Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 6 of 6
  1. #1
    Regular Coder
    Join Date
    Jan 2009
    Location
    Norway
    Posts
    118
    Thanks
    8
    Thanked 2 Times in 2 Posts

    Password resetting.

    Hello, I'm currently creating a feature on my site so people can reset their passwords if they've forgetten theirs. I tried to reset my password here on CodingForums just too see how the reset link looked like etc, and I noticed it said

    "If you did not request this, please ignore it. It will expire and become useless in 24 hours time.

    And I was wondering how this works? I mean, the identifier that will be passed from the email over the PHP is probably stored in a MySQL database or something and then check whether the user ID specified in the link in the email holds the identifier that was set when you requested a new password. This I have done already.

    Now I want the link to become useless in 24 hours and I was wondering how to do it? Cron job?

  • #2
    Senior Coder timgolding's Avatar
    Join Date
    Aug 2006
    Location
    Southampton
    Posts
    1,519
    Thanks
    114
    Thanked 110 Times in 109 Posts
    I mean if your storing the code in an SQL database why not just store the time it was created in there too. Then when they click the link you can check the current time against the time in the database to see if it expired.
    You can not say you know how to do something, until you can teach it to someone else.

  • #3
    Regular Coder
    Join Date
    Jan 2009
    Location
    Norway
    Posts
    118
    Thanks
    8
    Thanked 2 Times in 2 Posts
    Yeah, I was thinking of doing that. Maybe I should, but if there are any better solutions please tell me.

  • #4
    Senior Coder timgolding's Avatar
    Join Date
    Aug 2006
    Location
    Southampton
    Posts
    1,519
    Thanks
    114
    Thanked 110 Times in 109 Posts
    Well i think that would be better than using a cron job. I can't think of any reason that you wouldn't want to do it that way. I expect that's what vBulletin would have done. But without downloading and reverse engineering can't be sure.

    Just creat another column in your database:

    Code:
    ALTER TABLE `table_name` ADD `time_in` INT( 10 ) NOT NULL ;
    Then when the reset password is created just do a

    PHP Code:
    $time time(); 
    That will get the timestamp that can go into the database
    Then use
    PHP Code:
    //After the select query and puting time_in into $row['time_in'] with mysql_fetch_assoc 

    $time time();

    if(((int)
    $row["time_in"]+(60*60*24))> (int)$time )
    {
        
    // reset password
    }
    else
    {
       
    // Do whatever

    You can not say you know how to do something, until you can teach it to someone else.

  • Users who have thanked timgolding for this post:

    CyberPirate (05-10-2009)

  • #5
    Regular Coder
    Join Date
    Jan 2009
    Location
    Norway
    Posts
    118
    Thanks
    8
    Thanked 2 Times in 2 Posts
    This will do wonder, thanks a lot!

    EDIT:
    Why are you using (int) in front of the variables?

  • #6
    Senior Coder timgolding's Avatar
    Join Date
    Aug 2006
    Location
    Southampton
    Posts
    1,519
    Thanks
    114
    Thanked 110 Times in 109 Posts
    Quote Originally Posted by CyberPirate View Post
    This will do wonder, thanks a lot!

    EDIT:
    Why are you using (int) in front of the variables?
    I just put the int infront to type cast the variables because I'm not sure if they will be strings. If they are strings then the additions and comparison possibly won't work. Actually the main reason is because i didn't test them and this is fail safe. Plus I'm sure the last time i did comparisons on time functions it didn't work and I had to type cast them.

    Oh just to tell you what type casting means. It just means changing what type a variable is e.g
    PHP Code:
    $a= (string)1;
    // is same as 
    $a '1';

    $b = (array)'hello';
    //is same as
    $b = array('hello');

    $c = (int)'2';
    //is same as
    $c 2;

    // etc... 
    http://uk.php.net/manual/en/language...es.typecasting
    Last edited by timgolding; 05-10-2009 at 01:39 AM.
    You can not say you know how to do something, until you can teach it to someone else.


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •