Question

如果这不是一个合法的问题，我道歉。我在这个网站上到处都是，但我似乎无法获得正确的代码来更新我的密码。我已从多个论坛复制以适合我的表单，但它只是不想工作。我正在尝试更新密码，虽然我知道这是不安全的，只是为了课程目的而尝试这种技术。

问题：更新密码不会更新数据库。我没有正确填写错误消息。我目前正在使用md5（md5哈希。

与数据库的连接非常好，因为我可以在用户下使用print_r会话。

＆＃34; ID＆＃34; =只是我作为＆＃34; userid＆＃34;插入数据库的名称，这实际上是登录时的电子邮件。

updatepassword.php

<?php
    include 'core/login.php'; 
    include 'core/init.php'; 
    protect_page();
    $error = "";
    if (isset($_POST['submit']) && ($_POST['submit']==="Submit New Password")) {
        if (!$_POST['newPassword']) $error.="<br />Please enter your password";
            else {          
                if (strlen($_POST['newPassword'])<8) $error.="<br />Please enter a password with at least 8 characters";
                if (!preg_match('`[A-Z]`', $_POST['newPassword'])) $error.="<br />Please enter at least 1 capital letter";          
            }
            if ($_POST['newPassword'] !== $_POST['confirmPassword']) $error.="<br />Your passwords do not match.";
                if ($error) $error = "<strong>There were errors in resetting your password:</strong><br />".$error;
                    else {  
                    $query = "UPDATE users SET password='" . $_POST["newPassword"] . "' WHERE id='" . $_SESSION["id"] . "')";
                    mysqli_query($link, $query);
                    $_SESSION['id'] = mysqli_insert_id($link); 
        }
    }           
    include 'includes/head.php';    
?>

表格在同一页面上：

<form method="post" action="">
                    <div class="form-group">
                        <label>Current Password *</label>  
                        <input type="text" name="currentPassword" class="form-control input-md" />
                    </div>
                    <div class="form-group">
                        <label>New Password *</label>  
                        <input type="text" name="newPassword" class="form-control input-md" />
                    </div>  
                    <div class="form-group">
                        <label>Confirm Password *</label>  
                        <input type="text" name="confirmPassword" class="form-control input-md" />
                    </div><br />    
                    <div class="text-center"> 
                        <input type="submit" name="submit" class="btn btn-success" value="Submit New Password" />
                    </div>                  
                    <div class="text-center">                   
                        <button input type="submit" class="btn btn-warning"><a href="updateemail.php" style="text-decoration:none;">Update Email Address</a></button>               
                    </div>                                                              
                </form>

MD5示例问题切换到其他任何问题，例如$ hash = password_hash（$ password，PASSWORD_BCRYPT）;导致错误。

$query = "INSERT INTO `users` (`first_name`, `last_name`,`email`, `password`, `gender`, `phone`, `date_of_birth_month`, `date_of_birth_day`, `date_of_birth_year`, `country`, `state`)"
           . " VALUES('".mysqli_real_escape_string($link, $_POST['first_name'])."','".mysqli_real_escape_string($link, $_POST['last_name'])."','".mysqli_real_escape_string($link, $_POST['email'])."', '".md5(md5($_POST['email']).$_POST['password'])."','".mysqli_real_escape_string($link, $_POST['gender'])."','".mysqli_real_escape_string($link, $_POST['phone'])."','".mysqli_real_escape_string($link, $_POST['date_of_birth_month'])."','".mysqli_real_escape_string($link, $_POST['date_of_birth_day'])."','".mysqli_real_escape_string($link, $_POST['date_of_birth_year'])."','".mysqli_real_escape_string($link, $_POST['country'])."','".mysqli_real_escape_string($link, $_POST['state'])."')";
                    mysqli_query($link, $query);
                    $_SESSION['id'] = mysqli_insert_id($link); 
                    header("Location: dashboard.php");

mysql改为mysqli密码

0 个答案: