在下面的代码中,我有当前密码,新密码和重复新密码字段但我不希望当前密码字段更改密码。
注意:我只需要新密码并在表单中重复新密码。
<?php
session_start();
$user = $_SESSION['username'];
if (isset($_SESSION['username']))
{
//user is logged in
if (isset($_POST['submit']))
{
//start changing password
//check fields
$oldpassword = md5($_POST['oldpassword']);
$newpassword = md5($_POST['newpassword']);
$repeatnewpassword = md5($_POST['repeatnewpassword']);
//check password against db
include_once "connect_to_mysql.php";
$queryget = mysql_query("SELECT password FROM members WHERE username='$user'") or die ("change password failed");
$row = mysql_fetch_assoc($queryget);
$oldpassworddb = $row['password'];
//check passwords
if ($oldpassword==$oldpassworddb)
{
//check two new passwords
if ($newpassword==$repeatnewpassword)
{
//successs
//change password in db
$querychange = mysql_query("UPDATE members SET password='$newpassword' WHERE username='$user'");
session_destroy();
die("Your password has been changed. <a href='login.php'> Login Again</a>");
}
else
die("New password doesn't match!");
}else
die("Old password doesn't match!");
}
else
{
echo"
<form action='change_password.php' method='POST'>
Old Password: <input type='text' name='oldpassword'><p>
New Password: <input type='password' name='newpassword'><p>
Repeat New Password: <input type='password' name='repeatnewpassword'><p>
<input type='submit' name ='submit' value='submit'>
</form>
";
}
}else
die ("You must be logged in to change your password");
?>
答案 0 :(得分:1)
尝试使用此代码:
<?php
session_start();
$user = $_SESSION['username'];
if (isset($_SESSION['username']))
{
//user is logged in
if (isset($_POST['submit']))
{
//start changing password
//check fields
$newpassword = md5($_POST['newpassword']);
$repeatnewpassword = md5($_POST['repeatnewpassword']);
//check password against db
include_once "connect_to_mysql.php";
$queryget = mysql_query("SELECT password FROM members WHERE username='$user'") or die ("change password failed");
$row = mysql_fetch_assoc($queryget);
//check two new passwords
if ($newpassword==$repeatnewpassword)
{
//successs
//change password in db
$querychange = mysql_query("UPDATE members SET password='$newpassword' WHERE username='$user'");
session_destroy();
die("Your password has been changed. <a href='login.php'> Login Again</a>");
}
else {
die("New password doesn't match!");
}
else
{
echo"
<form action='change_password.php' method='POST'>
Old Password: <input type='text' name='oldpassword'><p>
New Password: <input type='password' name='newpassword'><p>
Repeat New Password: <input type='password' name='repeatnewpassword'><p>
<input type='submit' name ='submit' value='submit'>
</form>
";
}
}else
die ("You must be logged in to change your password");
?>
答案 1 :(得分:0)
从表单中删除旧密码字段,如果条件使用旧密码检查数据库中的旧密码,则删除
这是您可能需要的代码
<?php
session_start();
$user = $_SESSION['username'];
if (isset($_SESSION['username']))
{
//user is logged in
if (isset($_POST['submit']))
{
//start changing password
//check fields
$newpassword = md5($_POST['newpassword']);
$repeatnewpassword = md5($_POST['repeatnewpassword']);
//check password against db
include_once "connect_to_mysql.php";
$queryget = mysql_query("SELECT password FROM members WHERE username='$user'") or die ("change password failed");
$row = mysql_fetch_assoc($queryget);
$oldpassworddb = $row['password'];
//check two new passwords
if ($newpassword==$repeatnewpassword)
{
//successs
//change password in db
$querychange = mysql_query("UPDATE members SET password='$newpassword' WHERE username='$user'");
session_destroy();
die("Your password has been changed. <a href='login.php'> Login Again</a>");
}
else
die("New password doesn't match!");
}
else
{
echo"
<form action='change_password.php' method='POST'>
New Password: <input type='password' name='newpassword'><p>
Repeat New Password: <input type='password' name='repeatnewpassword'><p>
<input type='submit' name ='submit' value='submit'>
</form>
";
}
}else
die ("You must be logged in to change your password");
?>