在 PHP 和 Jquery 中使用 md5 更改密码
[英]Change Password using md5 in PHP and Jquery
问题描述
When I tried to update/change the password it says that my current password is wrong ,
当我尝试更新/更改密码时,它说我当前的密码错误,
I use md5 to encrypt the password but I don't know how to update the encrypted password using jQuery and Ajax.我使用 md5 来加密密码,但我不知道如何使用 jQuery 和 Ajax 更新加密的密码。
This is the jQuery code that I'm using:这是我正在使用的 jQuery 代码:
jQuery("#change_password").submit(function (e) {
e.preventDefault();
var password = jQuery('#password').val();
var current_password = jQuery('#current_password').val();
var new_password = jQuery('#new_password').val();
var retype_password = jQuery('#retype_password').val();
if (password != current_password) {
$.jGrowl("Password does not match with your current password ", {
header: 'Change Password Failed'
});
} else if (new_password != retype_password) {
$.jGrowl("Password does not match with your new password ", {
header: 'Change Password Failed'
});
} else if ((password == current_password) && (new_password == retype_password)) {
var formData = jQuery(this).serialize();
$.ajax({
type: "POST",
url: "update_password_mahasiswa.php",
data: formData,
success: function (html) {
$.jGrowl("Your password is successfully change", {
header: 'Change Password Success'
});
var delay = 2000;
setTimeout(function () {
window.location = 'dashboard_mahasiswa.php'
}, delay);
}
});
php code for updating the password:更新密码的php代码:
<?php
include('dbcon.php');
include('session.php');
$new_password = $_POST['new_password'];
$new_password = md5($new_password)
mysql_query("update mahasiswa set password = '$new_password' where mahasiswa_id = '$session_id'")or die(mysql_error());
?>
2 个解决方案
解决方案1
1 2019-03-25 06:10:45
Try to use the following functions when you do hashing against your passwords:当您对密码进行散列时,请尝试使用以下函数:
password_hash()
password_verify()
password_needs_rehash()
password_get_info()
These are pretty handy if you want to do it the standard way.如果您想以标准方式进行操作,这些非常方便。 Here is an article about it. 这是一篇关于它的文章。
As per the updating of your new password, it is as same as any standard update query.根据您的新密码更新,它与任何标准更新查询相同。
UPDATE table_name SET column1=value, column2=value2,... WHERE some_column=some_value
解决方案2
0 2019-03-25 06:51:30
I would recommend you to use mysqli_query() with prepared statements.我建议您将mysqli_query()与准备好的语句一起使用。 To avoid SQL injection you have to use prepared statements.为了避免 SQL 注入,您必须使用准备好的语句。
$mysqli = new mysqli("example.com", "user", "password", "database");
if ($mysqli->connect_errno) {
echo "Failed to connect to MySQL: (" . $mysqli->connect_errno . ") " . $mysqli->connect_error;
}
/* Prepared statement, stage 1: prepare */
$stmt = $mysqli->prepare("update mahasiswa set password = ? where mahasiswa_id = ?");
$new_password = password_hash($_POST['new_password']);
$stmt->bind_param("si", $new_password, $session_id);
$stmt->execute();
if($stmt->affected_rows === 0) exit('No rows updated');
$stmt->close();
A simple example which uses mysqli_query() instead of mysql_query() .一个使用mysqli_query()而不是mysql_query()简单示例。
//$con must contain your database connection
//eg: $con = mysqli_connect("localhost","my_user","my_password","my_db");
$new_password = password_hash($_POST['new_password']);
$my_query = 'update mahasiswa set password = '.$new_password.' where mahasiswa_id = '.$session_id;
if(mysqli_query($con,$my_query)){
//database updated succesfully
} else {
//failure
}
If you are working with mysql_query() then如果您正在使用mysql_query()那么
// if your db connection is valid then
if(mysql_query($my_query)){
//database updated succesfully
} else {
//failure
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.