PHP - problems with code to reset password

2

I am trying to create a link that is sent to the user so that I can reset the password:

I have the following code that sends the code to the user:

<?php
 include("config.php");
if(isset($_POST['submit_email']) && $_POST['email'])
{
    $email = mysqli_real_escape_string($conn, $_POST['email']);
    $sql = "SELECT * FROM registo WHERE email = '$email'";
    $r = mysqli_query($conn, $sql);
    $count = mysqli_num_rows($r);
    if($count == 1){
        $res = mysqli_fetch_assoc($r);
        $email=password_hash($res['email'],PASSWORD_DEFAULT);
        $pass=password_hash($res['password'],PASSWORD_DEFAULT);
        $link="<a href='http:****.php?key=".$email."&reset=".$pass."'>Click To Reset password</a>";
        $to = $res['email'];
        $subject = 'Reset Password';
        $message = 'Click On This Link to Reset Password '.$link;
        $headers = 'From: Galaxy books shop <**@gmail.com>' . "\r\n" .
                   'Reply-To: **@mail.com' . "\r\n" .
                   'X-Mailer: PHP/' . phpversion();
        // Send email
        if(mail($to, $subject, $message, $headers)){
            echo "Your reset link has been sent to your email ";
        }else{
            echo "Failed to Recover your password, try again";
        }

    }else{
        echo "User name does not exist";
    }
}
?>

And then I have the code that supposedly should cause the user to create a new pass:

<?php
include("config.php");
if($_GET['key'] && $_GET['reset'])
{
  $email=password_hash($_GET['key'],PASSWORD_DEFAULT);
  $pass=password_hash($_GET['reset'],PASSWORD_DEFAULT);
  $sql=mysqli_query($conn,"SELECT email, password FROM registo where email='$email' and password='$pass'");
  $count = mysqli_num_rows($sql);  
  if($count==1)
  {
    ?>
<html>
    <form method="post" action="update_newpassword.php">
    <input type="hidden" name="email" value="<?php echo $email;?>">
    <p>Enter New password</p>
    <input type="password" name='password'>
    <input type="submit" name="submit_password">
    </form>
    </html>
    <?php

  }
}

? >

The problem is that nothing is happening the link is actually sent but by clicking on the link the page simply appears in White.

    
asked by anonymous 16.05.2017 / 22:56

0 answers