登录名和密码更改PHP和MYsql
[英]Login & password change PHP & MYsql
问题描述
I am working on a simple script that allows users to create an account and change password in a database. 
我正在研究一个简单的脚本,该脚本允许用户创建帐户并更改数据库中的密码。 The only problem I'm having is creating a script that allows the user to change their password. 我唯一的问题是创建一个允许用户更改密码的脚本。 It doesn't update in my DB. 它不会在我的数据库中更新。 I am getting successfully message but it doesn't update in DB. 我收到了成功的消息,但是在DB中没有更新。 Please help me any suggestions will be much appreciated Please let me know if any more details required? 请帮助我,任何建议将不胜感激。请让我知道是否需要更多详细信息?
<form method="POST">
old:<input type="text" name="old_pass">
new:<input type="text" name="">
conf:<input type="text" name="">
<input type="submit" name="submit" value="save">
</form>
<?php
$conn_db = mysqli_connect("localhost","root","","oz");
if(!$conn_db)
{
echo "not connect";
}
echo "connect".mysqli_error($conn_db);
SESSION_START();
if($_SERVER['REQUEST_METHOD']=="POST")
{
if(isset($_POST['submit']))
{
$old_pass=$_POST['old_pass'];
$new_pass=$_POST['new_pass'];
$re_pass=$_POST['re_pass'];
$chg_pwd=mysqli_query($conn_db,"SELECT * FROM admin WHERE email='$email'");
$chg_pwd1=mysqli_fetch_array($chg_pwd);
$data_pwd=$chg_pwd1['pass'];
if($data_pwd==$old_pass){
if($new_pass==$re_pass){
$update_pwd=mysqli_query($conn_db,"UPDATE admin SET pass='$new_pass' where email='$email'");
echo "<script>alert('Update Sucessfully'); window.location='index.php'</script>";
}
else{
echo "<script>alert(`Your new and Retype Password is not match`); window.location='index.php'</script>";
}
}
else
{
echo "<script>alert(`Your old password is wrong`); window.location='change.php'</script>";
}}
}
?>
3 个解决方案
解决方案1
0 2017-10-08 02:51:53
You are getting the success message because you are not actually checking if the update was successful.
之所以收到成功消息,是因为您实际上并未检查更新是否成功。 You're just checking if the password match: if($new_pass==$re_pass)您只是在检查密码是否匹配: if($new_pass==$re_pass)You never define
$email, so your WHERE clause generates an empty data set.您永远不会定义$email,因此您的WHERE子句会生成一个空数据集。
Try defining $email , for example: $email = $_POST['email'] and moving your alert and redirect inside of an if statement that checks the result of the query 尝试定义$email ,例如: $email = $_POST['email']并将警报和重定向移动到检查查询结果的if语句中
if(mysqli_query($conn_db,"UPDATE admin SET pass='$new_pass' where email='$email'")) {
echo "<script>alert('Update Sucessfully'); window.location='index.php'</script>";
}
NOTE: 注意:
- You shouldn't store your passwords in plain text. 您不应该以纯文本形式存储密码。
- You should safely cast all input before running it in a query to prevent SQL Injection. 在查询中运行所有输入之前,应安全地强制转换所有输入,以防止SQL注入。
解决方案2
0 2017-10-08 03:40:45
TRY USING THIS 尝试使用此
if($new_pass==$re_pass){
$update_pwd = $conn_db->query("UPDATE admin SET pass='$new_pass' WHERE email='$email'");
if($update_pwd){ echo "<script>alert('Update Sucessfully'); window.location='index.php'</script>";
} else { //echo server error }
}
解决方案3
0 2017-10-08 03:44:50
change your 'mysqli_query' to '$conn_db->query'. 将您的“ mysqli_query”更改为“ $ conn_db-> query”。 there will be no need to include '$conn_db' in the parenthesis. 不需要在括号中包含“ $ conn_db”。 Meanwhile, if error logging is set in your php settings, you can see the error 同时,如果您在php设置中设置了错误日志记录,则可以看到错误
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.