由于某种原因,我的代码更新了玩家密码,甚至没有看到是否有旧密码是正确的我先在这里检查"否则if($ pass!= mysql_result($ result,0))"但它没有用?
PHP
<?php
session_start();
if(!isset($_SESSION["sess_user"])){
header("location: index");
} else {
$my_player = $_SESSION['sess_user'];
}
if(isset($_POST["sumbit"])){
$link= mysql_connect ("localhost:8889","root","root")or die("Could not connect: ".mysql_error());
mysql_select_db("register") or die(mysql_error());
$pass = $_POST['pass'];
$newpass = $_POST['newpass'];
$confirmnewpass = $_POST['confirmnewpass'];
$result = mysql_query("SELECT password FROM login WHERE username='$my_player'");
if(!$result) {
$alert = "Failure ";
}
else if($pass!= mysql_result($result, 0)) {
$alert = "incorect password";
}
if($newpass==$confirmnewpass)
$sql=mysql_query("UPDATE login SET password='$newpass' where username='$my_player'");
if($sql) {
$alert = "You just changed your password to $newpass";
}
else {
$alert = "newpassword field not entered";
}
}
?>
HTML
<div class="container">
<form role="form" class="form-signin" action="" method="POST">
<h1 class="text-left">Change Password</h1><p>for <?=$my_player;?></p>
<input type="password" name="pass" placeholder="Enter your password" class="form-control" autofocus required><br/>
<input type="password" name="newpass" placeholder="Enter new password" class="form-control" required><br/>
<input type="password" name="confirmnewpass" placeholder="Re-Enter new password" class="form-control" required><br/>
<input type="submit" name="sumbit" value="Update Password" class="btn btn-lg btn-primary btn-block"><br/>
<?=$alert;?>
</form>
</div>
答案 0 :(得分:0)
试试这个:
添加:
$opass = mysql_fetch_array($result);
之后:
$result = mysql_query("SELECT password FROM login WHERE username='$my_player'");
并替换:
else if($pass!= mysql_result($result, 0)) {
人:
else if($pass!= $opass['password']) {
此外,定义警报时,您的代码不会停止。 您需要替换:
$alert = "Alert";
人:
die("Alert");
如果不是,即使发生错误,您的代码也会继续。
答案 1 :(得分:-1)
抛出错误后代码仍然继续。如果你把它放到功能中,并且在每个错误消息之后放置return: false;它将起作用