我有这个代码,我正在尝试将$ current与$ password进行比较,这是一个数组,甚至认为它们都具有相同的值并且不起作用。
$current_password = mysqli_query($db_connection,"SELECT password FROM
user WHERE username = 'sanket' ");
$row = mysqli_fetch_array($current_password);
foreach($row as $pass)
{
$password = $pass[0];
}
$current = $_POST['old_password'];
if ($current == $password) {
if ($_POST['new_password'] == $_POST['confirm_password']) {
mysqli_query($db_connection,"UPDATE user SET password
= ".$_POST['confirm_password']." WHERE username = 'sanket'") ;
}
答案 0 :(得分:2)
$row = mysqli_fetch_array($current_password);
foreach($row as $pass)
{
$password = $pass[0];
}
$row已经是一个包含字符串的一维数组。当您预约$row时,$pass将是一个字符串。因此,当您将$pass[0]分配给$password时,您会将$pass中字符串的第一个字符分配给$password。所以写一下:
$row = mysqli_fetch_array($current_password);
$password = $row[0];
这里有必要的警告:使用mysqli_prepare或mysqli_real_escape_string正确转义用户输入!