问题:更新密码不会更新数据库。我没有正确填写错误消息。我目前正在使用md5(md5哈希。
与数据库的连接非常好,因为我可以在用户下使用print_r会话。
" ID" =只是我作为" userid"插入数据库的名称,这实际上是登录时的电子邮件。
updatepassword.php
<?php
include 'core/login.php';
include 'core/init.php';
protect_page();
$error = "";
if (isset($_POST['submit']) && ($_POST['submit']==="Submit New Password")) {
if (!$_POST['newPassword']) $error.="<br />Please enter your password";
else {
if (strlen($_POST['newPassword'])<8) $error.="<br />Please enter a password with at least 8 characters";
if (!preg_match('`[A-Z]`', $_POST['newPassword'])) $error.="<br />Please enter at least 1 capital letter";
}
if ($_POST['newPassword'] !== $_POST['confirmPassword']) $error.="<br />Your passwords do not match.";
if ($error) $error = "<strong>There were errors in resetting your password:</strong><br />".$error;
else {
$query = "UPDATE users SET password='" . $_POST["newPassword"] . "' WHERE id='" . $_SESSION["id"] . "')";
mysqli_query($link, $query);
$_SESSION['id'] = mysqli_insert_id($link);
}
}
include 'includes/head.php';
?>
表格在同一页面上:
<form method="post" action="">
<div class="form-group">
<label>Current Password *</label>
<input type="text" name="currentPassword" class="form-control input-md" />
</div>
<div class="form-group">
<label>New Password *</label>
<input type="text" name="newPassword" class="form-control input-md" />
</div>
<div class="form-group">
<label>Confirm Password *</label>
<input type="text" name="confirmPassword" class="form-control input-md" />
</div><br />
<div class="text-center">
<input type="submit" name="submit" class="btn btn-success" value="Submit New Password" />
</div>
<div class="text-center">
<button input type="submit" class="btn btn-warning"><a href="updateemail.php" style="text-decoration:none;">Update Email Address</a></button>
</div>
</form>
MD5示例问题切换到其他任何问题,例如$ hash = password_hash($ password,PASSWORD_BCRYPT);导致错误。
$query = "INSERT INTO `users` (`first_name`, `last_name`,`email`, `password`, `gender`, `phone`, `date_of_birth_month`, `date_of_birth_day`, `date_of_birth_year`, `country`, `state`)"
. " VALUES('".mysqli_real_escape_string($link, $_POST['first_name'])."','".mysqli_real_escape_string($link, $_POST['last_name'])."','".mysqli_real_escape_string($link, $_POST['email'])."', '".md5(md5($_POST['email']).$_POST['password'])."','".mysqli_real_escape_string($link, $_POST['gender'])."','".mysqli_real_escape_string($link, $_POST['phone'])."','".mysqli_real_escape_string($link, $_POST['date_of_birth_month'])."','".mysqli_real_escape_string($link, $_POST['date_of_birth_day'])."','".mysqli_real_escape_string($link, $_POST['date_of_birth_year'])."','".mysqli_real_escape_string($link, $_POST['country'])."','".mysqli_real_escape_string($link, $_POST['state'])."')";
mysqli_query($link, $query);
$_SESSION['id'] = mysqli_insert_id($link);
header("Location: dashboard.php");