如何检查表中的密码是否更新

Question

I have written a script in php to reset user's password, and how do I check if password is updated in a table?

For example, if a data in the tuple/column has been changed, then send email. Please check comments in the script.

 $dbcc = mysqli_connect(HOST,NAME,PASSWORD,DATABASE) or die('Error can not connect to database');

 $query = "SELECT uid,email FROM `corporate` WHERE (email='$chk_email')";
 $result = mysqli_query($dbc, $query);
            
 //found
 if(@mysqli_num_rows($result) == 1)
 {
                    $ROW = mysqli_fetch_array($result);
                    $sent_email = $ROW['email']; //get email
                    $id = $ROW['uid'];           //get uid
                    
                    $new_password = generatePassword(8);//generates 8 char long random password 
                    $enc_password = md5($new_password); //encrypt
                    
                    $statement = "UPDATE corpoorate SET password=".$enc_password." WHERE uid ='$id'";
                    $go = mysqli_query($dbcc,$statement) or die(mysqli_error());
                    mysqli_close($dbcc);
                    
                       /*
                        * HOW DO I CHECK IF PASSWORD IS UPDATED IN THE DATABASE?
                        * IF IT IS, SEND EMAIL
                                                    * IF $go==true does not work!
                        **/
                    if($go==true){
                    $sendmessage = "We have generated a new password token for you.\n Your password is reset to ".$new_password." \n Please note that this password is not secure. Once you login, please reset your password.\n ";
                    
                     mail($sent_email,'Password Reset',$sendmessage,'From: address@gmail.com');     
                                                                                    }                   
                    
                     header("Location : http://limozoor.com/login/signin.php");
                     exit();    
        }//if
        mysqli_close($dbcc);

Answer 1

Why don't you use mysqli_affected_rows ?

 // remove: $go = mysqli_query($dbcc,$statement) or die(mysqli_error());
 $qry =@ mysqli_query($dbcc, $statement);
 $aff =@ mysqli_affected_rows($dbcc);
 if ($qry === true && $aff > 0) {
      mail(...);
 }

From manual;

mysqli_query :

Returns FALSE on failure. For successful SELECT, SHOW, DESCRIBE or EXPLAIN queries mysqli_query() will return a mysqli_result object. For other successful queries mysqli_query() will return TRUE.

mysqli_affected_rows :

An integer greater than zero indicates the number of rows affected or retrieved. Zero indicates that no records where updated for an UPDATE statement, no rows matched the WHERE clause in the query or that no query has yet been executed. -1 indicates that the query returned an error.

http://php.net/manual/en/mysqli.affected-rows.php
http://php.net/manual/en/mysqli.query.php

Answer 2

Because of your or die(mysqli_error()); -condition the password will always be updated in the table if it reaches those lines of execution.

However, I am sceptic towards your if(@mysqli_num_rows($resultt) == 1) because if there is any error in your first SQL-query, you are supressing all error messages there (by using @ ), which makes me think that you never even try to execute the UPDATE statements.