[英]MySQL PHP - Cannot insert/update new values to table
I have an login-system on my website and i'm trying to create password reset. 我的网站上有一个登录系统,我正在尝试创建密码重置。 I have no problem with the registration, or the login code, but password change code does not work. 注册或登录代码没有问题,但是密码更改代码不起作用。 Here are two examples that i tried(actual code) 这是我尝试过的两个示例(实际代码)
<?php
require_once("config.php");
session_start();
if(isset($_POST['submit'])) {
include_once 'config.php';
$password = mysqli_real_escape_string($con, $_POST['password']);
$password1 = mysqli_real_escape_string($con, $_POST['uc_pass1']);
$password2 = mysqli_real_escape_string($con, $_POST['uc_pass2']);
$uid = $_SESSION['s_id'];
if ($password1 != $password2 || empty($password1) || empty($password2)) {
header("Location: ../user-conf.php?pass=notmatching");
exit();
} else {
$sql = "SELECT password FROM userdb WHERE username='$uid'";
$result = mysqli_query($con, $sql);
$resultCheck = mysqli_num_rows($result);
if (!$resultCheck > 0) {
header("Location: ../user-conf.php?error");
exit();
} else {
$hashedPwdCheck = password_verify($password, $_SESSION['s_pw']);
if ($hashedPwdCheck == false) {
header("Location: ../user-conf.php?error");
exit();
} elseif ($hashedPwdCheck == true) {
$hashedPwd2 = password_hash($password1, PASSWORD_DEFAULT);
$sql2 = "INSERT INTO userdb (password) VALUES($hashedPwd2) WHERE username=$uid";
mysqli_query($con, $sql2);
header("Location: ../user-conf.php?pass=successfull");
exit();
}
}
}
} else {
header("Location: ../login.php?nologon");
}
?>
And the other one is below. 另一个在下面。
<?php
require_once("config.php");
session_start();
if(isset($_POST['submit'])) {
include_once 'config.php';
$password = mysqli_real_escape_string($con, $_POST['password']);
$password1 = mysqli_real_escape_string($con, $_POST['uc_pass1']);
$password2 = mysqli_real_escape_string($con, $_POST['uc_pass2']);
$uid = $_SESSION['s_id'];
if ($password1 != $password2 || empty($password1) || empty($password2)) {
header("Location: ../user-conf.php?pass=notmatching");
exit();
} else {
$hashedPwdCheck = password_verify($password, $_SESSION['s_pw']);
if ($hashedPwdCheck == false) {
header("Location: ../user-conf.php?error");
exit();
} elseif ($hashedPwdCheck == true) {
$hashedPwd = password_hash($password1, PASSWORD_DEFAULT);
$sql = "INSERT INTO userdb (password) VALUES($hashedPwd) WHERE username=$uid";
mysqli_query($con, $sql);
header("Location: ../user-conf.php?pass=successfull");
exit();
}
}
} else {
header("Location: ../login.php?nologon");
}
?>
I also tried wit the UPDATE syntax. 我还尝试了UPDATE语法。 but, it didn't seems to change the old password with the new one. 但是,似乎没有用新密码更改旧密码。 It would be nice to know what I did wrong so if you know please tell me and it will be appreciated! 很高兴知道我做错了什么,所以如果您知道,请告诉我,我们将不胜感激! :) :)
99% sure that: 99%的人确保:
"INSERT INTO userdb (password) VALUES($hashedPwd2) WHERE username=$uid"
Should be: 应该:
"UPDATE userdb SET password = '$hashedPwd2' WHERE username='$uid'"
You are missing quotes around your PHP variable and the INSERT
should be an UPDATE
. 您缺少PHP变量周围的引号,而INSERT
应该是UPDATE
。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.