我不断收到错误,我必须在我的代码中正确输入两个新密码。那不是我想要的。如果填写了密码字段,则应检查密码是否匹配并符合要求。否则,它应该更新配置文件。但它不这样做。 IT仍会检查密码字段。你能告诉我我的代码出错吗?
<?php
if ($post == "yes") {
$uppercase = preg_match('@[A-Z]@', $password);
$lowercase = preg_match('@[a-z]@', $password);
$number = preg_match('@[0-9]@', $password);
if (isset($password) && ($password != $password2 || !$uppercase || !$lowercase || !$number || strlen($password) < 8)) {
echo "<table class=tablenews><tr><td>There is an error with your passwords. Either they do not match, or your new password does not contain 8 characters, a number, a lower and an upper case letter. Go back and retry again. </td></tr></table>";
}
else {
$password = generateHash($password);
$result = mysql_query("UPDATE users SET avatar='" . $avatar . "' WHERE id='". $_SESSION['user_id'] . "'")
or die(mysql_error());
$result = mysql_query("UPDATE users SET u_signature='" . $signature . "' WHERE id='". $_SESSION['user_id'] . "'")
or die(mysql_error());
$result = mysql_query("UPDATE users SET u_bio='" . $bio . "' WHERE id='". $_SESSION['user_id'] . "'")
or die(mysql_error());
$result = mysql_query("UPDATE users SET u_desc='" . $desc . "' WHERE id='". $_SESSION['user_id'] . "'")
or die(mysql_error());
$result = mysql_query("UPDATE users SET u_intro='" . $intro . "' WHERE id='". $_SESSION['user_id'] . "'")
or die(mysql_error());
$result = mysql_query("UPDATE users SET password='" . $password . "' WHERE id='". $_SESSION['user_id'] . "'")
or die(mysql_error());
printf('<script>window.location = "http://www.sw-bfs.com/index.php?siteid=profileedit"</script>');
}
if (!isset($password)) {
$result = mysql_query("UPDATE users SET avatar='" . $avatar . "' WHERE id='". $_SESSION['user_id'] . "'")
or die(mysql_error());
$result = mysql_query("UPDATE users SET u_signature='" . $signature . "' WHERE id='". $_SESSION['user_id'] . "'")
or die(mysql_error());
$result = mysql_query("UPDATE users SET u_bio='" . $bio . "' WHERE id='". $_SESSION['user_id'] . "'")
or die(mysql_error());
$result = mysql_query("UPDATE users SET u_desc='" . $desc . "' WHERE id='". $_SESSION['user_id'] . "'")
or die(mysql_error());
$result = mysql_query("UPDATE users SET u_intro='" . $intro . "' WHERE id='". $_SESSION['user_id'] . "'")
or die(mysql_error());
printf('<script>window.location = "http://www.sw-bfs.com/index.php?siteid=profileedit"</script>');
}
}
else {
?>
<table class="tablenews">
<tr><th>Edit your Profile</th></tr>
<?php
$userfinalid = $_SESSION['user_id'];
$prAvatar = get_user_data($userfinalid, avatar);
$prSignature = get_user_data($userfinalid, signature);
$prBio = get_user_data($userfinalid, bio);
$prDesc = get_user_data($userfinalid, desc);
$prIntro = get_user_data($userfinalid, intro);
?>
<br><tr><td>
<form method="post" action="<?php echo $thispage . "?siteid=profileedit"; ?>&proc=New&post=yes&<?php echo $pagevars; ?>">
<?php
echo '<label for="avatar" class=customlabelname>Avatar Link:</label><br><input type="text" class=customlabel name="avatar" value="' . $prAvatar .'"><br>';
echo '<label for="bio" class=customlabelname>User Bio:</label><br><textarea rows="10" cols="40" class=customlabel name="bio">' . $prBio .'</textarea><br>';
echo '<label for="desc" class=customlabelname>User Description:</label><br><textarea rows="10" cols="40" class=customlabel name="desc">' . $prDesc .'</textarea><br>';
echo '<label for="intro" class=customlabelname>User PM Intro:</label><br><textarea rows="10" cols="40" class=customlabel name="intro">' . $prIntro .'</textarea><br>';
echo '<label for="signature" class=customlabelname>User Signature:</label><br><textarea rows="10" cols="40" class=customlabel name="signature">' . $prSignature .'</textarea><br>';
echo '<label for="password" class=customlabelname>New Password(Leave Blank if it will be the same):</label><input type=password rows="10" cols="40" class=customlabel name="password"></textarea><br>';
echo '<label for="password2" class=customlabelname>ReType Password:</label><input type=password rows="10" cols="40" class=customlabel name="password2"></textarea><br>';
echo '<input type=submit value="submit" class=button2>';
?>
</td>
</tr>
</table>
<?php
}
?>
答案 0 :(得分:0)
if (isset($_POST['password']) ...) {
// ... display error
}
这意味着如果password
数组中存在$_POST
密钥,则显示错误。我认为你的意思是如果password
数组中<{1}}键不存在,则显示错误。你应该在它之前放一个$_POST
来反转if:
!
答案 1 :(得分:0)
这是否能达到您想要做的目的:
if(isset($password)) {
if ($password != $password2 || !$uppercase || !$lowercase || !$number || strlen($password) < 8) {
error_log('error');
echo "<table class=tablenews><tr><td>There is an error with your passwords. Either they do not match, or your new password does not contain 8 characters, a number, a lower and an upper case letter. Go back and retry again. </td></tr></table>";
} else {
$password = generateHash($password);
$result = mysql_query("UPDATE users SET avatar='" . $avatar . "' WHERE id='". $_SESSION['user_id'] . "'")
or die(mysql_error());
$result = mysql_query("UPDATE users SET u_signature='" . $signature . "' WHERE id='". $_SESSION['user_id'] . "'")
or die(mysql_error());
$result = mysql_query("UPDATE users SET u_bio='" . $bio . "' WHERE id='". $_SESSION['user_id'] . "'")
or die(mysql_error());
$result = mysql_query("UPDATE users SET u_desc='" . $desc . "' WHERE id='". $_SESSION['user_id'] . "'")
or die(mysql_error());
$result = mysql_query("UPDATE users SET u_intro='" . $intro . "' WHERE id='". $_SESSION['user_id'] . "'")
or die(mysql_error());
$result = mysql_query("UPDATE users SET password='" . $password . "' WHERE id='". $_SESSION['user_id'] . "'")
or die(mysql_error());
printf('<script>window.location = "http://www.sw-bfs.com/index.php?siteid=profileedit"</script>');
}
}
让剩下的代码保持不变,只需替换第一个if / else。
您的代码格式化可能会使用一些清理,您应该真正压缩mysql查询。