如果其他人失败了我

时间:2013-01-10 21:31:28

标签: php forms if-statement

我不断收到错误,我必须在我的代码中正确输入两个新密码。那不是我想要的。如果填写了密码字段,则应检查密码是否匹配并符合要求。否则,它应该更新配置文件。但它不这样做。 IT仍会检查密码字段。你能告诉我我的代码出错吗?

    <?php
    if ($post == "yes") {


    $uppercase = preg_match('@[A-Z]@', $password);
    $lowercase = preg_match('@[a-z]@', $password);
    $number    = preg_match('@[0-9]@', $password);

    if (isset($password) && ($password != $password2 || !$uppercase || !$lowercase ||    !$number || strlen($password) < 8)) {
    echo "<table class=tablenews><tr><td>There is an error with your passwords. Either they do not match, or your new password does not contain 8 characters, a number, a lower and an upper case letter. Go back and retry again. </td></tr></table>";

    }

    else {
     $password = generateHash($password);

    $result = mysql_query("UPDATE users SET avatar='" . $avatar . "' WHERE id='". $_SESSION['user_id'] . "'") 
    or die(mysql_error());  
    $result = mysql_query("UPDATE users SET u_signature='" . $signature . "' WHERE id='".   $_SESSION['user_id'] . "'") 
     or die(mysql_error()); 
    $result = mysql_query("UPDATE users SET u_bio='" . $bio . "' WHERE id='".    $_SESSION['user_id'] . "'") 
    or die(mysql_error()); 
    $result = mysql_query("UPDATE users SET u_desc='" . $desc . "' WHERE id='". $_SESSION['user_id'] . "'") 
    or die(mysql_error()); 
    $result = mysql_query("UPDATE users SET u_intro='" . $intro . "' WHERE id='".     $_SESSION['user_id'] . "'") 
    or die(mysql_error()); 
        $result = mysql_query("UPDATE users SET password='" . $password . "' WHERE id='". $_SESSION['user_id'] . "'") 
or die(mysql_error()); 
printf('<script>window.location = "http://www.sw-bfs.com/index.php?siteid=profileedit"</script>');
}

    if (!isset($password)) {
$result = mysql_query("UPDATE users SET avatar='" . $avatar . "' WHERE id='". $_SESSION['user_id'] . "'") 
or die(mysql_error());  
$result = mysql_query("UPDATE users SET u_signature='" . $signature . "' WHERE id='". $_SESSION['user_id'] . "'") 
or die(mysql_error()); 
$result = mysql_query("UPDATE users SET u_bio='" . $bio . "' WHERE id='". $_SESSION['user_id'] . "'") 
or die(mysql_error()); 
$result = mysql_query("UPDATE users SET u_desc='" . $desc . "' WHERE id='". $_SESSION['user_id'] . "'") 
or die(mysql_error()); 
$result = mysql_query("UPDATE users SET u_intro='" . $intro . "' WHERE id='". $_SESSION['user_id'] . "'") 
or die(mysql_error()); 



    printf('<script>window.location = "http://www.sw-bfs.com/index.php?siteid=profileedit"</script>');

}


}

else {
?>

<table class="tablenews">
<tr><th>Edit your Profile</th></tr>

<?php
$userfinalid = $_SESSION['user_id'];
$prAvatar = get_user_data($userfinalid, avatar);
$prSignature = get_user_data($userfinalid, signature);
$prBio = get_user_data($userfinalid, bio);
$prDesc = get_user_data($userfinalid, desc);
$prIntro = get_user_data($userfinalid, intro);
?>

<br><tr><td>
<form method="post" action="<?php echo $thispage . "?siteid=profileedit"; ?>&proc=New&post=yes&<?php echo $pagevars; ?>">

<?php

echo '<label for="avatar" class=customlabelname>Avatar Link:</label><br><input type="text" class=customlabel name="avatar" value="' . $prAvatar .'"><br>';
echo '<label for="bio" class=customlabelname>User Bio:</label><br><textarea rows="10" cols="40" class=customlabel name="bio">' . $prBio .'</textarea><br>';
echo '<label for="desc" class=customlabelname>User Description:</label><br><textarea rows="10" cols="40" class=customlabel name="desc">' . $prDesc .'</textarea><br>';
echo '<label for="intro" class=customlabelname>User PM Intro:</label><br><textarea rows="10" cols="40" class=customlabel name="intro">' . $prIntro .'</textarea><br>';
echo '<label for="signature" class=customlabelname>User Signature:</label><br><textarea rows="10" cols="40" class=customlabel name="signature">' . $prSignature .'</textarea><br>';
echo '<label for="password" class=customlabelname>New Password(Leave Blank if it will be the same):</label><input type=password rows="10" cols="40" class=customlabel name="password"></textarea><br>';
echo '<label for="password2" class=customlabelname>ReType Password:</label><input type=password rows="10" cols="40" class=customlabel name="password2"></textarea><br>';
echo '<input type=submit value="submit" class=button2>';
?>

</td>
</tr>
</table>
<?php
}
    ?>

2 个答案:

答案 0 :(得分:0)

if (isset($_POST['password']) ...) {
    // ... display error
}

这意味着如果password数组中存在$_POST密钥,则显示错误。我认为你的意思是如果password数组中<{1}}键不存在,则显示错误。你应该在它之前放一个$_POST来反转if:

!

答案 1 :(得分:0)

这是否能达到您想要做的目的:

if(isset($password)) {
    if ($password != $password2 || !$uppercase || !$lowercase || !$number || strlen($password) < 8) {
        error_log('error');
    echo "<table class=tablenews><tr><td>There is an error with your passwords. Either they do not match, or your new password does not contain 8 characters, a number, a lower and an upper case letter. Go back and retry again. </td></tr></table>";

    } else {
        $password = generateHash($password);

        $result = mysql_query("UPDATE users SET avatar='" . $avatar . "' WHERE id='". $_SESSION['user_id'] . "'")
        or die(mysql_error());
        $result = mysql_query("UPDATE users SET u_signature='" . $signature . "' WHERE id='".   $_SESSION['user_id'] . "'")
         or die(mysql_error());
        $result = mysql_query("UPDATE users SET u_bio='" . $bio . "' WHERE id='".    $_SESSION['user_id'] . "'")
        or die(mysql_error());
        $result = mysql_query("UPDATE users SET u_desc='" . $desc . "' WHERE id='". $_SESSION['user_id'] . "'")
        or die(mysql_error());
        $result = mysql_query("UPDATE users SET u_intro='" . $intro . "' WHERE id='".     $_SESSION['user_id'] . "'")
        or die(mysql_error());
            $result = mysql_query("UPDATE users SET password='" . $password . "' WHERE id='". $_SESSION['user_id'] . "'")
        or die(mysql_error());
        printf('<script>window.location = "http://www.sw-bfs.com/index.php?siteid=profileedit"</script>');
    }
}

让剩下的代码保持不变,只需替换第一个if / else。

您的代码格式化可能会使用一些清理,您应该真正压缩mysql查询。