我创建了一个PHP脚本,允许我的网站上的用户在注册后更改其密码,但是当我尝试在网站上打开它时出现错误。我相信这是由于我的语法错误,但我似乎无法发现它。有人可以看看你能找到什么吗?这是脚本:
<?php
session_start();
$user = $_SESSION['username'];
if ($user)
{
//user is logged in
if ($_POST['submit'])
{
//start changing password
//check fields
$oldpassword = md5($_POST['oldpassword']);
$newpassword = md5($_POST['newpassword']);
$repeatnewpassword = md5($_POST['repeatnewpassword']);
//check password against db
include('connection.php');
$queryget = mysql_query("SELECT password FROM Users WHERE username='$user'") or die ("change password failed");
$row = mysql_fetch_assoc($queryget);
$oldpassworddb = $row['password'];
//check passwords
if ($oldpassword==$oldpassworddb)
{
//check two new passwords
if ($newpassword==$repeatnewpassword)
{
//successs
//change password in db
$querychange = mysql_query("UPDATE Users SET password='$newpassword' WHERE username='$user'");
session_destroy();
die("Your password has been changed. <a href='homepage.php'> Return</a>");
}
else
die("Old password doesn't match!");
}
else
echo"
<form action='changepassword.php' method='POST'>
Old Password: <input type='text' name='oldpassword'><p>
New Password: <input type='password' name='newpassword'><p>
Repeat New Password: <input type='password' name='repeatnewpassword'><p>
<input type='submit' name ='submit' value='submit'>
</form>
";
}
else
die ("You must be logged in to change your password");
}
?>
我得到的错误如下:
注意:未定义的索引:在第11行的/var/www/localhost/htdocs/changepassword.php中提交 您必须登录才能更改密码。
提前感谢您的帮助。
答案 0 :(得分:1)
首先你应该注意到mysql已弃用,请使用mysqli或PDO代替More info或者像NullPointer指向More Good Info :)
像这样更改代码的结尾,以获得您想要失败的正确结果:
}else
die ("Nothing came from the $_POST variable");
}else
die ("You must be logged in to change your password");
你得到的错误可能是因为你的$ _POST变量未设置,请使用isset()检查$ _POST是否已设置。示例:
if (isset($_POST['submit']))
{
//submit post was set
}else
{
//submit post wasn´t set
}
如果您仍未获得任何价值,请检查您的表格。
更新:
要查看实际的表单,您必须在代码保持这样的格式之前结束isset:
<?php
session_start();
$user = $_SESSION['username'];
if (isset($_SESSION['username']))
{
//user is logged in
if (isset($_POST['submit']))
{
//start changing password
//check fields
$oldpassword = md5($_POST['oldpassword']);
$newpassword = md5($_POST['newpassword']);
$repeatnewpassword = md5($_POST['repeatnewpassword']);
//check password against db
include('connection.php');
$queryget = mysql_query("SELECT password FROM Users WHERE username='$user'") or die ("change password failed");
$row = mysql_fetch_assoc($queryget);
$oldpassworddb = $row['password'];
//check passwords
if ($oldpassword==$oldpassworddb)
{
//check two new passwords
if ($newpassword==$repeatnewpassword)
{
//successs
//change password in db
$querychange = mysql_query("UPDATE Users SET password='$newpassword' WHERE username='$user'");
session_destroy();
die("Your password has been changed. <a href='homepage.php'> Return</a>");
}
else
die("New password doesn't match!");
}else
die("Old password doesn't match!");
}
else
{
echo"
<form action='changepassword.php' method='POST'>
Old Password: <input type='text' name='oldpassword'><p>
New Password: <input type='password' name='newpassword'><p>
Repeat New Password: <input type='password' name='repeatnewpassword'><p>
<input type='submit' name ='submit' value='submit'>
</form>
";
}
}else
die ("You must be logged in to change your password");
?>
但是在你登录之前你不会看到它。你的第二个问题是你的$ user变量似乎没有任何价值。尝试上面的代码后,如果它不工作。 把这一行放在
之后$user = $_SESSION['username'];
echo 'Here it shold show the user: '.$user.'';
如果它不会显示你没有正确传递会话值。
还有一件事,如果您的表单指向同一页面,那就是将您的行更改为此行:
<form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"], ENT_QUOTES, "utf-8");?>" method='POST'>
答案 1 :(得分:0)
您输入的html表单中有一个额外的空格
<input type='submit' name ='submit' value='submit'>
将其更改为
<input type='submit' name='submit' value='submit'>
您还应该确保
if (isset($_POST['submit']))