of the content to be verified
The operation is also very simple. execute delete from tbl_name where key = 'value'
If mysql_affected_rows returns 0, it indicates that it fails.
This scheme can verify any "one-time", as long as you get the MD5 of the object to be verified. No need to worry about verifying the real content of the object
------ Solution --------------------
Nonsense.
Click Reset password, and you will insert a row to the database, with auto-incrementing ID as the KEY, username, whether verification is complete, creation date TIME_STAMP, unique identifier md5. (for database security, generate an MD5 value as the id and send it to the user. md5 (id. username. time )).
Then send a URL in the email: xxxx.com? Id = md5.
When you access this url, find the md5 in the database and mark it as complete.
------ Solution --------------------
=. = Still using tables? This data record seems to be bothering DBAs...
Just use username + unixtimestamp + a piece of key and then hash some digits. isn't that all right ?....
When the verification times out, the unixtimestamp field is extracted, and the time limit can be set at will...
------ Solution --------------------
Let me talk about my ideas. It's actually very simple.
Because the SESSION has a life cycle, the link automatically expires when the SESSION expires.
Ideas:
After determining the user identity. Use session ID + user name to generate a unique identifier
PHP code
$ _ SESSION ['Forget _ Code'] = md5 (session_id (). 'XXX'); // XXX is the username to reset the password/* The generated link is as follows */$ href = "http://www.domain.com/forget.php? Code = {$ _ SESSION ['Forget _ Code']} ";
------ Solution --------------------
1. you can record the user's application time to the database.
2. use the decrypted algorithm to encrypt the time as data. discuz has this method.