php - What is the reason updating a user's password fails in this Codeigniter 3 application?
Get the solution ↓↓↓I am working on a basic blog application in Codeigniter 3.1.8 and Bootstrap 4.
I have added a registration and login system to this application. I am current working on a password reset system. It has a 2 steps process:
- Generating a token and inserting it in the database (
authors
table). - Setting a new password.
Setting a new password fails with a 404 error for some reason I was unable to find out and fix.
The routes:
$route['default_controller'] = 'posts';
$route['install'] = 'install';
$route['migrate'] = 'migrate';
$route['register'] = 'register';
$route['login'] = 'login';
$route['passwordreset'] = 'passwordreset';
$route['newpasword'] = 'newpasword';
$route['newpasword/(:any)/(:any)'] = 'newpasword/index/$1/$2/';
$route['dashboard'] = 'dashboard';
$route['dashboard/create-post'] = 'dashboard/posts/create';
$route['dashboard/create-page'] = 'dashboard/pages/create';
$route['dashboard/create-category'] = 'dashboard/categories/create';
$route['dashboard/manage-authors'] = 'dashboard/users';
$route['404_override'] = '';
$route['categories/posts/(:any)'] = 'categories/posts/$1';
$route['(:any)'] = 'posts/post/$1';
$route['translate_uri_dashes'] = FALSE;
In the Newpasword controller:
class Newpasword extends CI_Controller {
private $hashed_email = '';
private $token = '';
public function index($hashed_email, $token) {
$data = $this->Static_model->get_static_data();
$data['pages'] = $this->Pages_model->get_pages();
$data['tagline'] = 'New password';
$data['categories'] = $this->Categories_model->get_categories();
$this->hashed_email = $hashed_email;
$this->token = $token;
// Form validation rules
$this->form_validation->set_rules('password', 'Password', 'required|min_length[6]');
$this->form_validation->set_rules('cpassword', 'Confirm password', 'required|matches[password]');
$this->form_validation->set_error_delimiters('<p class="error-message">', '</p>');
if(!$this->form_validation->run()) {
$this->load->view('partials/header', $data);
$this->load->view('auth/newpassword');
$this->load->view('partials/footer');
} else {
// Encrypt new password
$enc_password = password_hash($this->input->post('password'), PASSWORD_DEFAULT);
// Update password column
$this->Usermodel->set_new_password($hashed_email, $token, $enc_password);
}
}
}
The view corresponding to the above controller (newpassword.php):
<?php echo form_open(base_url('newpassword')); ?>
<div class="form-group <?php if(form_error('password')) echo 'has-error';?>">
<input type="password" name="password" id="password" class="form-control" placeholder="Password">
<?php if(form_error('password')) echo form_error('password'); ?>
</div>
<div class="form-group <?php if(form_error('cpassword')) echo 'has-error';?>">
<input type="password" name="cpassword" id="cpassword" class="form-control" placeholder="Confirm password">
<?php if(form_error('cpassword')) echo form_error('cpassword'); ?>
</div>
<div class="form-group mb-2">
<input type="submit" value="Set password" class="btn btn-block btn-md btn-success">
</div>
<?php echo form_close(); ?>
In the model I have the 2 methods for inserting the token and updating the password:
public function update_token($user_email, $reset_token) {
$this->db
->where(['email' => $user_email])
// insert token (make it diffrent from NULL)
->update('authors', array('token' => $reset_token));
}
public function set_new_password($hashed_email, $token, $enc_password) {
$this->db
->where([md5('email') => $hashed_email])
// set new password and reset token to NULL
->update('authors', array('password' => $enc_password, 'token' => NULL));
}
Inserting the token works without problems, but setting a new password fails with a 404 error.
What am I doing wrong?
Answer
Solution:
The first thing I can see is your code has a typo issue.
Your route says
form_open(base_url('newpassword')); ?>
but you have defied them$route['newpasword']
.
newpassword != newpasword
^^ ^^
In route.php
$route['newpasword'] = 'newpasword';
$route['newpasword/(:any)/(:any)'] = 'newpasword/index/$1/$2/';
And second$route['newpasword/(:any)/(:any)'] = 'newpasword/index/$1/$2/';
we don't use to send passwords in URL. It should be POST method and since you useform_open
form create withmethod="post"
. So in code$_POST['password']
or will work
Answer
Solution:
After set the new password you redirect to /newpasword but the index function in Newpasword controller only works with 2 parameter. You need to create a new function in controller to view the success page (or redirect to main page with a session alert)
Share solution ↓
Additional Information:
Link To Answer People are also looking for solutions of the problem: composer detected issues in your platform: your composer dependencies require a php version ">= 8.0.2".
Didn't find the answer?
Our community is visited by hundreds of web development professionals every day. Ask your question and get a quick answer for free.
Similar questions
Find the answer in similar questions on our website.
Write quick answer
Do you know the answer to this question? Write a quick response to it. With your help, we will make our community stronger.