I am developing a website on Codeigniter Framework i am facing an issue while making forgot password feature.
When i submit my email address it sends an email to that address and that email has a link that has a token in it. eg: http://www.myegsite.com/user/forgotyourpassword/2991c14654e1ed41aab1565dcf815b0f
On click that link, if that token is not expired then, website asks for your new password and confirm password.
The issue is : When i provide new password and confirm password and click submit button it gives me following error:
An Error Was Encountered
The action you have requested is not allowed.
After reloading that same link, the page i get works absolutely fine, it updates my password again.
What could be the reason that link doesn't work first time?
Controller:
public function forgotyourpassword($token)
{
if($this->session->userdata('user_data') != NULL)
{
redirect(base_url() . 'User');
}else
{
//check if token exist in table or not , if not exist return false;
$this->load->model("data_access/extradataaccess","ExtraDataAccess");
$dbToken =$this->ExtraDataAccess->getToken($token);
if($dbToken == FALSE)
{
$this->session->set_flashdata("invalid_token",'This token is invalid!');
redirect(base_url() . 'welcome/forgotPassword');
}
else
{
//check if current date is smaller than expiry data , it means token is still valid return true;
if($this->ExtraDataAccess->GetTokenInfo($token) == FALSE)
{
//set flash data session for token expired
redirect(base_url() . 'welcome/forgotPassword');
//if token is expired return false
} //if ($currDate <= $expiryDate)
else
{
// load form libraries
$this->load->helper(array('form', 'url'));
$this->load->library('form_validation');
$this->form_validation->set_rules('password', 'Password', 'required|min_length[6]|max_length[20]');
$this->form_validation->set_rules('confpassword', 'Password Confirmation', 'required|min_length[6]|max_length[20]|matches[password]');
if($this->form_validation->run() == FALSE)
{
$this->data['page_name'] = "Renew Password";
$this->data['form_url'] = base_url()."user/forgotyourpassword/";
$this->data['token'] = "$token";
$this->load->view("welcome/renewpassword_view",$this->data);
}
else
{
$tokenEmail = $this->ExtraDataAccess->GetTokenInfo($token)['email'];
$hashPassword = md5($this->input->post('password'));
//updating password into the database
$updateData = array (
'password' => $hashPassword
);
$this->db->where('email',$tokenEmail);
$this->db->update('users',$updateData);
}
}//else
}
}//if($this->session->userdata('user_data') != NULL)
}//Forgotyourpassword()
View:
<?php echo form_open("$form_url"."$token"); ?>
<div class="form-group">
<label for="inputpass">Password</label>
<input type="password" name="password" class="form-control" id="inputpass" value="" php echo placeholder="new password"/>
</div>
<?php if(form_error('password')!=NULL){
echo "<div id='fielderror'>";
echo form_error('password');
echo "</div>";
}?>
<div class="form-group">
<label for="inputpassconf">Confirm Password</label>
<input type="password" name="confpassword" class="form-control" id="inputpassconf" value="" placeholder="confirm password"/>
</div>
<?php if(form_error('confpassword')!=NULL){
echo "<div id='fielderror'>";
echo form_error('confpassword');
echo "</div>";
}?>
<h5><input type="submit" value="Reset Password" class="btn btn-info active"/></h5>
<?php echo form_close();?>