我有一个脚本,用于更新我正在开发的网站上的用户个人资料,我无法弄明白。 当我点击网站上的提交时,没有任何反应,我有一个表单设置和所有,我没有得到任何错误消息。我甚至在Google周围寻找解决方案,但我找不到任何帮助。
这适用于同一个.php文件,它不会请求另一个.php文件。它检查是否有POST请求,然后从那里做所有事情......密码事物对于用户是可选的,并且只应在密码字段中输入内容时执行该操作。如果没有POST请求,那么它只会向用户显示带有输入框等的表单/表,这不是问题。
有什么想法吗?
if(isset($_POST['username']))
{
try
{
/*** connect to database ***/
/*** mysql hostname ***/
$mysql_hostname = 'localhost';
/*** mysql username ***/
$mysql_username = 'username';
/*** mysql password ***/
$mysql_password = 'password';
/*** database name ***/
$mysql_dbname = 'database';
/*** select the users name from the database ***/
$dbh = new PDO("mysql:host=$mysql_hostname;dbname=$mysql_dbname", $mysql_username, $mysql_password);
/*** $message = a message saying we have connected ***/
/*** set the error mode to excptions ***/
$dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
/*** if we are here the data is valid and we can insert it into database ***/
$UsrEmail = filter_var($_POST['email'], FILTER_SANITIZE_STRING);
$RealName = filter_var($_POST['realname'], FILTER_SANITIZE_STRING);
/*** prepare the insert ***/
$updUSR = "UPDATE Users
SET UsrEmail=?, RealName=?
WHERE UsrID=".$_SESSION['UsrID']."";
$stmtu = $dbh->prepare($updUSR);
$stmtu->bindParam(':email', $UsrEmail, PDO::PARAM_STR);
$stmtu->bindParam(':realname', $RealName, PDO::PARAM_STR);
$stmtu->execute(array($UsrEmail,$RealName));
$stmtu->execute();
if(isset($_POST['currpass'], $_POST['newpass1'], $_POST['newpass2']))
{
/*** if we are here the data is valid and we can insert it into database ***/
$currpass = filter_var($_POST['currpass'], FILTER_SANITIZE_STRING);
$newpass = filter_var($_POST['newpass1'], FILTER_SANITIZE_STRING);
$newpass2 = filter_var($_POST['newpass2'], FILTER_SANITIZE_STRING);
/*** verify if the passwords match ***/
if($newpass == $newpass2)
{
/*** now we can encrypt the password ***/
$UsrPasswd = sha1( $newpass );
$updPW = "UPDATE Users
SET UsrPasswd=?
WHERE UsrID=".$_SESSION['UsrID']."";
$stmtp->bindParam(':newpass', $UsrPasswd, PDO::PARAM_STR, 40);
$stmtp = $dbh->prepare($updPW);
$stmtp->execute(array($UsrPasswd));
$stmtp->execute();
}
else
{
$message = "The passwords entered do not match, please try again.";
}
}
/*** if all is done, say thanks ***/
$message = 'Profile Settings Changed Successfully';
}
catch(Exception $e)
{
/*** if we are here, something has gone wrong ***/
$message = 'We are unable to process your request.<br />Please try again later.';
}
}
答案 0 :(得分:0)
您的代码存在一些问题,我在本部分中更正了其中一些问题:
$UsrEmail = $_POST['email'];
$RealName = $_POST['realname'];
/*** prepare the insert ***/
$updUSR = "UPDATE Users SET UsrEmail=?, RealName=? WHERE UsrID=?";
$stmtu = $dbh->prepare($updUSR);
$stmtu->bindParam(1, $UsrEmail);
$stmtu->bindParam(2, $RealName);
$stmtu->bindParam(3, $_SESSION['UsrID']);
$stmtu->execute();
如果您使用问号占位符,则必须使用bindParam(1, $UsrEmail)而不是bindParam(":email", $UsrEmail),也不需要在execute内传递数组