JGZ_YES/SunShineMusic
2
2
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 2 Wiki Activity
Files
main
SunShineMusic/reset_password.php

274 lines
9.0 KiB
PHP
Raw Permalink Normal View History

上传文件至 /
2025-09-24 14:15:37 +00:00
<?php
// 开启错误显示以便调试
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);
// 启动会话
session_start();
// 检查用户是否已登录,如果已登录则重定向到首页
if (isset($_SESSION['user_logged_in']) && $_SESSION['user_logged_in'] === true) {
header('Location: index.php');
exit;
}
// 数据库连接配置 - 与其他页面保持一致
$servername = "localhost";
$username = "a1sax1m9i"; // 与其他页面相同
$password = "a1sax1m9i"; // 与其他页面相同
$dbname = "a1sax1m9i"; // 与其他页面相同
// 初始化消息变量
$message = "";
$messageType = ""; // success 或 error
$tokenValid = false;
$userId = null;
// 确保密码重置表存在
function ensurePasswordResetTableExists($conn) {
$sql = "CREATE TABLE IF NOT EXISTS password_reset_tokens (
user_id INT NOT NULL,
token VARCHAR(255) NOT NULL,
expiry DATETIME NOT NULL,
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
PRIMARY KEY (user_id),
FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4";
if (!$conn->query($sql)) {
return "创建密码重置表失败: " . $conn->error;
}
return true;
}
// 检查令牌是否存在
if (!isset($_GET['token']) || empty($_GET['token'])) {
$message = "无效的重置链接";
$messageType = "error";
} else {
$token = $_GET['token'];
// 连接数据库
$conn = new mysqli($servername, $username, $password, $dbname);
// 检查数据库连接
if ($conn->connect_error) {
$message = "数据库连接失败: " . $conn->connect_error;
$messageType = "error";
} else {
// 确保密码重置表存在
$tableCheck = ensurePasswordResetTableExists($conn);
if ($tableCheck !== true) {
$message = $tableCheck;
$messageType = "error";
} else {
// 检查令牌是否有效且未过期
$sql = "SELECT user_id FROM password_reset_tokens WHERE token = ? AND expiry > NOW()";
$stmt = $conn->prepare($sql);
if (!$stmt) {
$message = "准备查询语句失败: " . $conn->error;
$messageType = "error";
} else {
$stmt->bind_param("s", $token);
$stmt->execute();
$stmt->store_result();
if ($stmt->num_rows == 1) {
// 令牌有效
$stmt->bind_result($userId);
$stmt->fetch();
$tokenValid = true;
} else {
$message = "重置链接无效或已过期";
$messageType = "error";
}
$stmt->close();
}
}
$conn->close();
}
}
// 处理表单提交
if ($_SERVER["REQUEST_METHOD"] == "POST" && $tokenValid && $userId !== null) {
// 获取表单数据并过滤
$newPassword = $_POST['new_password'] ?? '';
$confirmPassword = $_POST['confirm_password'] ?? '';
// 表单验证
if (empty($newPassword)) {
$message = "新密码不能为空";
$messageType = "error";
} elseif (strlen($newPassword) < 6) {
$message = "密码长度不能少于6个字符";
$messageType = "error";
} elseif ($newPassword !== $confirmPassword) {
$message = "两次输入的密码不一致";
$messageType = "error";
} else {
// 连接数据库
$conn = new mysqli($servername, $username, $password, $dbname);
// 检查数据库连接
if ($conn->connect_error) {
$message = "数据库连接失败: " . $conn->connect_error;
$messageType = "error";
} else {
// 哈希密码
$hashedPassword = password_hash($newPassword, PASSWORD_DEFAULT);
// 更新用户密码
$sql = "UPDATE users SET password_hash = ? WHERE id = ?";
$stmt = $conn->prepare($sql);
if (!$stmt) {
$message = "准备更新语句失败: " . $conn->error;
$messageType = "error";
} else {
$stmt->bind_param("si", $hashedPassword, $userId);
if ($stmt->execute()) {
// 密码更新成功,删除令牌
$deleteStmt = $conn->prepare("DELETE FROM password_reset_tokens WHERE user_id = ?");
$deleteStmt->bind_param("i", $userId);
$deleteStmt->execute();
$deleteStmt->close();
$message = "密码已成功重置,请使用新密码登录";
$messageType = "success";
$tokenValid = false; // 防止再次提交
} else {
$message = "密码更新失败,请稍后再试";
$messageType = "error";
}
$stmt->close();
}
$conn->close();
}
}
}
?>
<!DOCTYPE html>
<html lang="zh-CN">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>重置密码 - 音乐分享网站</title>
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css">
<style>
/* 基础样式 */
body {
font-family: 'Arial', sans-serif;
max-width: 500px;
margin: 2rem auto;
padding: 0 1rem;
background-color: #f5f5f7;
}
.container {
background-color: white;
padding: 2rem;
border-radius: 10px;
box-shadow: 0 2px 10px rgba(0,0,0,0.1);
}
h1 {
text-align: center;
color: #2c3e50;
}
.form-group {
margin-bottom: 1.5rem;
}
label {
display: block;
margin-bottom: 0.5rem;
color: #333;
}
input {
width: 100%;
padding: 0.8rem;
border: 1px solid #ddd;
border-radius: 5px;
box-sizing: border-box;
font-size: 1rem;
}
button {
width: 100%;
padding: 0.8rem;
background-color: #2c3e50;
color: white;
border: none;
border-radius: 5px;
font-size: 1rem;
cursor: pointer;
transition: background-color 0.3s;
}
button:hover {
background-color: #34495e;
}
.message {
padding: 1rem;
border-radius: 5px;
margin-bottom: 1.5rem;
text-align: left;
}
.error-message {
background-color: #f8d7da;
color: #721c24;
}
.success-message {
background-color: #d4edda;
color: #155724;
}
.login-link {
text-align: center;
margin-top: 1.5rem;
}
.login-link a {
color: #2c3e50;
text-decoration: none;
}
.login-link a:hover {
text-decoration: underline;
}
</style>
</head>
<body>
<div class="container">
<h1><i class="fas fa-redo"></i> 重置密码</h1>
<?php if (!empty($message)): ?>
<div class="message <?php echo $messageType === 'error' ? 'error-message' : 'success-message'; ?>">
<i class="fas <?php echo $messageType === 'error' ? 'fa-exclamation-circle' : 'fa-check-circle'; ?>"></i>
<?php echo nl2br(htmlspecialchars($message)); ?>
</div>
<?php endif; ?>
<?php if ($tokenValid): ?>
<form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]) . '?token=' . htmlspecialchars($_GET['token']); ?>">
<div class="form-group">
<label for="new_password">新密码</label>
<input type="password" id="new_password" name="new_password" minlength="6" required>
</div>
<div class="form-group">
<label for="confirm_password">确认新密码</label>
<input type="password" id="confirm_password" name="confirm_password" minlength="6" required>
</div>
<button type="submit">重置密码</button>
</form>
<?php endif; ?>
<div class="login-link">
<a href="login.php"><i class="fas fa-sign-in-alt"></i> 返回登录</a>
</div>
</div>
</body>
</html>
Reference in New Issue Copy Permalink