当用户使用电子邮件地址注册作为登录时,一切都很好,他可以注销并重新登录。问题是当他在他的个人资料中更新他的电子邮件地址时,他无法登录任何更长,使用新电子邮件或旧电子邮件,因为数据库反映了新电子邮件。
的login.php
<?php
session_start();
if($_GET["logout"]==1 AND $_SESSION['id']) { session_destroy();
header("Location:logout.php");
}
include 'connection.php';
if ($_POST['submit']=="Sign Up") {
if (!$_POST['email']) $error.="<br />Please enter your email";
else if (!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) $error.="<br />Please enter a valid email address";
if (!$_POST['password']) $error.="<br />Please enter your password";
else {
if (strlen($_POST['password'])<8) $error.="<br />Please enter a password with at least 8 characters";
if (!preg_match('`[A-Z]`', $_POST['password'])) $error.="<br />Please enter at least 1 capital letter";
}
if ($error) $error = "There were error(s) in your signup details:".$error;
else {
$query = "SELECT * FROM `users` WHERE email='".mysqli_real_escape_string($link, $_POST['email'])."'";
$result = mysqli_query($link, $query);
$results = mysqli_num_rows($result);
if ($results) $error = "That email address is already registered";
if ($results) $error = "That email address is already registered";
else {
$query="INSERT INTO `users` (`email`, `password`) VALUES('".mysqli_real_escape_string($link, $_POST['email'])."', '".md5(md5($_POST['email']).$_POST['password'])."')";
mysqli_query($link, $query);
$message = "You've been signed up!";
$_SESSION['id']=mysqli_insert_id($link);
header("Location:registration.php");
}
}
}
if ($_POST['submit']=="Log In") {
$query="SELECT * FROM `users` WHERE email='".mysqli_real_escape_string($link, $_POST['loginemail'])."' AND password='".md5(md5($_POST['loginemail']).$_POST['loginpassword'])."' LIMIT 1";
$result = mysqli_query($link, $query);
$row = mysqli_fetch_array($result);
if ($row) {
$_SESSION['id']=$row['id'];
header("Location:dashboard.php");
} else {
$loginerror = "We could not find a user with that email and password. Please try again.";
}
}
?>
profile.php
<?php
session_start();
error_reporting(E_ALL ^ E_NOTICE);
include("connection.php");
$query = "SELECT * FROM `users` WHERE id='".$_SESSION['id']."' LIMIT 1";
$result = mysqli_query($link, $query);
$row = mysqli_fetch_array($result);
$firstname = $row['firstname']; $lastname = $row['lastname']; $gender = $row['gender']; $contact = $row['contact']; $email = $row['email']; $password = $row['password'];
$addressone = $row['addressone']; $addresstwo = $row['addresstwo']; $city = $row['city']; $state = $row['state']; $zip = $row['zip'];
?>
<!-- Head -->
<?php include 'includes/head.php'; ?>
<form class="form-horizontal" id="registrationForm" method="post" action="insertregistration.php">
<div class="center">
<h4 class="text-center">My Profile</h4>
</div>
<br /><br />
<div class="form-group">
<label class="col-md-5 control-label" for="firstname">First Name</label>
<div class="col-md-2">
<input type="text" class="form-control input-md" name="firstname" readonly="readonly" value="<?php echo $firstname; ?>">
</div>
</div>
<div class="form-group">
<label class="col-md-5 control-label" for="lastname">Last Name</label>
<div class="col-md-2">
<input type="text" class="form-control input-md" name="lastname" readonly="readonly" value="<?php echo $lastname; ?>">
</div>
</div>
<div class="form-group">
<label class="col-md-5 control-label" for="gender">Gender</label>
<div class="col-md-1">
<select id="gender" name="gender" class="form-control" >
<option readonly="readonly" value="<?php echo $gender; ?>"><?php echo $gender; ?></option>
</select>
</div>
</div>
<div class="form-group">
<label class="col-md-5 control-label" for="contact">Phone Number</label>
<div class="col-md-2">
<input type="text" class="form-control input-md" name="contact" value="<?php echo $contact; ?>">
</div>
</div>
<div class="form-group">
<label class="col-md-5 control-label" for="email">Email Address</label>
<div class="col-md-2">
<input type="email" class="form-control input-md" name="email" value="<?php echo $email; ?>">
</div>
</div>
<div class="form-group">
<label class="col-md-5 control-label" for="password">Password </label>
<div class="col-md-2">
<input type="password" class="form-control input-md" name="password" value="<?php echo $password; ?>">
</div>
<button input type="submit" class="btn btn-primary">Change Password</button>
</div>
<div class="text-center">
<input type="submit" name="submit" class="btn btn-kani btn-lg" value="Update Profile"/>
</div>
</form>