-2 
Notice: Array to string conversion in C:\wamp\www\myphpfile\reset_pass_form.php on line <i>33</i>

An email has been sent for you to reset your password!

I already check in my email box i'm getting the proper user_id=value&reset_token=value

reset_pass_form.php

if ( !empty($_POST) && !empty($_POST['forgot_emailpass']) ) { 

$email = escape_data($_POST['forgot_emailpass']);

$result = $heidisql->prepare("SELECT * FROM users WHERE email_address='$email'");
$result->execute();

$user = $result->fetch();

    If($user) {

        session_start();

        $reset_token = random_str(30);
        $new_hashtoken = bin2hex($reset_token);

        $sql = "UPDATE users "
                . "SET reset_token= '$new_hashtoken', "
                . "reset_allocated_time= now() "
                . "WHERE user_id='$user' "; // <- Error is here!

        $reset_pass = $heidisql->prepare($sql);

        $reset_pass->execute();

    // Send registration confirmation link (reset.php)
    $to= $email;
    $from = "smtp.intnet.mu";
    $subject = 'Reset Password';

    //Compose a simple HTML email msg
    $message = "<html><body>";
    $message .= "<h1 style='color: darkblue;'> Hi, there you</h1>";
    $message .= "<p><b>Email:</b> $email</p>";
    $message .= "<p>To reset your password, please click on the given link below: </p>";
    $message .= "<a href='http://localhost:8080/myphpfile/reset_pass_form.php?user_id=".$user['user_id']."&reset_token=".$new_hashtoken. " '> Click Here</a>"; //http://localhost:8080/myphpfile/reset_pass_form.php?
    $message .= "</body></html>";

    $headers = 'From:' .$from. "\r\n" . // Creating the email headers // To send an HTML mail, content-type must be set to HTML
                        'Reply-To: '.$from. "\r\n" .
                        'MIME-Version: 1.0' . "\r\n" . 
                        'Content-type: text/html; charset=iso-8859-1' . "\r\n" .
                        'X-Mailer: PHP/' . phpversion();

    if (mail($to, $subject, $message, $headers)) { // Sending email // email_to, subject, body,email_from

            echo 'An email has been sent for you to reset your password!'; // As you can see above the email is being sent
            exit();

        } else {

            echo'Server failed to sent message, please try again later.';
            exit();

        }

    }
}

In my database my reset_token remain empty instead to being the value $new_hashtoken and the same goes for my reset_allocated_time which also remain null

Improve this question
2
  • 1
    Please, print_r($user). Maybe after this you will see that it is array. Maybe this gives you an idea. Commented Jul 30, 2017 at 11:14
  • Still no idea? Hint - if you search by user_id - maybe you should provide this user_id, don't you think? Commented Jul 30, 2017 at 11:19

2 Answers 2

Reset to default
0

Please print_r the $user variable and use the key of the array in where clause.

$sql = "UPDATE users "
                . "SET reset_token= '$new_hashtoken', "
                . "reset_allocated_time= now() "
                . "WHERE user_id=$user['user_id'] "; // <- user id or what ever the key is
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

$user = $result->fetch(); probably returns an array. It could be an array of users or a user array. Try var_dump($user); to inspect what it holds.

If it returns an array of users:

$user[0]->id; // in case it was an array of user objects
OR
$user[0]['id']; // in case it was an array of user arrays

If it returns a user array:

$user['id'];

Also, my other answer might help you understand how to access arrays and objects better.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.