0

User is being automatically redirected to the about page after clicking through instead of the new password showing. Can anyone see what might be wrong with the code here? It's for forgotten password functionality.

Is it a problem with num_rows?

PHP:

if(isset($_GET['email']) && isset($_GET['token'])) {
  global $conn;

  $email = $_GET['email'];
  $token = $_GET['token'];

  $sql = $conn->query("SELECT u_id FROM users WHERE
    email='$email' AND
    token='$token' AND
    token<>'' AND
    tokenExpire > NOW()
    ");

    if($sql->num_rows > 0) {
      $newPassword = generateNewString();
      $newPasswordEncrypted = password_hash($newPassword, PASSWORD_BCRYPT);
      $conn->query("UPDATE users SET token='', password = '$newPasswordEncrypted' WHERE
        email='$email'
      ");

      echo "Your new password is $newPassword";
    } else
      header("Location: " . BASE_URL . "/about.php");
} else {
  redirectToLoginPage();
}
CathCoder
  • 21
  • 4
  • **Warning**:You are wide open to [SQL Injections](https://php.net/manual/en/security.database.sql-injection.php) and should use parameterized prepared statements instead of manually building your queries. They are provided by [PDO](https://php.net/manual/pdo.prepared-statements.php) or by [MySQLi](https://www.php.net/manual/en/mysqli.quickstart.prepared-statements.php). Never trust any kind of input! Even by trusted users, [you are still in risk of corrupting your data](https://bobby-tables.com/). [Escaping is not enough](https://stackoverflow.com/q/5741187). – Jason K Jan 21 '21 at 22:41
  • I know, thanks. I'm just trying to get it working for the moment then I'll convert them to PDO – CathCoder Jan 21 '21 at 22:42
  • Have you tried any debugging? Have you dumped the generated query and tried it directly on the database? – El_Vanja Jan 21 '21 at 23:45
  • See [this comment in the PHP manual](https://www.php.net/manual/en/mysqli-result.num-rows.php#105289). – Rojo Jan 21 '21 at 23:56

0 Answers0