我正在为时钟编写此脚本,其中一个if语句无法正常工作。我已将下面的文件包括在内。我已经改变了一些隐私部分。它是在检查用户名和当前密码是否正确时。该过程正确执行,但显示不正确。它始终显示“抱歉,找不到用户名/密码组合。您必须立即重新登录。应该说密码已更改。这是代码的一部分很奇怪。任何帮助都表示赞赏。
$sql = "SELECT * FROM tc_users WHERE userid = '$user_value' and password = '$current_pass'";
$result = mysql_query($sql);
if(mysql_num_rows($result) == 0) {
echo "Sorry, that username/password combination was not found. You must re-login now.";
} else {
if ($other_new_pass_value != $other_new_pass_confirm_value) {
echo "Those passwords do not match, please go back and try again.";
}else {
echo "Password has successfully been changed. You must now re-login.";
}
}
另外,我试图将该按钮放在页面底部。有没有办法将html嵌套到php文件而不关闭php标签?
<head>
<title>Login Script</title>
<body bgcolor="#9966FF">
<link rel="icon" type="image/ico" href="favicon path"/>
</head>
<?php
define('DB_NAME', 'name');
define('DB_USER', 'user');
define('DB_PASSWORD', 'pass');
define('DB_HOST', 'host');
$link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD);
if (!$link){
die('Could not connect: ' .mysql_error());
}
$db_selected = mysql_select_db(DB_NAME, $link);
if (!$db_selected) {
die('Can\'t use ' . DB_NAME . ': ' . mysql_error());
}else
$user_value = $_POST['youruserid'];
$current_pass = $_POST['currentpass'];
$new_pass = $_POST['newpass'];
$new_pass_c = $_POST['confirmnewpass'];
$updatesql= "UPDATE tc_users SET password='$new_pass' WHERE userid = '$user_value'";
$updatequery = mysql_query($updatesql);
$sql = "SELECT * FROM tc_users WHERE userid = '$user_value' and password = '$current_pass'";
$result = mysql_query($sql);
if(mysql_num_rows($result) == 0) {
echo "Sorry, that username/password combination was not found. You must re-login now.";
} else {
if ($other_new_pass_value != $other_new_pass_confirm_value) {
echo "Those passwords do not match, please go back and try again.";
}else {
echo "Password has successfully been changed. You must now re-login.";
}
}
mysql_close();
?>
<form action="login path" method="post" />
<input type="submit" value="Okay." />
</form>
以下是用户提交的表单。
<head>
<title>Change User Password</title>
<body bgcolor="#9966FF">
<link rel="icon" type="image/ico" href="ico path"/>
</head>
<h3>This is the page to change your password.</h3>
<br>
<form action="chgpassprocess.php" method="post" />
<table>
<tr>
<td align="right">Your User ID: </td>
<td align="left"><input type="text" name="youruserid"/></td>
</tr>
<tr>
<td align="right">Current Password: </td>
<td align="left"><input type="password" name="currentpass"/></td>
</tr>
<tr>
<td align="right">New Password: </td>
<td align="left"><input type="password" name="newpass"/></td>
</tr>
<tr>
<td align="right">Confirm New Password: </td>
<td align="left"><input type="password" name="confirmnewpass"/></td>
</tr>
<tr>
<td align="right"><input type="submit" value="Submit" /></td>
<td align="left"><input type="reset" value="Reset Form" /></td>
</tr>
</table>
</form>
<form method="GET" action="path">
<input type="submit" value="Cancel">
</form>
答案 0 :(得分:0)
逻辑流程不正确,因为您更新了:
UPDATE tc_users SET password='$new_pass'
WHERE userid = '$user_value'
然后检查旧密码
SELECT *
FROM tc_users
WHERE userid = '$user_value' and password = '$current_pass'
你想做相反的事情,首先检查然后更新:
if(mysql_num_rows($result) == 0) {
echo "Sorry, that username/password combination was not found....";
} else {
if ($other_new_pass_value != $other_new_pass_confirm_value) {
echo "Those passwords do not match, please go back and try again.";
}else {
//move the update code here to only run when the old one is found
//and the new one matches its confirmation
echo "Password has successfully been changed. You must now re-login.";
}
}