[英]Can't update database using php and Mysql
I am trying to update a user password in database with the following code 我正在尝试使用以下代码更新数据库中的用户密码
<?php
session_start();
if( isset($_SESSION['user']) ){
}
else
{
header("location: index.php");
}
$host = "localhost";
$username = "xxxx";
$password = "xxxxx";
$db_name = "auth_db";
$tbl_name = "users";
$link = new mysqli("$host", "$username" , "$password", "$db_name");
if(mysqli_connect_error())
{
die('Connect Error ('.mysqli_connect_errno().')' .msqli_connect_error());
}
$username = $_SESSION['user'];
$pwd = $_POST['oldpass'];
$pwd1 = $_POST['newpass'];
$pwd2 = $_POST['newpass1'];
if($pwd1 !== $pwd2)
{
Print '<script>alert("New Passwords do not match");</script>';
Print '<script>window.location.assign("pwd.php");</script>';
}
$query = mysqli_query($link, "SELECT * from users WHERE username = '$username'");
$user_exist = mysqli_num_rows($query);
$tbl_user = "";
$tbl_password = "";
$password = 0 ;
if($user_exist > 0)
{
while($row = mysqli_fetch_assoc($query))
{
$tbl_user = $row['username'];
$tbl_password = $row['password'];
$password = password_verify($pwd, $tbl_password);
}
if(($username == $tbl_user) && ($password))
{
if($password)
{
$new_hash = password_hash(('$pwd1'), PASSWORD_BCRYPT);
mysqli_query($link, "UPDATE $tbl_name SET password = '$new_hash' WHERE username = '$tbl_user'");
Print '<script>alert("Updated, Please relogin.");</script>';
Print '<script>window,location.assign("logout.php");</script>';
}
}
else
{
Print '<script>alert("Incorrect Password");</script>';
Print '<script>window,location.assign("pwd.php");</script>';
}
}
?>
I am able to generate the hash but it is not getting updated in the database and the page is redirected to the given link. 我能够生成哈希,但是它没有在数据库中更新,并且页面被重定向到给定的链接。 I am thinkinging that there is something worng with my
我在想我的东西有点累
mysqli_query($link, "UPDATE $tbl_name SET password = '$new_hash' WHERE username = '$tbl_user'");
Any help is appreciated. 任何帮助表示赞赏。 Thank you.
谢谢。
Try this 尝试这个
$link = new mysqli($host, $username , $password, $db_name);
mysqli_query($link, "UPDATE $tbl_name SET pasword = ".$new_hash." WHERE username = ".$tbl_user.");
your code has many syntax errors. 您的代码有很多语法错误。 i have cited some and put it in comments so you can change it yourself.
我引用了一些内容并将其添加到注释中,以便您可以自己更改。
<?php
session_start();
if( isset($_SESSION['user']) ){
}
else
{
header("location: index.php");
}
$host = "localhost";
$username = "xxxx";
$password = "xxxxx";
$db_name = "auth_db";
$tbl_name = "users";
$link = new mysqli("$host", "$username" , "$password", "$db_name");
if(mysqli_connect_error())
{
die('Connect Error ('.mysqli_connect_errno().')' .msqli_connect_error());
}
$username = $_SESSION['user'];
$pwd = $_POST['oldpass'];
$pwd1 = $_POST['newpass'];
$pwd2 = $_POST['newpass1'];
if($pwd1 !== $pwd2)
{
Print '<script>alert("New Passwords do not match");</script>';
Print '<script>window.location.assign("pwd.php");</script>';
}
$query = mysqli_query($link, "SELECT * from users WHERE username = '$username'");
$user_exist = mysqli_num_rows($query);
$tbl_user = ""; // instead of reinitializing these as a blank slate just use the unset(); function
$tbl_password = ""; // so its unset($tbl_user); so you can save memory.
$password = 0 ;
if($user_exist > 0)
{
while($row = mysqli_fetch_assoc($query))
{
$tbl_user = $row['username'];
$tbl_password = $row['password'];
$password = password_verify($pwd, $tbl_password);
}
if(($username == $tbl_user) && ($password))
{
if($password)
{
$new_hash = password_hash(('$pwd1'), PASSWORD_BCRYPT);
mysqli_query($link, "UPDATE $tbl_name SET password = '$new_hash' WHERE username = '$tbl_user'");
Print '<script>alert("Updated, Please relogin.");</script>';
Print '<script>window,location.assign("logout.php");</script>'; //<- window.location.assign();
}
}
else
{
Print '<script>alert("Incorrect Password");</script>';
Print '<script>window,location.assign("pwd.php");</script>'; //<-- window.location.assign();
}
}
?>
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.