PHP无法正常工作,数据库无法更新

时间:2013-02-03 20:09:31

标签: php mysql sql break

我正在编写这个PHP脚本来更新用户密码,需要旧的密码,新的和新的确认。这一切都适用于实际的UPDATE mysql语句。不知道我做错了什么,也非常感谢!

另外,我知道它不安全等等,我只是试着让它首先成为一个php新手!

我正在撕扯我的头发,当我运行它时,一切似乎都工作,除了它在if (empty($error)){之前断开,我已经测试了会话电子邮件的回声并显示了它,但它没有更新数据库使用新密码。请帮忙!下面是我的代码:

<?php
session_start();

include('database_connection.php');

$error = array();

if (empty($_POST['oldpassword'])){
$error[] ='You did not enter your current password!';
} else {
    $oldpassword = $_POST['oldpassword'];
}



if (empty($_POST['newpassword'])){

    $error[] = 'You did not enter a new password!';
} else {
    if(preg_match("/^.*(?=.{8,})(?=.*[0-9])(?=.*[a-z])(?=.*[A-Z]).*$/", $_POST["newpassword"])){
        $newpassword = $_POST['newpassword'];
    } else{
        $error[] = 'Password must be at least 8 characters and must contain at least one lower case letter, one upper case letter and one digit!';
    }
}

if (empty($_POST['newpasswordcon'])){
    $error[] = 'You did not enter your new password confirmation!';
} else {
    if(preg_match("/^.*(?=.{8,})(?=.*[0-9])(?=.*[a-z])(?=.*[A-Z]).*$/", $_POST["newpasswordcon"])){
        $newpasswordcon = $_POST['newpasswordcon'];
    } else{
        $error[] = 'Password must be at least 8 characters and must contain at least one lower case letter, one upper case letter and one digit!';
    }
}


if($_POST['newpassword'] != $_POST['newpasswordcon']){
$error[] ='New password and confirmation do not match!' ;
}


$sql = "SELECT password FROM users WHERE email='" . $_SESSION['email'] . "'";
$result = mysql_query($sql);


if( $r = mysql_fetch_array($result) ) {
extract($r);



if($_POST['oldpassword'] != $password);{
$error[] ='Incorrect current password!';

}

//breaks here
echo $_SESSION['email'];

if (empty($error)){

echo $_SESSION['email'];
mysql_query("UPDATE users SET password='$newpassword' WHERE email='" . $_SESSION['email'] . "'");


echo '<p class ="alert alert-success fade in">Success! Your password has been updated!</p>';

}
} else{

    foreach ($error as $key => $values) {

            echo '<p class ="alert alert-error fade in">'.$values.'</p>';


}
}
?>

2 个答案:

答案 0 :(得分:2)

有一个分号不应该在那里。

if ($_POST['oldpassword'] != $password);{ // <- remove this semicolon after )
   $error[] ='Incorrect current password!';
}

答案 1 :(得分:-4)

我在你的代码中没有看到任何addslashes(),我想知道你是否得到任何匹配? http://www.php.net/manual/en/function.addslashes.php

相关问题
最新问题