我尝试创建更改密码页面,但我不知道如何获取用户ID(电子邮件)以完成更改。
这是我的更改密码页面,
<form name="Change Password" class="form-horizontal" method="post" action="adminHandleChangePassword.php">
<div class="form-group">
<label for="InputPassword2">New Password</label>
<input type="password" class="form-control" placeholder="New Password" name="newPassword">
<label for="InputPassword3">Confirm New Password</label>
<input type="password" class="form-control" placeholder="Confirm Password" name="confirmPassword">
</div>
<input type="submit" value="Change Password" class="btn btn-primary">
</form>
这是我的adminHandleChangePassword.php页面,
<?php
session_start();
require 'dbfunction.php';
$con = getDbConnect();
$password1 = mysqli_real_escape_string($con, $_POST['newPassword']);
$password2 = mysqli_real_escape_string($con, $_POST['confirmPassword']);
$user = mysqli_real_escape_string($con, $_SESSION['email']);
if ($password1 != $password2) { echo "Your passwords do not match.";}
else if (mysqli_query($con, "UPDATE adminaccount (email,password) VALUES ('$user', AES_ENCRYPT('$password1','tw8520'))"))
{echo "You have successfully changed your password.";}
else { mysqli_error($con); }
mysqli_close($con);
?>
数据库数据,
答案 0 :(得分:2)
首先这样做。用户名的形式必须有一个值,以便用户查看他的旧用户名。希望这可以帮助。随意提问:
$query=mysql_query("SELECT * FROM adminaccount WHERE email={$_SESSION['email']}");
if($fetch=mysql_fetch_assoc($query)){
echo " <input type='email' class='form-control' value='".$fetch['email']."' name='email'> ";
}
答案 1 :(得分:0)
如果您的数据库中有用户电子邮件,则不需要userID。我想的电子邮件是唯一的,或者你可能将user_id存储在$ _SESSION中。
答案 2 :(得分:0)
我更改了代码的某些部分并且工作正常,
if ($password1 != $password2) { echo "Your passwords do not match.";}
if (mysqli_connect_errno($con)) {
echo "Failed to connect to MySQL: " . mysqli_connect_error();
} else {
mysqli_query($con, "UPDATE adminaccount SET password = AES_ENCRYPT('$password1','st2220') WHERE email = '$user'");
if (mysqli_affected_rows($con) > 0) {
echo "You have successfully changed your password.";
} else {
echo "NO record updated.";
}
mysqli_close($con);
}